Advertisement
opexxx

CIS_Controls_v.8

Jun 5th, 2021 (edited)
255
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.61 KB | None | 0 0
  1. #01. Inventory and Control of Enterprise Assets
  2.  
  3. 1.1 Establish and Maintain Detailed Enterprise Asset Inventory
  4. 1.2 Address Unauthorized Assets
  5. 1.3 Utilize an Active Discovery Tool
  6. 1.4 Use Dynamic Host Configuration Protocol (DHCP) Logging to Update Enterprise Asset Inventory
  7. 1.5 Use a Passive Asset Discovery Tool
  8.  
  9. #02. Inventory and Control of Software Assets
  10.  
  11. 2.1 Establish and Maintain a Software Inventory
  12. 2.2 Ensure Authorized Software is Currently Supported
  13. 2.3 Address Unauthorized Software
  14. 2.4 Utilize Automated Software Inventory Tools
  15. 2.5 Allowlist Authorized Software
  16. 2.6 Allowlist Authorized Libraries
  17. 2.7 Allowlist Authorized Scripts
  18.  
  19. #03. Data Protection
  20.  
  21. 3.1 Establish and Maintain a Data Management Process
  22. 3.2 Establish and Maintain a Data Inventory
  23. 3.3 Configure Data Access Control Lists
  24. 3.4 Enforce Data Retention
  25. 3.5 Securely Dispose of Data
  26. 3.6 Encrypt Data on End-User Devices
  27. 3.7 Establish and Maintain a Data Classification Scheme
  28. 3.8 Document Data Flows
  29. 3.9 Encrypt Data on Removable Media
  30. 3.10 Encrypt Sensitive Data in Transit
  31. 3.11 Encrypt Sensitive Data at Rest
  32. 3.12 Segment Data Processing and Storage Based on Sensitivity
  33. 3.13 Deploy a Data Loss Prevention Solution
  34. 3.14 Log Sensitive Data Access
  35.  
  36. #04. Secure Configuration of Enterprise Assets and Software
  37.  
  38. 4.1 Establish and Maintain a Secure Configuration Process
  39. 4.2 Establish and Maintain a Secure Configuration Process for Network Infrastructure
  40. 4.3 Configure Automatic Session Locking on Enterprise Assets
  41. 4.4 Implement and Manage a Firewall on Servers
  42. 4.5 Implement and Manage a Firewall on End-User Devices
  43. 4.6 Securely Manage Enterprise Assets and Software
  44. 4.7 Manage Default Accounts on Enterprise Assets and Software
  45. 4.8 Uninstall or Disable Unnecessary Services on Enterprise Assets and Software
  46. 4.9 Configure Trusted DNS Servers on Enterprise Assets
  47. 4.10 Enforce Automatic Device Lockout on Portable End-User Devices
  48. 4.11 Enforce Remote Wipe Capability on Portable End-User Devices
  49. 4.12 Separate Enterprise Workspaces on Mobile End-User Devices
  50.  
  51. #05. Account Management
  52.  
  53. 5.1 Establish and Maintain an Inventory of Accounts
  54. 5.2 Use Unique Passwords
  55. 5.3 Disable Dormant Accounts
  56. 5.4 Restrict Administrator Privileges to Dedicated Administrator Accounts
  57. 5.5 Establish and Maintain an Inventory of Service Accounts
  58. 5.6 Centralize Account Management
  59.  
  60. #06. Access Control Management
  61.  
  62. 6.1 Establish an Access Granting Process
  63. 6.2 Establish an Access Revoking Process
  64. 6.3 Require MFA for Externally-Exposed Applications
  65. 6.4 Require MFA for Remote Network Access
  66. 6.5 Require MFA for Administrative Access
  67. 6.6 Establish and Maintain an Inventory of Authentication and Authorization Systems
  68. 6.7 Centralize Access Control
  69. 6.8 Define and Maintain Role-Based Access Control
  70.  
  71. #07. Continuous Vulnerability Management
  72.  
  73. 7.1 Establish and Maintain a Vulnerability Management Process
  74. 7.2 Establish and Maintain a Remediation Process
  75. 7.3 Perform Automated Operating System Patch Management
  76. 7.4 Perform Automated Application Patch Management
  77. 7.5 Perform Automated Vulnerability Scans of Internal Enterprise Assets
  78. 7.6 Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets
  79. 7.7 Remediate Detected Vulnerabilities
  80.  
  81. #08. Audit Log Management
  82.  
  83. 8.1 Establish and Maintain an Audit Log Management Process
  84. 8.2 Collect Audit Logs
  85. 8.3 Ensure Adequate Audit Log Storage
  86. 8.4 Standardize Time Synchronization
  87. 8.5 Collect Detailed Audit Logs
  88. 8.6 Collect DNS Query Audit Logs
  89. 8.7 Collect URL Request Audit Logs
  90. 8.8 Collect Command-Line Audit Logs
  91. 8.9 Centralize Audit Logs
  92. 8.10 Retain Audit Logs
  93. 8.11 Conduct Audit Log Reviews
  94. 8.12 Collect Service Provider Logs
  95.  
  96. #09. Email and Web Browser Protections
  97.  
  98. 9.1 Ensure Use of Only Fully Supported Browsers and Email Clients
  99. 9.2 Use DNS Filtering Services
  100. 9.3 Maintain and Enforce Network-Based URL Filters
  101. 9.4 Restrict Unnecessary or Unauthorized Browser and Email Client Extensions
  102. 9.5 Implement DMARC
  103. 9.6 Block Unnecessary File Types
  104. 9.7 Deploy and Maintain Email Server Anti-Malware Protections
  105.  
  106. #10. Malware Defenses
  107.  
  108. 10.1 Deploy and Maintain Anti-Malware Software
  109. 10.2 Configure Automatic Anti-Malware Signature Updates
  110. 10.3 Disable Autorun and Autoplay for Removable Media
  111. 10.4 Configure Automatic Anti-Malware Scanning of Removable Media
  112. 10.5 Enable Anti-Exploitation Features
  113. 10.6 Centrally Manage Anti-Malware Software
  114. 10.7 Use Behavior-Based Anti-Malware Software
  115.  
  116. #11. Data Recovery
  117.  
  118. 11.1 Establish and Maintain a Data Recovery Process
  119. 11.2 Perform Automated Backups
  120. 11.3 Protect Recovery Data
  121. 11.4 Establish and Maintain an Isolated Instance of Recovery Data
  122. 11.5 Test Data Recovery
  123.  
  124. #12. Network Infrastructure Management
  125.  
  126. 12.1 Ensure Network Infrastructure is Up-to-Date
  127. 12.2 Establish and Maintain a Secure Network Architecture
  128. 12.3 Securely Manage Network Infrastructure
  129. 12.4 Establish and Maintain Architecture Diagram(s)
  130. 12.5 Centralize Network Authentication, Authorization, and Auditing (AAA)
  131. 12.6 Use of Secure Network Management and Communication Protocols
  132. 12.7 Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure
  133. 12.8 Establish and Maintain Dedicated Computing Resources for All Administrative Work
  134.  
  135. #13. Network Monitoring and Defense
  136.  
  137. 13.1 Centralize Security Event Alerting
  138. 13.2 Deploy a Host-Based Intrusion Detection Solution
  139. 13.3 Deploy a Network Intrusion Detection Solution
  140. 13.4 Perform Traffic Filtering Between Network Segments
  141. 13.5 Manage Access Control for Remote Assets
  142. 13.6 Collect Network Traffic Flow Logs
  143. 13.7 Deploy a Host-Based Intrusion Prevention Solution
  144. 13.8 Deploy a Network Intrusion Prevention Solution
  145. 13.9 Deploy Port-Level Access Control
  146. 13.10 Perform Application Layer Filtering
  147. 13.11 Tune Security Event Alerting Thresholds
  148.  
  149. #14. Security Awareness and Skills Training
  150.  
  151. 14.1 Establish and Maintain a Security Awareness Program
  152. 14.2 Train Workforce Members to Recognize Social Engineering Attacks
  153. 14.3 Train Workforce Members on Authentication Best Practices
  154. 14.4 Train Workforce on Data Handling Best Practices
  155. 14.5 Train Workforce Members on Causes of Unintentional Data Exposure
  156. 14.6 Train Workforce Members on Recognizing and Reporting Security Incidents
  157. 14.7 Train Workforce on How to Identify and Report if Their Enterprise Assets are Missing Security Updates
  158. 14.8 Train Workforce on the Dangers of Connecting to and Transmitting Enterprise Data Over Insecure Networks
  159. 14.9 Conduct Role-Specific Security Awareness and Skills Training
  160.  
  161. #15. Service Provider Management
  162.  
  163. 15.1 Establish and Maintain an Inventory of Service Providers
  164. 15.2 Establish and Maintain a Service Provider Management Policy
  165. 15.3 Classify Service Providers
  166. 15.4 Ensure Service Provider Contracts Include Security Requirements
  167. 15.5 Assess Service Providers
  168. 15.6 Monitor Service Providers
  169. 15.7 Securely Decommission Service Providers
  170.  
  171. #16. Application Software Security
  172.  
  173. 16.1 Establish and Maintain a Secure Application Development Process
  174. 16.2 Establish and Maintain a Process to Accept and Address Software Vulnerabilities
  175. 16.3 Perform Root Cause Analysis on Security Vulnerabilities
  176. 16.4 Establish and Manage an Inventory of Third-Party Software Components
  177. 16.5 Use Up-to-Date and Trusted Third-Party Software Components
  178. 16.6 Establish and Maintain a Severity Rating System and Process for Application Vulnerabilities
  179. 16.7 Use Standard Hardening Configuration Templates for Application Infrastructure
  180. 16.8 Separate Production and Non-Production Systems
  181. 16.9 Train Developers in Application Security Concepts and Secure Coding
  182. 16.10 Apply Secure Design Principles in Application Architectures
  183. 16.11 Leverage Vetted Modules or Services for Application Security Components
  184. 16.12 Implement Code-Level Security Checks
  185. 16.13 Conduct Application Penetration Testing
  186. 16.14 Conduct Threat Modeling
  187.  
  188. #17. Incident Response Management
  189.  
  190. 17.1 Designate Personnel to Manage Incident Handling
  191. 17.2 Establish and Maintain Contact Information for Reporting Security Incidents
  192. 17.3 Establish and Maintain an Enterprise Process for Reporting Incidents
  193. 17.4 Establish and Maintain an Incident Response Process
  194. 17.5 Assign Key Roles and Responsibilities
  195. 17.6 Define Mechanisms for Communicating During Incident Response
  196. 17.7 Conduct Routine Incident Response Exercises
  197. 17.8 Conduct Post-Incident Reviews
  198. 17.9 Establish and Maintain Security Incident Thresholds
  199.  
  200. #18. Penetration Testing
  201.  
  202. 18.1 Establish and Maintain a Penetration Testing Program
  203. 18.2 Perform Periodic External Penetration Tests
  204. 18.3 Remediate Penetration Test Findings
  205. 18.4 Validate Security Measures
  206. 18.5 Perform Periodic Internal Penetration Tests
  207.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement