Scribd Logo
Upload

Welcome to Scribd!

  • System Administrator Checklist

    Uploaded by

    Suresh Babu
    10 views7 pages
    sadfafsd

    Original Title

    4623275 System Administrator Checklist

    Copyright

    © © All Rights Reserved

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    sadfafsd

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views7 pages

    System Administrator Checklist

    Uploaded by

    Suresh Babu
    sadfafsd

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    System Administrator Checklist

    Daily
    Review Audit logs
    Tasks Check application log for warning and error messages for service startup errors, application or database errors and unauthorized application installs Check security log for warning and error messages for invalid logons, unauthorized user creating, opening or deleting files Check system log for warning and error messages for hardware and network failures Check web/database/application logs for warning and error messages Check directory services log on domain controllers Report suspicious activity to IAO Tools !indows "vent #iewer

    Perform/verify daily backup


    Tasks Run and/or verify that a successful backup of system and data files has completed Run and/or verify that a successful backup of Active $irectory files has completed on at least one $omain Controller Tools !indows %ackup &ool #eritas %ackup 'oftware

    Track/monitor system performance and activity


    Tasks Check for memory usage Check for system paging Check C() usage References www*+icrosoft*com , +onitoring 'erver performance Tools !indows +icrosoft +anagement Console (erformance -og and Alerts &ask +anager 'ystem +onitor +icrosoft Operations +anager

    Check free hard drive space


    Tasks Check all drives for ade.uate free space &ake appropriate action as specified by site/s 'tandard Operating (rocedures References www*+icrosoft*com , +onitoring 'erver performance Tools !indows $isk $efragmenter $isk +anagement $isk 0uotas

    Physical checks of system


    Tasks #isually check the e.uipment for amber lights, alarms, etc* &ake appropriate action as specified by site/s 'tandard Operating (rocedures

    !eekly
    Archive Audit logs
    Tasks Archive audit logs to a media device with one year retention

    Perform/verify weekly backup


    Tasks Run or verify that a successful backup of system and data files has been completed Tools !indows %ackup &ool #eritas %ackup 'oftware

    "pdate Anti #irus signature file


    Tasks $ownload and install current Anti,#irus signature files Downloads www*cert*mil

    Run Anti #irus scan on all hard drives


    Tasks 'can all hard,drives using current Anti,#irus signature files

    Check #endor !ebsites for Patch $nformation


    Tasks Check vendor websites such as +icrosoft, 'un, 1(, Oracle, etc for new vulnerability information including patches and hotfi2es Downloads http3//iase*disa*mil www*cert*mil $o$ (atch Repository

    Compare system configuration files against a baseline for changes


    Tasks Compare system configuration files against the baseline Compare application e2ecutables against the baseline Compare database stored procedures against the baseline Tools )ni2 &ripwire

    Run file system integrity diagnostics


    Tasks Run diagnostic tools to detect any system problems References www*+icrosoft*com , +anaging $isks and #olumes Tools !indows $isk $efragmenter "rror,checking tool $evice +anager

    #erify Retina #ulnerability Scan Performed %SCC#$&


    Tasks #erify system scanned by IAO or 4'O using Retina tool to detect for vulnerabilities Downloads http3//iase*disa*mil $o$ IA "nterprise,wide &ools and 'oftware3 'CC#I 5$o$ (6I cert re./d7

    Remediate with Citadel 'ercules remediation Tool %SCR$&


    Tasks #erify 1ercules remediation tool is used on system to correct vulnerabilities Downloads http3//iase*disa*mil $o$ IA "nterprise,wide &ools and 'oftware3 'CC#I 5$o$ (6I cert re./d7

    Check for Password (iles


    Tasks

    (erform file search on system checking for documents containing words such as /password/, /passwd/, /pwd/, etc

    Perform !ireless Check


    Tasks Check system for wireless devices and access References http3//iase*disa*mil , 'ecurity &echnical Implementation 8uides 5'&I8s7

    Perform server clock/time synchroni)ation


    Tasks 'ynchronize system clock with master server References www*+icrosoft*com !indows &ime 'ervice Tools !indows !indows &ime 'ervice Tools )ni2 /!indows 4&(

    Check for "nnecessary Services


    Tasks Check system services for any unnecessary services running

    *onthly
    Perform Self Assessment Security Review
    Tasks Review technology checklist for any changes Run current security review tool Import results into #ulnerability +anagement 'ystem 5#+'7 Downloads http3//iase*disa*mil $o$ IA "nterprise,wide &ools and 'oftware3 8old $isk 5*mil only7 http3//iase*disa*mil IA 'ub9ect +atter Areas3 'ecurity &echnical Implementation 8uides '&I8'3 'ecurity Readiness Review "valuation 'cripts Tools !indows $I'A :'O 8old $isk and 'cripts e"ye Retina 'canner Citadel 1ercules Remediation &ool Tools )4I; $I'A :'O 'cripts e"ye Retina 'canner Citadel 1ercules Remediation &ool

    Perform 'ardware/Software $nventory


    Tasks Review hardware and compare to inventory list Review software and compare to inventory list )pdate #+', where applicable

    Run Password Cracking Tool 5$omain Controller only7


    Tasks Run 5or verify IAO team has run7 a password,cracking tool to detect weak passwords (rovide output to IAO team Tools !indows <ohn,the,Ripper -=phtCrack Tools , )4I; Crack Tools available on $I'A :'O 8old $isk 5!indows7 and $I'A :'O 'cripts 5)4I;7

    Perform/verify monthly backup


    Tasks Run or verify that a successful backup of system and data files has been completed Tools !indows %ackup &ool #eritas %ackup 'oftware

    #erify "ser Account Configuration


    Tasks Run $ump'ec tool to verify user account configuration #erify and/or delete dormant accounts with IAO approval (rovide output to IAO team Tool available on $I'A :'O 8old $isk 5!indows7

    +uarterly
    Test backup/restore procedures
    Tasks Restore backup files to a test system to verify procedures and files

    Tools !indows %ackup and Recovery &ool #eritas %ackup 'oftware

    Annually
    Change Service Account passwords
    Tasks !ork with appropriate application administrator to ensure password changes for service accounts such as database accounts, application accounts and other service accounts are implemented

    Review appropriate Security Technical $mplementation ,uides 5'&I87


    Tasks Review appropriate '&I8s which are updated annually

    Participate in ST$, Technical $nterchange *eetings 5&I+7, when possible


    Tasks (articipate in &I+s to e2change information about updated '&I8s, etc*

    Review training re-uirements


    Tasks Review training re.uirements according to $o$ $irective >?@=*A References http3//iase*disa*mil IA 'ub9ect +atter Areas3 (olicy and 8uidance

    As Re-uired
    Test Patches and 'otfi.es $nstall Patches and 'otfi.es Schedule Downtime for Reboots Apply /S upgrades and service packs Create/maintain user and groups accounts Set user and group security

    After system configuration changes3


    Create 0mergency System Recovery Data Create new system configuration baseline Document System Configuration Changes

    Review and update SSAA "pdate #*S for Asset Changes "pdate #*S for $A#*s

    You might also like