P. 1
Assessment Questions

Assessment Questions

5.0

|Views: 1,400|Likes:
Published by John Croson
Security audit assessment questions.
Security audit assessment questions.

More info:

Published by: John Croson on Apr 01, 2008
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

11/28/2012

pdf

text

original

Assessment Questions: Servers Vendors and models.

yes no comments

Are servers up to date with patches? What services are open? Are the services needed? Is/Are the device/devices positioned correctly in the network? What are all secure and non-secure interfaces? What is the history of the servers? Is there a process for making any changes? Who is responsible for account management? Are the logs being checked? Who is responsible for reviewing the logs? What are password policies for the network? What is the physical security of the server equipment? Backups / UPS What type of backups and rotations are in place? Are the tapes stored off-site or on site? Is the data encrypted and/or secure? Is there an emergency data recovery plan? Is there power failover protection?

Virus / Spam / Spyware What brand/version of virus protection is present? How often are the definitions updated? Are the updates automatic? What brand/version of spam protection? Is there spyware protection? Does the company have an internet / acceptable use policy?

Firewall Vendor and model. Is system up to date with patches? Is the position in the network correct? Is there IDS present? Is logging enabled and checked? What ports are open/forwarded and to what hosts?

WAN What type of logs can we get from the ISP? What type of monitoring is done on the connections? May we perform vulnerability scans on these devices? Can we obtain routing information?

LAN What are the standards of cables used? What is the network topology? i.e. Bus, Linear, Star, Hybrid, Mesh, Ring What is the layout of cabling and devices? What types of routers, hubs and switches are used? Do they have user name and password to access? Is change management used when changing routers or switch configurations? Who approves these changes? What is the policy regarding connecting to LAN? What is the policy regarding activating ports? Who has access to physical space? Is there a policy for connecting external vendors to the LAN? Is physical security practiced properly for accessing premises and process for activating and deactivating badges, LAN ports and LAN connection drops? If there is Wireless access, is encryption used? If so, what type? Are workstation applications and OS patched? Is there change management at the workstation level for hardware/software? Is there Virus/Spyware protection at the workstation? Is it managed by IT, or user level?

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->