CompIete System Administrator CheckIist

Area Tasks Status Notes TooIs References
Review Audit logs Check application log for warning and error messages for
service startup errors, application or database errors and
unauthorized application installs
Windows Event
Viewer
Check security log for warning and error messages for invalid
logons, unauthorized user creating, opening or deleting files
Check system log for warning and error messages for
hardware and network failures
Check web/database/application logs for warning and error
messages
Check directory services log on domain controllers
Report suspicious activity to ÌAO
Perform/verify daily
backup
Run and/or verify that a successful backup of system and
data files has completed
Windows Backup
Tool
Run and/or verify that a successful backup of Active Directory
files has completed on at least one Domain Controller
Veritas Backup
Software
Track/monitor system
performance and
activity
Check for memory usage Microsoft
Management
Console
www.Microsoft.com -
Monitoring Server
performance
Check for system paging Performance Log
and Alerts
Check CPU usage Task Manager
System Monitor
Microsoft
Operations
Manager
Check free hard-drive
space
Check all drives for adequate free space Disk Defragmenter www.Microsoft.com -
Monitoring Server
performance
Take appropriate action as specified by site's Standard
Operating
Disk Management
Disk Quotas
Physical checks of
system
Visually check the equipment for amber lights, alarms, etc.
Take appropriate action as specified by site's Standard
Operating
Archive Audit logs Archive audit logs to a media device with one year retention
Perform/verify weekly
backup
Run or verify that a successful backup of system and data
files has been completed
Windows Backup
Tool
Veritas Backup
Software
Update Anti-Virus
signature file
Download and install current Anti-Virus signature files www.cert.mil
Run Anti-Virus scan on
all hard-drives
Scan all hard-drives using current Anti-Virus signature files
Check Vendor Websites
for Patch Ìnformation
Check vendor websites such as Microsoft, Sun, HP, Oracle,
etc for new vulnerability information including patches and
hotfixes
http://iase.disa.mil - DoD
Patch Repository
www.cert.mil
Compare system
configuration files
against a baseline for
changes
Compare system configuration files against the baseline Unix Tripwire
Compare application executables against the baseline
Compare database stored procedures against the baseline
Run file system integrity
diagnostics
Run diagnostic tools to detect any system problems Disk Defragmenter www.Microsoft.com -
Managing Disks and
Volumes
Error-checking tool
Device Manager
Verify Retina
Vulnerability Scan
Performed (SCCVÌ)
Verify system scanned by ÌAO or NSO using Retina tool to
detect for vulnerabilities
http://iase.disa.mil - DoD
ÌA Enterprise-wide Tools
and Software: SCCVÌ
(DoD PKÌ cert req'd)
Remediate with Citadel
Hercules remediation
Tool (SCRÌ)
Verify Hercules remediation tool is used on system to correct
vulnerabilities
http://iase.disa.mil - DoD
ÌA Enterprise-wide Tools
and Software: SCCVÌ
(DoD PKÌ cert req'd)
Check for Password
Files
Perform file search on system checking for documents
containing words such as 'password', 'passwd', 'pwd', etc
DaiIy
WeekIy
Perform Wireless
Check
Check system for wireless devices and access http://iase.disa.mil -
Security Technical
Ìmplementation Guides
(STÌGs)
Perform server
clock/time
synchronization
Synchronize system clock with master server Windows Time
Service
www.Microsoft.com -
Windows Time Service
References Tools - Unix
/Windows
NTP
Check for Unnecessary
Services
Check system services for any unnecessary services running

Perform Self-
Assessment Security
Review
Review technology checklist for any changes DÌSA FSO Gold
Disk and Scripts
http://iase.disa.mil - DoD
ÌA Enterprise-wide Tools
and Software:
Run current security review tool eEye Retina
Scanner
Gold Disk (.mil only)
Ìmport results into Vulnerability Management System (VMS) Citadel Hercules
Remediation Tool
http://iase.disa.mil - ÌA
Subject Matter Areas:
Security Technical
Tools - UNÌX Ìmplementation Guides -
STÌGS: Security
Readiness Review
Evaluation Scripts
DÌSA FSO Scripts
eEye Retina
Scanner
Citadel Hercules
Remediation Tool
Perform
Hardware/Software
Ìnventory
Review hardware and compare to inventory list
Review software and compare to inventory list
Update VMS, where applicable
Run Password-Cracking
Tool (Domain
Controller only)
Run (or verify ÌAO team has run) a password-cracking tool to
detect weak passwords
John-the-Ripper
Provide output to ÌAO team L0phtCrack
Tools - UNÌX
Crack
Tools available on
DÌSA FSO Gold
Disk (Windows) and
DÌSA FSO Scripts
(UNÌX)
Perform/verify monthly
backup
Run or verify that a successful backup of system and data
files has been completed
Windows Backup
Tool
Veritas Backup
Software
Verify User Account
Configuration
Run DumpSec tool to verify user account configuration Tool available on
DÌSA FSO Gold
Disk (Windows)
Verify and/or delete dormant accounts with ÌAO approval
Provide output to ÌAO team
Test backup/restore
procedures
Restore backup files to a test system to verify procedures and
files
Windows Backup
and Recovery Tool
Veritas Backup
Software
Change Service-
Account passwords
Work with appropriate application administrator to ensure
password changes for service accounts such as database
accounts, application accounts and other service accounts are
implemented
Review appropriate
Security Technical
Ìmplementation Guides
(STÌG)
Review appropriate STÌGs which are updated annually
Participate in STÌG
Technical Ìnterchange
Meetings (TÌM), when
possible
Participate in TÌMs to exchange information about updated
STÌGs, etc.
Review training
requirements
Review training requirements according to DoD Directive
8570.1
http://iase.disa.mil - ÌA
Subject Matter Areas:
Policy and Guidance
As Required Test Patches and Hotfixes
Ìnstall Patches and Hotfixes
Schedule Downtime for Reboots
onthIy
AnnuaIIy
QuarterIy
Apply OS upgrades and service packs
Create/maintain user and groups accounts
Set user and group security
After system
configuration changes:
Create Emergency System Recovery Data
Create new system configuration baseline
Document System Configuration Changes
Review and update SSAA
Update VMS for Asset Changes
Update VMS for ÌAVMs

3/309471.3/077472088..071/.733.70.:5 0.. -.08147 .0-.889024147.:708 0.7/.

80./.-.9.

994 #:3.3/.08 0..55.3/07747 2088.43974078 #054798:85.947807.4:8./70.733.3..94348147...08443/42.9.

3/  /.0719.9.:54188902.0881:-.108.8..3/.425090/ #:3..9.47.8:.

748419 .3/0798 %.04 .9.3.07 $890243947 .:541..8.:5 $419.90.8:.425090/43.47.9.3.0 %7.42  439473$07.02039 43840 !071472.3.34397407 0..0881:-.8...0719.14720247:8.8943042.203907  .748419 507..07 5071472.748419 .9438 ..8.0 3/48.70 .3.947 108.070.07 8017.3.:5 %44 '079.

8850.9.841 88902 '8:.748419 ..557457.0 %..10/-890 8$9.02039 8":49.90.3/ .557457.93 8.0.07 5071472.0 85.2-0798 .3/.0 0.7/ 507./7.8850..147889025. %.728 09.42  439473$07..08147.0.3.0  .0.0:/948 !071472.90170085.93 !8./06:.0.10/-890 8$9.3.3 0...3.7/ /7.24394788902 5071472..3/.1700..8 00 7.943..7/ 507.0.90.9 0.0 0.!&:8.9006:52039147..943..

..:7703939 '7:883.9:7010 #:339 '7:88.03/470-89088:.08.:307.943 09.431:7.:5 7..9039 '7:8 434.943108.20/...943108 .3/ 49108  425.8.-931472..9.08:83.. 108.-..0881:-.8030 &3%7570 3/48.343 $.7088902 .....8030147 .9:70108 83.:/35..31472.:/94894.3.7/ /7.3/389.7088902.70  ..8.:54188902.8:.431:7..:5 $419..:7703939 '7:883.'03/470-8908 0...:5 %44 '079.9.9.748419 $:3 !  7.079 2 995.07100 -./.770903943 #:347..425090/  &5/.08 0.9:70108 .3//.308 425.0  147!.9.389./0.0.14730.0719.9433.8-003.38990-.7/ /7.094300.

.

3. 2 4 !.3/ '4:208 7747 ..8030 425..0/:708.:9.-9$..8 8017.203907  .0.3944 0..#0548947  .330/- 47$ :83#093.9.70.3 !0714720/ $' '071889028. ':307.42  .079 2 425.:307.55.944894/090.38990-.9147.94300.388902574-028 /.8089470/574.8030 #:3108890239079 #:3/..38990-.388.07 '071#093.-08.70/...9.-.-908 995.3489.94494 /090.9.3489.3.748419 .0.80 /8.

.

70$' 4!.3/$419.. 2 4 39075780 /0%448 .079706 / 995.80 /8.

.

439.3147/4.0.8847/  5. #020/.:087020/.88/  5/ 09.9099.3347/88:.:087020/.4770.4388902.-908 %44 $# .:20398 . 2 4 39075780 /0%448 .8 5.3/$419./0 '07107.7..8847/ 08 !0714721080..9 07.70$' 4!.80 /8.9439448:80/438890294.079706 / 0.943 .:307.147!.

!07147270088 0.3/.8890214770088/0. 0..08...088 !071472807..4.07 .

.0 %448 &3 .743.943 $3.8907807.07 3/48%20 $07.920 83.92.4.743088902.

3/48 %! 995.

.

7 0..7807..89147..3/$..08 0.147&330.88902807.3:330.42  3/48%20$07.08147.0.090./007.7598 00#093.748419 ..0 #0.:79 #0.943:/08 $%8  .088.344.3..943%44 %448 & 995.:79%0.80 /8.088..:08 #020/.308 $$ 4/ 8.. $.0 #010703.08  439 !071472$01 880882039$0. 2502039.3307 9.3. 2  $0.087:333 $07.

.

70 4/8 243 995.3/$419. 2 4 39075780 /0%448 ..80 /8.

.

.0944 25479708:98394':307.:79 #0. 2502039.:7970.3307 9.:7703980. 2  $:-0.:08 #020/./3088#0.9..943$.3.70.990770. $.80 /8.02039$8902 '$  $$ $.-9.7/.:../007.3.7598 00#093.943:/08  $%$$0.7598 #:3..8 $0.943%44 !071472 .:79%0.0 .

..70 3..70943.70.3 /090.5.394494 %44 42. %448 & 7.:5 %44 '079..3/.7.2.70....8847/ .2  43 90 #5507  597..5.0.8.8847/8 439740743 !74.425.3/.3/ $$ $.0394789 #0.70943.03947 #0.3 #:3 47.55.87:3 ..7598 & 3/48.-043 $$ 4/ 8 3/48 .7/.90. %448.08419...90'$ 070.$419.:5 $419.70 %44./04:95:994 90..0394789 &5/.071 90.8847/ 7.425.-0 #:3!..-043 $$ 4/ 8 3/48 !071472.

...9. -.8-003.425090/ '071&807.431:7.0719..071:807.94494.4:39.9.8:.943 #:3:25$0..4:39 431:7..:5 108.0712439 #:347.3/.:54188902.0881:-..943 '071.3//.

7907 %089-../04:95:994 90...:5. !74..47/0090/472.2 ":.39.5574.4:3989 .

79.3....33:.55..9.55.90.30 00938 % 03 5488-0 #0.943.3/ 108  3/48.557457.557457.90$%8.0   %089!..0.9.3/49108 389...903$% %0.08.097..-4:9:5/.071574.308147807..70:5/.08..70 33:.903%8940.90/..097.-..3/#0.:79%0.0 . #0.5.0.33706:7020398. #0.3031472..943.30$07.3/49108 $..4..3/4907807...47/394470..90/ $%8 09./23897.8.0/:708 #089470-.90898890294.8/..3907.:5 $419.5.0/:043920147#0-4498 995.3. .8847/8 479.07%44 '079..79. 2502039..90 $0.4:395.557457...0/:708.!.9.943.943:/08 $% !.8847/.0.4:398.33 706:7020398 8#06:70/ !..:5 ..4:398.0.7089470 574.94794038:70 5.80 .4:3988:.70 25020390/ #0..:510894.9.4:398 .

.

990770.9. 2  $:-0.80 /8...0 .3/:/.8 !4.3.

943.190788902 .308 55 $:57.90.05.431:7../08...8 70.3/807.

90'$1478809.2.90$$ &5/.308 &5/.8030 4.3/:5/.903088902.9.39. 70.07..943-.308 #0.3/74:580.:2039$8902431:7.0..$8902#0.3/74:58.90'$147'8 .9020703.943.4.3:807.:79 70.431:7.4:398 $09:807.

Sign up to vote on this title
UsefulNot useful