IT Examiner School, Providence, RI
IT General Controls
Patch management Ensure that management is maintaining up-to-date systems and applications, which reduces network vulnerabilities. Least Privilege Access to systems should be based on least privilege. Employees should not have access to systems or data, unless required to perform their job duties. Anti-Virus (and Malware) Anti-virus software is used to safeguard from malware, including viruses, computer worms, and Trojan horses.
IT General Controls (Continued) Intrusion Prevention Systems(IPS)
A device or application that analyzes traffic looking for patterns or “signatures”, found in known attacks. When malicious traffic is detected, the traffic (packet) is blocked/rejected by the IPS. Intrusion Detection Systems (IDS) An IDS analyzes traffic by comparing traffic to information in its database that contains patterns/signatures found in known exploits. If certain traffic matches a pattern seen in an exploit, the IDS will send a log message or alert detailing the event. Firewalls A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected.
Made with FlippingBook Annual report