IT Examiner School eBook

• Default passwords and accounts changed/disabled

• Length and complexity of password (alphanumeric, uppercase/lowercase, special characters)

• Password expiration period

• Password re-use and history

• Failed login settings (number of attempts and lockout period)

• Screen saver passwords

• Automatic timeouts

• Password reset procedures

• Use of tokens

• Biometric solutions

• Time-of-day and day-of-week restrictions

Procedure 19

Determine whether sufficient controls are in place to prevent the corruption of data and software and to correct problems caused by computer viruses or malware. Assess the following:

• Virus/malware detection practices (e.g., frequency and scope of scans)

• Virus/malware update practices for remote access devices

• Processes for updating virus detection applications (i.e., virus signature and scan engines)

• Automated tools to filter email and web traffic

Control Test

Verify that management obtains, reviews, and acts upon alerts from intrusion detection/prevention systems and other security systems.

Verify that management tracks and remediates findings from vulnerability assessments and penetration tests.

Verify that management obtains and reviews security logs/monitoring reports for operating systems, application systems, and networks.

Verify virus signatures are current on a sample of servers and clients

Procedure 20

Assess system configuration procedures. Consider the following:

Configurations based upon industry standards/vendor recommendations

Configurations standards approved and settings audited

InTREx Mapping

27

Tandem, LLC | Copyright © 2024

Confidential - Internal Use Only