Security configuration checklists program for IT products : guidance for checklists users and developers / Murugiah Souppaya, John P. Wack, Karen Kent.

Format:

Book

Government document

Author/Creator:

Souppaya, Murugiah

Contributor:

Wack, John P.

Scarfone, Karen

National Institute of Standards and Technology (U.S.)

United States. Department of Homeland Security

Series:

NIST special publication ; 800-70.

NIST special publication. Computer security

NIST special publication ; 800-70. Computer security

Language:

English

Subjects (All):

Information technology--Security measures--Standards.

Information technology.

Computer security--Standards.

Computer security.

Operating systems (Computers).

operating systems.

Genre:

technical reports.

Technical reports

Technical reports.

Physical Description:

1 online resource ([69] pages)

Place of Publication:

Gaithersburg, MD : U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, [2005]

Summary:

The National Institute of Standards and Technology (NIST) has produced Security Configuration Checklists Program for IT Products: Guidance for Checklist Users and Developers to facilitate the development and dissemination of security configuration checklists so that organizations and individual users can better secure their IT products. A security configuration checklist (sometimes called a lockdown or hardening guide or benchmark) is in its simplest form a series of instructions for configuring a product to a particular security level (or baseline). It could also include templates or automated scripts and other procedures. Typically, checklists are created by IT vendors for their own products; however, checklists are also created by other organizations such as consortia, academia, and government agencies. The use of well-written, standardized checklists can markedly reduce the vulnerability exposure of IT products. Checklists may be particularly helpful to small organizations and individuals that have limited resources for securing their systems. This publication is intended for users and developers of IT product security configuration checklists. For checklist users, this document gives an overview of the NIST Checklist Program, explains how to retrieve checklists from NIST's repository, and provides general information about threat discussions and baseline technical security practices for associated operational environments. For checklist developers, the document sets forth the policies, procedures, and general requirements for participation in the NIST Checklist Program.

Notes:

Title from PDF title screen (NIST, viewed Mar. 24, 2011).

"May 2005."

"Sponsored by the Department of Homeland Security"--Cover.

Includes bibliographical references.

Other Format:

Print version: Souppaya, Murugaih. Security configuration checklists program for IT products.

OCLC:

712601577