Login or Register to Ask a Question and Join Our Community

learn unix and linux commands

Some Background Notes on the Common Audit Guidelines (CAG)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
# 1  
Old 07-08-2009
Some Background Notes on the Common Audit Guidelines (CAG)
Here's some background on the CAG (Common Audit Guidelines).  The Red Teams have consistently proved that poor configuration and patching practices have made it easy for them to defeat network defenses.  This determination lead to the Air Force approaching Microsoft and insisting that new desktop software application come with a standard secure configuration.  This was the genesis of what is now known as the Federal Desktop Core Configuration (FDCC.) FDCC uses Red Team knowledge about attacker techniques to protect systems and network vulnerabilities used by attackers to break into systems.  This in turn, has led to the Twenty Critical Security Controls (the “CAG” not to be confused with the older abbreviation for Carrier, Air Group used by the Navy.)  In the IA context, CAG is the follow-on to the FDCC.  It extends the mandate that “offense must teach defense” to identify all 20 critical controls that ensure systems are protected against most known attack vectors and that the systems are configured adequately so that attack software that does get through can be found and eliminated quickly.  The demonstrated collateral benefits of these efforts include saving costs in terms of configuration management and patching plus reducing help desk calls.

Image
Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Programming guidelines and style

Hello all, I would like to know if there is a generally accepted unix shell programming Guideline? Do you have any idea where to find this? There are a lot of programming Guidelines to find over Google, but is there one who is generally accepted? (3 Replies)
Discussion started by: API
3 Replies

2. AIX

When AIX audit start, How to set the /audit/stream.out file size ?

Dear All When I start the AIX(6100-06)audit subsystem. the log will save in /audit/stream.out (or /audit/trail), but in default when /audit/stream.out to grow up to 150MB. It will replace the original /audit/stream.out (or /audit/trail). Then the /audit/stream.out become empty and... (2 Replies)
Discussion started by: nnnnnnine
2 Replies

3. What is on Your Mind?

Guidelines for Posting Here

This area is not for forum specific technical questions. Please post forum specific technical questions in the best forum, not in the lounge. However, if your idea or question is not covered clearly in a forum, please post it here. Discuss whatever is on your mind. Technical topics welcome... (0 Replies)
Discussion started by: Neo
0 Replies

4. Forum Support Area for Unregistered Users & Account Problems

Guidelines For Posting Here

This area is not for technical questions. It is reserved for unregistered users who have a question or registered users who have trouble with their account. Other posts will be deleted by the moderators. (0 Replies)
Discussion started by: Neo
0 Replies
Login or Register to Ask a Question