|Paid content will be excluded from the download.
| Matches : 961
|Set Trash to Securely Erase Items
Finder must be configured to always empty Trash securely in order to prevent data recovery tools from accessing the deleted files. Files emptied from the Trash by normal means are still present on the hard drive and can be recovered up until the moment the system overwrites that particular location on disk. A malicious user with physical access to a system could ...
Shut down the Computer if Auditing Fails
The audit service should shut down the computer if it is unable to audit system events. Once audit failure occurs, user and system activitity is no longer recorded and malicious activity could go undetected. Audit processing failures include: software/hardware errors; failures in the audit capturing mechanisms; and audit storage capacity being reached or e ...
Turn on FileVault Disk Encryption (confidentiality and integrity)
FileVault Disk Encryption must be enabled. By encrypting the system hard drive, the confidentiality and integrity of any data stored on the system is ensured.
Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive and tape drive) within an organizational informatio ...
Turn on Firewall Logging
Firewall logging must be enabled. This ensures that malicious network activity will be logged to the system. This requirement is NA if HBSS is used.
Turn on Secure Virtual Memory
Secure virtual memory must be enabled. Secure virtual memory ensures that data in memory is encrypted when it is swapped to disk. This prevents users and applications from accessing potentially sensitive information, such as user names and passwords, from the swap space on the hard drive.
The operating system must retain the session lock until the user reestablishes access using established identification and authentication procedures. Users must be prompted to enter their passwords when unlocking the screensaver. The screensaver acts as a session lock and prevents unauthorized users from accessing the current user's account.
Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. System use notifications are required only for access via logon interfaces with human users and are not required when s ...
The permissions of the ipcs executable should be set as appropriate. The ipcs utility provides information on System V interprocess communication (IPC) facilities on the system.
The owner of the rcp executable must be root. The rcp utility copies files between machines.
The owner of the rlogin executable must be root. The rlogin utility starts a terminal session on a remote host.
Pages:      Start    26    27    28    29    30    31    32    33    34    35    36    37    38    39    ..   96
© 2013 SecPod Technologies