![]() The company is reluctant/skeptical to implement additional things that are not specifically listed as findings in STIGs or the CIS benchmarks. But the control "establish a secure network" remains the same. On prem guides are useless in a cloud / SaaS world. "establish a secure network" could mean many things depending on your environment - windows hardening would be useless in an all unix shop. I see the value of blocking use of domain admin and enterprise admin accounts to help prevent stolen password hashes and key logging of the password on compromised systems, but the company is only focused on implementation of what’s specifically listed in CIS and NIST controls.įirst off, congrats and welcome to the never ending cybersecurity battle royale - compliance vs hardening / resilience.Ĭontrols are different than implementations and config baselines. This is beyond just principle of least privilege where you avoid giving accounts more rights than they need. For questions about this status, to request a user flair, or if you think that these users have violated this subreddit's policies, please message the mods.Ĭan anyone map a CIS control that maps to the link above that recommends setting up active directory group policy to block domain administrator accounts from logging into workstations and servers that are not Tier 0 assets? This allows subscribers to ask them questions about their areas of expertise while ensuring transparency. security product manufacturers and service providers) to disclose their affiliation. We ask all users with a potential conflict of interest (e.g. /r/cybersecurityjobs (currently closed)Īre you looking for home defense and security systems (alarms, CCTV, ect)?Īre you a security guard or physical security professional?Īre you here to post an advertisement or spam?.Need help with a computer security problem?Īre you looking for a job or looking to hire someone? This subreddit is oriented towards computer security professionals Want to share information or resources? Message The Mods to find out how! You would rather build a relationship with the /r/CyberSecurity community than get banned! Please message the mods before posting links to your own projects or if you have any questions about the advertising policiesĭo not post personally-identifiable information, unless the source has consented to it. Such posts will be heavily monitored and comments may be locked as needed. Posts discussing political issues that affect security are fine, but the post must be geared towards the security implication. No editorializing and no political agendas. This is the guiding principle for all posts. No fundamental security questions or tech support requestsīasic questions on security concepts and fundamentals and requests for tech support are not appropriate for this subreddit. Posts related to burglar alarms, weapons, and similar concepts are not appropriate for this sub. This is not a general security subreddit. Must be relevant to security professionals For example, "why passwords are important" is too fundamental. "This security forum is oriented towards private white hat security professionals." If a post has very basic information, it is not appropriate for this sub. Please note, the 'old' Reddit is no longer kept up to date. This security forum is oriented towards private white hat security professionals. To see the current sidebar and rules you must view them on new reddit. ![]() ![]() Not provided.NOTICE: This sidebar and rules are no longer being updated. This guide was tested against Microsoft SQL Server 2016. This benchmark is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Microsoft SQL Server 2016 on a Microsoft Windows platform. This document provides prescriptive guidance for establishing a secure configuration posture for Microsoft SQL Server 2016. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |