What Are the Controls?
The detailed Consensus Audit Guidelines are posted at http://www.sans.org/cag/ along with detailed control descriptions, examples of attacks they stop or mitigate, how to automate them, and how to test them. Below is the list of control names:

Critical Controls Subject to Automated Measurement and Validation:

1. Inventory of Authorized and Unauthorized Hardware
2. Inventory of Authorized and Unauthorized Software
3. Secure Configurations for Hardware and Software for Which Such Configurations Are Available
4. Secure Configurations of Network Devices Such as Firewalls and Routers
5. Boundary Defense
6. Maintenance and Analysis of Complete Security Audit Logs
7. Application Software Security
8. Controlled Use of Administrative Privileges
9. Controlled Access Based On Need to Know
10. Continuous Vulnerability Testing and Remediation
11. Dormant Account Monitoring and Control
12. Anti-Malware Defenses
13. Limitation and Control of Ports, Protocols and Services
14. Wireless Device Control
15. Data Leakage Protection

Additional Critical Controls (not directly supported by automated measurement and validation):

16. Secure Network Engineering
17. Red Team Exercises
18. Incident Response Capability
19. Assured Data Back-Ups
20. Security Skills Assessment and Training to Fill Gaps

http://sec.chinabyte.com/465/12310465.shtml

http://www.sans.org/critical-security-controls/

SANS top 20的更多相关文章

  1. Top 20 Java Libries Used by Github's Most Popular Java Projects

    Top 20 Java Libries Used by Github's Most Popular Java Projects:

  2. Top 20 NuGet packages for captcha

    Top 20 NuGet packages for captcha CaptchaMvc.Mvc4 CaptchaMvc will implement your web MVC application ...

  3. 机器学习 Top 20 Python 开源项目

    转自:http://mp.weixin.qq.com/s?__biz=MzA4MjEyNTA5Mw==&mid=2652565022&idx=1&sn=9aa035097120 ...

  4. 2015 年开源前端框架盘点 TOP 20

    1.名称:Bootstrap 类别/语言:HTML.CSS.JavaScript 创建者: Twitter 人气:在Github上有91007 stars 描述:主流框架中毋庸置疑的老大,Bootst ...

  5. Top 20 JavaScript Projects of 2017

    https://www.youtube.com/watch?v=SUMn8y3pi28 20. AngularJS 1 19. Passport 18. Pug 17. Socket.IO 16. J ...

  6. 使用Scala开发Apache Kafka的TOP 20大好用实践

    本文作者是一位软件工程师,他对20位开发人员和数据科学家使用Apache Kafka的方式进行了最大限度得深入研究,最终将生产实践环节需要注意的问题总结为本文所列的20条建议. Apache Kafk ...

  7. 【译】快速高效学习Java编程在线资源Top 20

    想要加强你的编程能力吗?想要提升你的 Java 编程技巧和效率吗? 不用担心.本文将会提供快速高效学习 Java 编程的 50 多个网站资源: 开始探索吧: 1.MKyong:许多开发者在这里可以找到 ...

  8. 值得收藏--GitHub Top 20 开源项目

    参考链接:https://github.com/Aufree/trip-to-iOS/blob/master/Top-100.md 项目名称                            项目 ...

  9. Top 20 IoT Platforms in 2018

    https://internetofthingswiki.com/top-20-iot-platforms/634/ After learning what is the internet of th ...

随机推荐

  1. hive 显示表分区真实对应数据路径

    desc formatted l_ad_yclick_html partition (datecol='20160118');

  2. Apache XAMPP Fails to start under Windows XP

    Apache XAMPP Fails to start under Windows XP I’ve been installing XAMPP a hundred times before since ...

  3. Directx 3D编程实例:多个3D球的综合Directx实例

    最近朋友建议我写一些关于微软云技术的博客留给学校下一届的学生们看,怕下一届的MSTC断档.于是我也觉的有这个必要.写了几篇博客之后,我觉得也有必要把这一年的学习内容放在博客做个纪念,就这样写了本篇博客 ...

  4. [Angular 2] NgNonBindable

    If you want to print someting like {{content}} on the html, using ng-non-bindable directive: <div ...

  5. cocos2d-x项目过程记录(跨平台iOS和Android)

    (原创作品,欢迎转载,注明出处,谢谢:http://www.cnblogs.com/binxindoudou/admin/EditPosts.aspx?postid=3205249) 1.配置环境,重 ...

  6. Referenced file contains errors (http://tiles.apache.org/dtds/tiles-config_3_0.dtd)

    java开发时遇到的问题,之前还是好好的,没有错误提示.可是今天一打开项目就出现这种问题.真不知道是怎么回事,在这里求助.错误如下: Referenced file contains errors ( ...

  7. Tips--怎么使用谷歌搜索

    修改hosts即可: hosts在哪? windows下:C:\Windows\System32\drivers\etc 管理员身份打开,并将下载好的hosts文件内容,添加到原有的hosts文件末尾 ...

  8. .NET通信中的同步和异步处理

    同步与异步的概念: .NET中的通信数据处理有同步和异步之分,我理解的同步过程是接收端接收数据,如果数据没有过来,就一直等着(阻塞过程),直到有数据传送过来可以接收,接下来程序才继续向下进行:异步过程 ...

  9. Python 文件的IO

    对文件的操作 #coding=utf-8 #!user/bin/python import os #基本操作和写入文件 fo = open("test2.py",'wb') pri ...

  10. JavaScript Unicode字符操作

    charCodeAt() 方法 定义和用法charCodeAt() 方法可返回指定位置的字符的 Unicode 编码.这个返回值是 0 - 65535 之间的整数.方法 charCodeAt() 与 ...