NIST Special Publication 800-123 Guide to General Server Security

NIST Special Publication 800-123 Guide to General Server Security

Author: Nist

Publisher:

Published: 2012-02-29

Total Pages: 54

ISBN-13: 9781470157432

DOWNLOAD EBOOK

This is a Hard copy of the NIST Special Publication 800-123 Guide to General Server Security The purpose of this document is to assist organizations in understanding the fundamental activities performed as part of securing and maintaining the security of servers that provide services over network communications as a main function. Hosts that incidentally provide one or a few services for maintenance or accessibility purposes, such as a remote access service for remote troubleshooting, are not considered servers in this document. The types of servers this publication addresses include outward-facing publicly accessible servers, such as web and email services, and a wide range of inward-facing servers. This document discusses the need to secure servers and provides recommendations for selecting, implementing, and maintaining the necessary security controls. This document addresses common servers that use general operating systems (OS) such as Unix, Linux, and Windows. Many of the recommendations in this document may also be applicable to servers that use specialized OSs or run on proprietary appliances, but other recommendations will not be implementable or may have unintended consequences, so such servers are considered outside the scope of this document. Other types of servers outside the scope of this document are virtual servers and highly specialized servers, particularly security infrastructure devices (e.g., firewalls, intrusion detection systems), which have unusual configurations and security needs. Other NIST documents, such as Special Publication (SP) 800-45 Version 2, Guidelines on Electronic Mail Security and SP 800-44 Version 2, Guidelines on Securing Public Web Servers, provide recommendations for particular types of servers. The recommendations in this document are intended as a foundation for other server-related documents and do not override more specific recommendations made in such documents.


Book Synopsis NIST Special Publication 800-123 Guide to General Server Security by : Nist

Download or read book NIST Special Publication 800-123 Guide to General Server Security written by Nist and published by . This book was released on 2012-02-29 with total page 54 pages. Available in PDF, EPUB and Kindle. Book excerpt: This is a Hard copy of the NIST Special Publication 800-123 Guide to General Server Security The purpose of this document is to assist organizations in understanding the fundamental activities performed as part of securing and maintaining the security of servers that provide services over network communications as a main function. Hosts that incidentally provide one or a few services for maintenance or accessibility purposes, such as a remote access service for remote troubleshooting, are not considered servers in this document. The types of servers this publication addresses include outward-facing publicly accessible servers, such as web and email services, and a wide range of inward-facing servers. This document discusses the need to secure servers and provides recommendations for selecting, implementing, and maintaining the necessary security controls. This document addresses common servers that use general operating systems (OS) such as Unix, Linux, and Windows. Many of the recommendations in this document may also be applicable to servers that use specialized OSs or run on proprietary appliances, but other recommendations will not be implementable or may have unintended consequences, so such servers are considered outside the scope of this document. Other types of servers outside the scope of this document are virtual servers and highly specialized servers, particularly security infrastructure devices (e.g., firewalls, intrusion detection systems), which have unusual configurations and security needs. Other NIST documents, such as Special Publication (SP) 800-45 Version 2, Guidelines on Electronic Mail Security and SP 800-44 Version 2, Guidelines on Securing Public Web Servers, provide recommendations for particular types of servers. The recommendations in this document are intended as a foundation for other server-related documents and do not override more specific recommendations made in such documents.

Guide to General Server Security

Guide to General Server Security

Author: Karen Scarfone

Publisher: DIANE Publishing

Published: 2009-05

Total Pages: 53

ISBN-13: 1437913504

DOWNLOAD EBOOK

Servers are frequently targeted by attackers because of the value of their data and services. For example, a server might contain personally identifiable info. that could be used to perform identity theft. This document is intended to assist organizations in installing, configuring, and maintaining secure servers. More specifically, it describes, in detail, the following practices to apply: (1) Securing, installing, and configuring the underlying operating system; (2) Securing, installing, and configuring server software; (3) Maintaining the secure configuration through application of appropriate patches and upgrades, security testing, monitoring of logs, and backups of data and operating system files. Illus.


Book Synopsis Guide to General Server Security by : Karen Scarfone

Download or read book Guide to General Server Security written by Karen Scarfone and published by DIANE Publishing. This book was released on 2009-05 with total page 53 pages. Available in PDF, EPUB and Kindle. Book excerpt: Servers are frequently targeted by attackers because of the value of their data and services. For example, a server might contain personally identifiable info. that could be used to perform identity theft. This document is intended to assist organizations in installing, configuring, and maintaining secure servers. More specifically, it describes, in detail, the following practices to apply: (1) Securing, installing, and configuring the underlying operating system; (2) Securing, installing, and configuring server software; (3) Maintaining the secure configuration through application of appropriate patches and upgrades, security testing, monitoring of logs, and backups of data and operating system files. Illus.

NIST SP 800-123 Guide to General Server Security

NIST SP 800-123 Guide to General Server Security

Author: National Institute of Standards and Technology

Publisher: Createspace Independent Publishing Platform

Published: 2008-07-31

Total Pages: 56

ISBN-13: 9781548165871

DOWNLOAD EBOOK

NIST SP 800-123 July 2008 An organization's servers provide a wide variety of services to internal and external users, and many servers also store or process sensitive information for the organization. Some of the most common types of servers are Web, email, database, infrastructure management, and file servers. This publication addresses the general security issues of typical servers. Servers are frequently targeted by attackers because of the value of their data and services. For example, a server might contain personally identifiable information that could be used to perform identity theft. Why buy a book you can download for free? First you gotta find it and make sure it's the latest version, not always easy. Then you gotta print it using a network printer you share with 100 other people - and its outta paper - and the toner is low (take out the toner cartridge, shake it, then put it back). If it's just 10 pages, no problem, but if it's a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that's paid $75 an hour has to do this himself (who has assistant's anymore?). If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money. It's much more cost-effective to just order the latest version from Amazon.com This public domain material is published by 4th Watch Books. We publish tightly-bound, full-size books at 8 � by 11 inches, with glossy covers. 4th Watch Books is a Service Disabled Veteran Owned Small Business (SDVOSB) and is not affiliated with the National Institute of Standards and Technology. For more titles published by 4th Watch, please visit: cybah.webplus.net GSA P-100 Facilities Standards for the Public Buildings Service GSA P-120 Cost and Schedule Management Policy Requirements GSA P-140 Child Care Center Design Guide GSA Standard Level Features and Finishes for U.S. Courts Facilities GSA Courtroom Technology Manual NIST SP 500-299 NIST Cloud Computing Security Reference Architecture NIST SP 500-291 NIST Cloud Computing Standards Roadmap Version 2 NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 1 & 2 NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 3 DRAFT NIST SP 1800-8 Securing Wireless Infusion Pumps NISTIR 7497 Security Architecture Design Process for Health Information Exchanges (HIEs) NIST SP 800-66 Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices NIST SP 800-177 Trustworthy Email NIST SP 800-184 Guide for Cybersecurity Event Recovery NIST SP 800-190 Application Container Security Guide NIST SP 800-193 Platform Firmware Resiliency Guidelines NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices NIST SP 1800-2 Identity and Access Management for Electric Utilities NIST SP 1800-5 IT Asset Management: Financial Services NIST SP 1800-6 Domain Name Systems-Based Electronic Mail Security NIST SP 1800-7 Situational Awareness for Electric Utilities DoD Medical Space Planning Criteria FARs Federal Acquisitions Regulation DFARS Defense Federal Acquisitions Regulations Supplement


Book Synopsis NIST SP 800-123 Guide to General Server Security by : National Institute of Standards and Technology

Download or read book NIST SP 800-123 Guide to General Server Security written by National Institute of Standards and Technology and published by Createspace Independent Publishing Platform. This book was released on 2008-07-31 with total page 56 pages. Available in PDF, EPUB and Kindle. Book excerpt: NIST SP 800-123 July 2008 An organization's servers provide a wide variety of services to internal and external users, and many servers also store or process sensitive information for the organization. Some of the most common types of servers are Web, email, database, infrastructure management, and file servers. This publication addresses the general security issues of typical servers. Servers are frequently targeted by attackers because of the value of their data and services. For example, a server might contain personally identifiable information that could be used to perform identity theft. Why buy a book you can download for free? First you gotta find it and make sure it's the latest version, not always easy. Then you gotta print it using a network printer you share with 100 other people - and its outta paper - and the toner is low (take out the toner cartridge, shake it, then put it back). If it's just 10 pages, no problem, but if it's a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that's paid $75 an hour has to do this himself (who has assistant's anymore?). If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money. It's much more cost-effective to just order the latest version from Amazon.com This public domain material is published by 4th Watch Books. We publish tightly-bound, full-size books at 8 � by 11 inches, with glossy covers. 4th Watch Books is a Service Disabled Veteran Owned Small Business (SDVOSB) and is not affiliated with the National Institute of Standards and Technology. For more titles published by 4th Watch, please visit: cybah.webplus.net GSA P-100 Facilities Standards for the Public Buildings Service GSA P-120 Cost and Schedule Management Policy Requirements GSA P-140 Child Care Center Design Guide GSA Standard Level Features and Finishes for U.S. Courts Facilities GSA Courtroom Technology Manual NIST SP 500-299 NIST Cloud Computing Security Reference Architecture NIST SP 500-291 NIST Cloud Computing Standards Roadmap Version 2 NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 1 & 2 NIST SP 500-293 US Government Cloud Computing Technology Roadmap Volume 3 DRAFT NIST SP 1800-8 Securing Wireless Infusion Pumps NISTIR 7497 Security Architecture Design Process for Health Information Exchanges (HIEs) NIST SP 800-66 Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices NIST SP 800-177 Trustworthy Email NIST SP 800-184 Guide for Cybersecurity Event Recovery NIST SP 800-190 Application Container Security Guide NIST SP 800-193 Platform Firmware Resiliency Guidelines NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices NIST SP 1800-2 Identity and Access Management for Electric Utilities NIST SP 1800-5 IT Asset Management: Financial Services NIST SP 1800-6 Domain Name Systems-Based Electronic Mail Security NIST SP 1800-7 Situational Awareness for Electric Utilities DoD Medical Space Planning Criteria FARs Federal Acquisitions Regulation DFARS Defense Federal Acquisitions Regulations Supplement

Guide to Bluetooth Security

Guide to Bluetooth Security

Author: Karen Scarfone

Publisher: DIANE Publishing

Published: 2009-05

Total Pages: 43

ISBN-13: 1437913490

DOWNLOAD EBOOK

This document provides info. to organizations on the security capabilities of Bluetooth and provide recommendations to organizations employing Bluetooth technologies on securing them effectively. It discusses Bluetooth technologies and security capabilities in technical detail. This document assumes that the readers have at least some operating system, wireless networking, and security knowledge. Because of the constantly changing nature of the wireless security industry and the threats and vulnerabilities to the technologies, readers are strongly encouraged to take advantage of other resources (including those listed in this document) for more current and detailed information. Illustrations.


Book Synopsis Guide to Bluetooth Security by : Karen Scarfone

Download or read book Guide to Bluetooth Security written by Karen Scarfone and published by DIANE Publishing. This book was released on 2009-05 with total page 43 pages. Available in PDF, EPUB and Kindle. Book excerpt: This document provides info. to organizations on the security capabilities of Bluetooth and provide recommendations to organizations employing Bluetooth technologies on securing them effectively. It discusses Bluetooth technologies and security capabilities in technical detail. This document assumes that the readers have at least some operating system, wireless networking, and security knowledge. Because of the constantly changing nature of the wireless security industry and the threats and vulnerabilities to the technologies, readers are strongly encouraged to take advantage of other resources (including those listed in this document) for more current and detailed information. Illustrations.

Guide to Industrial Control Systems (ICS) Security

Guide to Industrial Control Systems (ICS) Security

Author: Keith Stouffer

Publisher:

Published: 2015

Total Pages: 0

ISBN-13:

DOWNLOAD EBOOK


Book Synopsis Guide to Industrial Control Systems (ICS) Security by : Keith Stouffer

Download or read book Guide to Industrial Control Systems (ICS) Security written by Keith Stouffer and published by . This book was released on 2015 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Guide to Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist

Guide to Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist

Author: Karen Scarfone

Publisher: DIANE Publishing

Published: 2009-08

Total Pages: 127

ISBN-13: 1437914926

DOWNLOAD EBOOK

When an IT security configuration checklist (e.g., hardening or lockdown guide) is applied to a system in combination with trained system administrators and a sound and effective security program, a substantial reduction in vulnerability exposure can be achieved. This guide will assist personnel responsible for the administration and security of Windows XP systems. It contains information that can be used to secure local Windows XP workstations, mobile computers, and telecommuter systems more effectively in a variety of environments, including small office, home office and managed enterprise environments. The guidance should only be applied throughout an enterprise by trained and experienced system administrators. Illustrations.


Book Synopsis Guide to Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist by : Karen Scarfone

Download or read book Guide to Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist written by Karen Scarfone and published by DIANE Publishing. This book was released on 2009-08 with total page 127 pages. Available in PDF, EPUB and Kindle. Book excerpt: When an IT security configuration checklist (e.g., hardening or lockdown guide) is applied to a system in combination with trained system administrators and a sound and effective security program, a substantial reduction in vulnerability exposure can be achieved. This guide will assist personnel responsible for the administration and security of Windows XP systems. It contains information that can be used to secure local Windows XP workstations, mobile computers, and telecommuter systems more effectively in a variety of environments, including small office, home office and managed enterprise environments. The guidance should only be applied throughout an enterprise by trained and experienced system administrators. Illustrations.

Guide to Security for Full Virtualization Technologies

Guide to Security for Full Virtualization Technologies

Author: K. A. Scarfone

Publisher: DIANE Publishing

Published: 2011

Total Pages: 35

ISBN-13: 1437981178

DOWNLOAD EBOOK

The purpose of SP 800-125 is to discuss the security concerns associated with full virtualization technologies for server and desktop virtualization, and to provide recommendations for addressing these concerns. Full virtualization technologies run one or more operating systems and their applications on top of virtual hardware. Full virtualization is used for operational efficiency, such as in cloud computing, and for allowing users to run applications for multiple operating systems on a single computer.


Book Synopsis Guide to Security for Full Virtualization Technologies by : K. A. Scarfone

Download or read book Guide to Security for Full Virtualization Technologies written by K. A. Scarfone and published by DIANE Publishing. This book was released on 2011 with total page 35 pages. Available in PDF, EPUB and Kindle. Book excerpt: The purpose of SP 800-125 is to discuss the security concerns associated with full virtualization technologies for server and desktop virtualization, and to provide recommendations for addressing these concerns. Full virtualization technologies run one or more operating systems and their applications on top of virtual hardware. Full virtualization is used for operational efficiency, such as in cloud computing, and for allowing users to run applications for multiple operating systems on a single computer.

Glossary of Key Information Security Terms

Glossary of Key Information Security Terms

Author: Richard Kissel

Publisher: DIANE Publishing

Published: 2011-05

Total Pages: 211

ISBN-13: 1437980090

DOWNLOAD EBOOK

This glossary provides a central resource of definitions most commonly used in Nat. Institute of Standards and Technology (NIST) information security publications and in the Committee for National Security Systems (CNSS) information assurance publications. Each entry in the glossary points to one or more source NIST publications, and/or CNSSI-4009, and/or supplemental sources where appropriate. This is a print on demand edition of an important, hard-to-find publication.


Book Synopsis Glossary of Key Information Security Terms by : Richard Kissel

Download or read book Glossary of Key Information Security Terms written by Richard Kissel and published by DIANE Publishing. This book was released on 2011-05 with total page 211 pages. Available in PDF, EPUB and Kindle. Book excerpt: This glossary provides a central resource of definitions most commonly used in Nat. Institute of Standards and Technology (NIST) information security publications and in the Committee for National Security Systems (CNSS) information assurance publications. Each entry in the glossary points to one or more source NIST publications, and/or CNSSI-4009, and/or supplemental sources where appropriate. This is a print on demand edition of an important, hard-to-find publication.

Effective Cybersecurity

Effective Cybersecurity

Author: William Stallings

Publisher: Addison-Wesley Professional

Published: 2018-07-20

Total Pages: 1080

ISBN-13: 0134772954

DOWNLOAD EBOOK

The Practical, Comprehensive Guide to Applying Cybersecurity Best Practices and Standards in Real Environments In Effective Cybersecurity, William Stallings introduces the technology, operational procedures, and management practices needed for successful cybersecurity. Stallings makes extensive use of standards and best practices documents that are often used to guide or mandate cybersecurity implementation. Going beyond these, he offers in-depth tutorials on the “how” of implementation, integrated into a unified framework and realistic plan of action. Each chapter contains a clear technical overview, as well as a detailed discussion of action items and appropriate policies. Stallings offers many pedagogical features designed to help readers master the material: clear learning objectives, keyword lists, review questions, and QR codes linking to relevant standards documents and web resources. Effective Cybersecurity aligns with the comprehensive Information Security Forum document “The Standard of Good Practice for Information Security,” extending ISF’s work with extensive insights from ISO, NIST, COBIT, other official standards and guidelines, and modern professional, academic, and industry literature. • Understand the cybersecurity discipline and the role of standards and best practices • Define security governance, assess risks, and manage strategy and tactics • Safeguard information and privacy, and ensure GDPR compliance • Harden systems across the system development life cycle (SDLC) • Protect servers, virtualized systems, and storage • Secure networks and electronic communications, from email to VoIP • Apply the most appropriate methods for user authentication • Mitigate security risks in supply chains and cloud environments This knowledge is indispensable to every cybersecurity professional. Stallings presents it systematically and coherently, making it practical and actionable.


Book Synopsis Effective Cybersecurity by : William Stallings

Download or read book Effective Cybersecurity written by William Stallings and published by Addison-Wesley Professional. This book was released on 2018-07-20 with total page 1080 pages. Available in PDF, EPUB and Kindle. Book excerpt: The Practical, Comprehensive Guide to Applying Cybersecurity Best Practices and Standards in Real Environments In Effective Cybersecurity, William Stallings introduces the technology, operational procedures, and management practices needed for successful cybersecurity. Stallings makes extensive use of standards and best practices documents that are often used to guide or mandate cybersecurity implementation. Going beyond these, he offers in-depth tutorials on the “how” of implementation, integrated into a unified framework and realistic plan of action. Each chapter contains a clear technical overview, as well as a detailed discussion of action items and appropriate policies. Stallings offers many pedagogical features designed to help readers master the material: clear learning objectives, keyword lists, review questions, and QR codes linking to relevant standards documents and web resources. Effective Cybersecurity aligns with the comprehensive Information Security Forum document “The Standard of Good Practice for Information Security,” extending ISF’s work with extensive insights from ISO, NIST, COBIT, other official standards and guidelines, and modern professional, academic, and industry literature. • Understand the cybersecurity discipline and the role of standards and best practices • Define security governance, assess risks, and manage strategy and tactics • Safeguard information and privacy, and ensure GDPR compliance • Harden systems across the system development life cycle (SDLC) • Protect servers, virtualized systems, and storage • Secure networks and electronic communications, from email to VoIP • Apply the most appropriate methods for user authentication • Mitigate security risks in supply chains and cloud environments This knowledge is indispensable to every cybersecurity professional. Stallings presents it systematically and coherently, making it practical and actionable.

Guide to General Server Security

Guide to General Server Security

Author: Karen Ann Kent

Publisher:

Published: 2008

Total Pages:

ISBN-13:

DOWNLOAD EBOOK


Book Synopsis Guide to General Server Security by : Karen Ann Kent

Download or read book Guide to General Server Security written by Karen Ann Kent and published by . This book was released on 2008 with total page pages. Available in PDF, EPUB and Kindle. Book excerpt: