Most linked-to categories

Showing below up to 50 results in range #751 to #800.

751. CIS - 11.2 - Recover - Data - Perform Automated Backups‏‎ (1 member)
752. CIS - 16.14 - Protect - Applications - Conduct Threat Modeling‏‎ (1 member)
753. CIS - 8.4 - Protect - Network - Standardize Time Synchronization‏‎ (1 member)
754. CIS - 8.12 - Detect - Data - Collect Service Provider Logs‏‎ (1 member)
755. CIS - 6.2 - Protect - Users - Establish an Access Revoking Process‏‎ (1 member)
756. CIS - 2.1 - Identify - Applications - Establish and Maintain a Software Inventory‏‎ (1 member)
757. ID.BE-3: Priorities for organizational mission, objectives, and activities are established and communicated‏‎ (1 member)
758. PR.IP-1: A baseline configuration of information technology or industrial control systems is created and maintained incorporating security principles (e.g. concept of least functionality)‏‎ (1 member)
759. CIS - 2.3 - Respond - Applications - Address Unauthorized Software‏‎ (1 member)
760. CIS - 12.6 - Protect - Network - Use of Secure Network Management and Communication Protocols‏‎ (1 member)
761. CIS - 10.3 - Protect - Devices - Disable Autorun and Autoplay for Removable Media‏‎ (1 member)
762. CIS - 14.5 - Protect - Train Workforce Members on Causes of Unintentional Data Exposure‏‎ (1 member)
763. CIS - 6.1 - Protect - Users - Establish an Access Granting Process‏‎ (1 member)
764. CIS - 4.1 - Respond - Devices - Enforce Automatic Device Lockout on Portable End-User Devices‏‎ (1 member)
765. CIS - 2.2 - Identify - Applications - Ensure Authorized Software is Currently Supported‏‎ (1 member)
766. CIS - 1.4 - Identify - Devices - Use Dynamic Host Configuration Protocol (DHCP) Logging to Update Enterprise Asset Inventory‏‎ (1 member)
767. CIS - 4.6 - Protect - Network - Securely Manage Enterprise Assets and Software‏‎ (1 member)
768. CIS - 9.5 - Protect - Network - Implement DMARC‏‎ (1 member)
769. CIS - 3.7 - Identify - Data - Establish and Maintain a Data Classification Scheme‏‎ (1 member)
770. CIS - 8.3 - Protect - Network - Ensure Adequate Audit Log Storage‏‎ (1 member)
771. CIS - 5.5 - Identify - Users - Establish and Maintain an Inventory of Service Accounts‏‎ (1 member)
772. CIS Controls - v8.0‏‎ (1 member)
773. ID.RM-3: The organization’s determination of risk tolerance is informed by its role in critical infrastructure and sector specific risk analysis‏‎ (1 member)
774. DE.AE-5: Incident alert thresholds are established‏‎ (1 member)
775. PR.DS-5: Protections against data leaks are implemented‏‎ (1 member)
776. PR.AT-4: Senior executives understand their roles and responsibilities‏‎ (1 member)
777. PR.MA-1: Maintenance and repair of organizational assets are performed and logged, with approved and controlled tools‏‎ (1 member)
778. DE.DP-4: Event detection information is communicated‏‎ (1 member)
779. NIST CSF v1.1‏‎ (1 member)
780. RS.IM-2: Response strategies are updated‏‎ (1 member)
781. RS.AN-5: Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g. internal testing, security bulletins, or security researchers)‏‎ (1 member)
782. DE.AE-2: Detected events are analyzed to understand attack targets and methods‏‎ (1 member)
783. ID.BE-5: Resilience requirements to support delivery of critical services are established for all operating states (e.g. under duress or attack, during recovery, normal operations)‏‎ (1 member)
784. ID.AM-2: Software platforms and applications within the organization are inventoried‏‎ (1 member)
785. RS.AN-2: The impact of the incident is understood‏‎ (1 member)
786. ID.RM-2: Organizational risk tolerance is determined and clearly expressed‏‎ (1 member)
787. DE.DP-2: Detection activities comply with all applicable requirements‏‎ (1 member)
788. RS.AN-4: Incidents are categorized consistent with response plans‏‎ (1 member)
789. ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations.‏‎ (1 member)
790. RS.MI-2: Incidents are mitigated‏‎ (1 member)
791. PR.AC-2: Physical access to assets is managed and protected‏‎ (1 member)
792. Recovery Planning (RC.RP)‏‎ (1 member)
793. RC.RP-1: Recovery plan is executed during or after a cybersecurity incident‏‎ (1 member)
794. PR.IP-5: Policy and regulations regarding the physical operating environment for organizational assets are met‏‎ (1 member)
795. ID.RA-2: Cyber threat intelligence is received from information sharing forums and sources‏‎ (1 member)
796. ID.AM-4: External information systems are catalogued‏‎ (1 member)
797. DE.AE-4: Impact of events is determined‏‎ (1 member)
798. PR.IP-2: A System Development Life Cycle to manage systems is implemented‏‎ (1 member)
799. ID.GV-2: Cybersecurity roles and responsibilities are coordinated and aligned with internal roles and external partners‏‎ (1 member)
800. PR.AT-2: Privileged users understand their roles and responsibilities‏‎ (1 member)