Podcast
Questions and Answers
What does the first security function in implementation group one focus on?
What does the first security function in implementation group one focus on?
What is the purpose of the 'Collection of Audit Logs'?
What is the purpose of the 'Collection of Audit Logs'?
Which tool can be used for achieving asset inventory?
Which tool can be used for achieving asset inventory?
What does CIS Controls version 8 prioritize recommendations based on?
What does CIS Controls version 8 prioritize recommendations based on?
Signup and view all the answers
Which solution allows users to store and share sensitive data, set access permissions, and implement automatic scanning and discovery of critical accounts?
Which solution allows users to store and share sensitive data, set access permissions, and implement automatic scanning and discovery of critical accounts?
Signup and view all the answers
What product can be used to manage or clean up inactive or unused users and computer accounts in bulk?
What product can be used to manage or clean up inactive or unused users and computer accounts in bulk?
Signup and view all the answers
Which solution can be used for vulnerability management, scanning network devices for software vulnerabilities, zero-day vulnerabilities, and system misconfigurations?
Which solution can be used for vulnerability management, scanning network devices for software vulnerabilities, zero-day vulnerabilities, and system misconfigurations?
Signup and view all the answers
What product can be used to recover lost or encrypted data in limited Windows infrastructure?
What product can be used to recover lost or encrypted data in limited Windows infrastructure?
Signup and view all the answers
Which solution provides a centralized repository management for Windows, Solaris, Mac, Linux, VMware, and network devices, as well as setting time frames and password discovery attempt limits?
Which solution provides a centralized repository management for Windows, Solaris, Mac, Linux, VMware, and network devices, as well as setting time frames and password discovery attempt limits?
Signup and view all the answers
What product can help achieve the 'Identification and Ensure Software Validity' security function by whitelisting applications and removing unsupported software?
What product can help achieve the 'Identification and Ensure Software Validity' security function by whitelisting applications and removing unsupported software?
Signup and view all the answers
Which solution is capable of scanning network devices and automatically identifying, downloading, and installing patches for third-party applications?
Which solution is capable of scanning network devices and automatically identifying, downloading, and installing patches for third-party applications?
Signup and view all the answers
What can be used to ensure up-to-date network infrastructure by determining software versions and checking for end-of-life devices?
What can be used to ensure up-to-date network infrastructure by determining software versions and checking for end-of-life devices?
Signup and view all the answers
What product can be used to prevent unintended data exposure by monitoring file sharing and reporting incidents?
What product can be used to prevent unintended data exposure by monitoring file sharing and reporting incidents?
Signup and view all the answers
Which solution provides multi-factor authentication for secure access to applications, network resources, and administrative access?
Which solution provides multi-factor authentication for secure access to applications, network resources, and administrative access?
Signup and view all the answers
What is the solution used to monitor performance attributes of devices and infrastructure, including disk storage on auditing tool?
What is the solution used to monitor performance attributes of devices and infrastructure, including disk storage on auditing tool?
Signup and view all the answers
Which product can be used for rogue detection and device tracking?
Which product can be used for rogue detection and device tracking?
Signup and view all the answers
Study Notes
- Sateesh Joseph from Zoho Manage Engine is leading a webinar series on CIS Controls, focusing on implementation group one.
- Manage Engine is a division of Zoho Corp, offering various online software solutions and enterprise applications.
- CIS Controls, developed by the Center for Internet Security, are cybersecurity best practices and defensive actions to prevent common attacks and support compliance.
- Version 8 of CIS Controls prioritizes recommendations based on implementation groups and security functions.
- Small to medium-sized enterprises typically implement group one, focusing on maintaining business operations with limited IT and cybersecurity expertise.
- The webinar series aims to help customers ensure their products are CIS Controls compliant.
- The first security function in implementation group one is "Identification," which includes identifying enterprise data and maintaining an inventory.
- The "Identification of Enterprise Data" involves understanding what data to maintain inventory of.
- "Collection of Audit Logs" ensures logging is enabled on all enterprise assets and logs are sent to Manage Engine's Log 360 solution for reporting and compliance.
- Asset inventory can be achieved using Manage Engine's Asset Explorer, Service Test Plus, or Desktop Central.
- Asset Explorer identifies and manages assets, offering additional functionality like incident management and change release management.
- Desktop Central can do inventory management on various devices and offers software inventory functionality.
- Software inventory can also be achieved using Asset Explorer, Service Test Plus, or Desktop Central.
- The "Identification and Ensure Software Validity" security function involves ensuring software is supported by vendors and removing unsupported software.
- Desktop Central with the Applications Control Plus add-on can help achieve this function by whitelisting applications and removing unsupported software.- Text discusses security functions in a data management process, focusing on data sensitivity, handling, retention, and disposal.
- PAN 360 solution from ManageEngine allows users to store and share sensitive data, including setting access permissions and implementing automatic scanning and discovery of critical accounts.
- Identifying user accounts, especially those with administrative access, is crucial for security. PAN 360 facilitates centralized repository management for Windows, Solaris, Mac, Linux, VMware, and network devices, as well as setting time frames and password discovery attempt limits.
- Passwords for databases, applications, and other resources can be managed using the PAM 360 product.
- Configuring data access control lists involves two main products: PAM 360 and Data Security Plus.
- Data retention is a business process that requires maintaining both minimum and maximum timelines for audit reports, ensuring backup frequency, and eliminating data silos.
- Data disposal is vital for preventing unauthorized access to deleted files, which can remain on a hard drive even after being overwritten. Sanitizing or destroying hard drives is the only surefire way to prevent data recovery.
- Desktop Central and Network Configuration Manager can maintain secure configurations for devices, including workstations, servers, routers, switches, and access points.
- Protecting default accounts involves using unique passwords, restricting admin privileges, granting access, and revoking access. PAM 360 offers automatic discovery, centralized management, and multi-factor authentication.
- Multi-factor authentication using 80 Cell Service Plus ensures secure access to applications, network resources, and administrative access. It supports native and third-party authentication providers.
- Vulnerability Manager Plus, an add-on to Desktop Central, scans network devices for software vulnerabilities, zero-day vulnerabilities, and system misconfigurations. It can automatically identify, download, and install patches for more than 1000 third-party applications.
- Proper audit lock storage and retention in Control 8.1 can be achieved using Log360, as discussed in the "Detect" security function.- Using a monitoring solution ensures adequate audit log storage and sets thresholds for alerting networking team when space is below 15 GB.
- Monitoring solution can monitor performance attributes of devices and infrastructure, including disk storage on auditing tool.
- Protect use of only supported browsers and email clients, manage add-ons, extensions, and plugins, filter URLs, and deny access to unneeded websites.
- Deploy anti-malware software and keep it automatically updated.
- Disable auto run and auto play of removable devices.
- Use Recovery Manager Plus to recover lost or encrypted data in limited Windows infrastructure.
- Ensure up-to-date network infrastructure using Network Configuration Manager Plus to determine software versions and check for end-of-life devices.
- Establish security awareness programs and train workforce on social engineering attacks.
- Implement multi-factor authentication and manage passwords for network devices and local accounts.
- Prevent unintended data exposure using Data Security Plus to monitor file sharing and report incidents.
- Use a mobile device management solution to manage, update, and secure mobile devices while delaying updates for testing and preventing bandwidth choking.
- Train users to securely configure home networks and avoid transmitting data over insecure networks.
- Use Orbitals for rogue detection and device tracking, and Application Control Plus for application blacklisting and user group-based rules.
- Use On-Fly AD Management to manage or clean up inactive or unused users and computer accounts in bulk, and establish a remediation process for vulnerabilities using Vulnerability Manager Plus.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Learn about the implementation of CIS Controls focusing on 'Identification' and 'Ensure Software Validity', as part of the webinar series led by Sateesh Joseph from Zoho Manage Engine. Explore how Manage Engine's tools like Asset Explorer, Desktop Central, and PAM 360 can help achieve compliance and secure data management processes in small to medium-sized enterprises.
