Application security is comprised of steps that are taken to improve the security of an application by identifying, repairing and preventing security vulnerabilities. To help with eliminating vulnerabilities in web and other application software, organizations should...
Maintenance personnel refers to individuals who perform hardware or software maintenance on organizational systems, while PE-2 addresses physical access for individuals whose maintenance duties place them within the physical protection perimeter of the systems....
Media sanitization is a process of irreversibly removing data from the media or the physically destorying the media itself. The goal is to sanitize media so that all data is irreversible. Implementation Assessment Carnegie Mellon University – Data Sanitization...
Change management is the approach to dealing with the transitions made to an organization’s goals, processes, or technologies. Change management’s purpose is to implement strategies for effecting change, controlling change, and helping with adaption to change....
A secure configuration is comprised of measures that are implemented when developing and installing computers and other devices in order to reduce vulnerabilities. Misconfigurations are one of the most common methods that malicious users use to attempt exploitation....
NIST defines baseline configurations as a documented set of specifications for an information system, or a configuration item within a system, that has been formally reviewed and agreed on at a given point in time, and which can be changed only through change control...
