NIST SP 800-53: CM-7 Least Functionality 3.4 3.4.7 3.4.8
NIST resource that defines requirements for configuring information systems to provide only essential capabilities such as restricting / blacklisting software.
SEARCH RESULTS
North Carolina – Configuration Management Policy 3.4 3.4.1 Configuration Management
This is a sample configuration management policy from the State of North Carolina that outlines the standards used for configuration management compliance.
Plutora – ITIL V4 Change Management in 2019: Everything You Need to Know 3.4 3.4.3 3.4.4 3.4.5 Configuration Management
This is a blog from Plutora on ITIl V4 change management.
Qualys SCA – Security Configuration Assessment 3.4 3.4.2 Configuration Management
This is a video from Qualys that shows how to assess a security configuration.
RedHat – Securing Red Hat Enterprise Linux 8 3.4 3.4.2 Configuration Management
This is a security hardening guide for Red Hat Enterprise Linux 8, developed by Red Hat, Inc.
SANS – Router and Switch Security Policy 3.4 3.4.2 Configuration Management
This is a router and switch security policy provided by SANS. This document serves an example of the minimum requirements for security configuration for routers and switches.
SANS – Software Installation Policy 3.4 3.4.9 Configuration Management
This sample policy from SANS, can be used to outline the requirements around installation of software on an organizations devices.
SANS Whitepaper – Implementing/Re-Implementing Change Control Policies 3.4 3.4.3 3.4.4 3.4.5 Configuration Management
This SANS whitepaper covers how to implement and re-implement change policies.
SANS Whitepaper – Monitoring Baselines with Nagios 3.4 3.4.1 Configuration Management
This SANS whitepaper focuses on monitoring windows and linux baselines.
Security Boulevard – Change & Configuration Management Waves Revolutionizing Cybersecurity 3.4 3.4.3 3.4.4 3.4.5 Configuration Management
This is a blog that covers change management and configuration management and their revolutionizing cybersecurity.