6 verify the appropriate management of provisioning

This preview shows page 19 - 23 out of 29 pages.

6. Verify the appropriate management of provisioning and de-provisioning new virtual machines, including appropriate operating system and application licenses. 7. Evaluate how hardware capacity is managed for the virtualized environment to support existing and future business requirements. 8. Evaluate how performance is managed and monitored for the virtualization environment to support existing and anticipated business requirements. 9. Evaluate the policies, processes, and controls for data backup frequency, handling, and offsite management. 10. Review and evaluate the security of your remote hypervisor management. 11. Review and evaluate the security around the storage of the virtual machines. 12. Verify that network encryption of data-in-motion is implemented where appropriate. 13. Evaluate the low-level and technical controls in place to segregate or firewall highly sensitive data on critical virtual machines from the rest of the virtualization environment. 14. Review and evaluate system administrator procedures for security monitoring. 15. Evaluate the use of secure baseline templates and the security of hosted virtual machines as appropriate to the scope of the audit.
Image of page 19

Subscribe to view the full document.

16. Perform the steps from Chapter 4, “Auditing Data Centers and Disaster Recovery,”and Chapter 10, “Auditing Storage,” as th ey pertain to the environment you are auditing.
Image of page 20
Checklist for Auditing Wireless LANs 1. Ensure that access points are running the latest approved software. 2. Evaluate the use and controls around centralized WLAN management. 3. Verify that your mobile clients are running protective software. 4. Evaluate the security of the chosen authentication method. 5. Evaluate the security of the chosen communications method. 6. Evaluate the use of security monitoring software and processes. 7. Verify that rogue access points are not used on the network. 8. Evaluate procedures in place for tracking end-user trouble tickets. 9. Ensure that appropriate security policies are in place for your WLAN. 10. Evaluate disaster-recovery processes in place to restore wireless access should a disaster occur. 11. Evaluate whether effective change-management processes exist.
Image of page 21

Subscribe to view the full document.

Checklist for Auditing Mobile Devices 1. Ensure that mobile device gateways are running the latest approved software and patches. 2. Verify that mobile clients have protective features enabled if they are required by your mobile device security policy. 3. Determine the effectiveness of device security controls around protecting data when a hacker has physical access to a device. 4. Evaluate the use of security monitoring software and processes. 5. Verify that unmanaged devices are not used on the network. Evaluate controls over unmanaged devices. 6. Evaluate procedures in place for tracking end-user trouble tickets.
Image of page 22
Image of page 23
  • Fall '17
  • lester
  • Computer Security, Security engineering, review performance indicators

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern