SYSTEM & COMMUNICATION PROTECTION Archives - Findings

Are there Access Controls Lists to restrict the traffic between the user LANs and computer production LANs?

Are there Access Controls Lists to restrict the traffic between the user LANs and computer production LANs?

Is administrative access to firewalls and other perimeter devices allowed only through a secured internal network or direct serial port access?

Is administrative access to firewalls and other perimeter devices allowed only through a secured internal network or direct serial port access?

Are network security (firewall, IPS etc..) alerts monitored by a 24×7 Security Operations Center?

Are network security (firewall, IPS etc..) alerts monitored by a 24×7 Security Operations Center?

Does the go-live process for new equipment deployed to the network to undergo a security evaluation?

Does the go-live process for new equipment deployed to the network to undergo a security evaluation?

Does the Vendor have a formal key management program in place?

Does the Vendor have a formal key management program in place?

Does your company implement network security controls including firewalls to limit inbound connectivity based on application requirements?

Does your company implement network security controls including firewalls to limit inbound connectivity based on application requirements?

Is data at rest adequately protected?

Is data at rest adequately protected?

Are connections to the Internet secured with industry-recognized firewalls that are configured and managed to adhere to industry best practices?

Are connections to the Internet secured with industry-recognized firewalls that are configured and managed to adhere to industry best practices?