The second in a series, this document focuses on system security within a "closed" ICS perimeter. It provides a systematic approach for implementing the access control concept of Least Privilege.

01 October 2015 17 page(s) pdf

The fourth in a series, this document focuses on implementing a secure ICS network management program through comprehensive network management policies and procedures. An effective network management program is an essential element of maintaining the security posture of critical ICS networks.

01 October 2015 16 page(s) pdf

This paper focuses on using the built-in tools already available in the Microsoft Windows operating system (OS). Central event log collection requires a Windows Server operating system version 2003 R2 or above. Many commercially available tools exist for central event log collection. Using a Windows Server 2008 R2 or above server version is recommended. There are no additional licensing costs...

07 August 2015 54 page(s) pdf

Microsoft®’s Enhanced Mitigation Experience Toolkit (EMET) is an enhancement to the Windows® operating system that stops broad classes of malware from executing. EMET implements a set of anti-exploitation mitigations that prevent the successful exploitation of memory corruption vulnerabilities in software, including many zero-day and bu er over ow attacks.

01 October 2014 12 page(s) pdf

This document contains Frequently Asked Questions regarding EMET

01 October 2014 8 page(s) pdf

Microsoft®’s Enhanced Mitigation Experience Toolkit (EMET) is an enhancement to the Windows® operating system that stops broad classes of malware from executing. EMET implements a set of anti-exploitation mitigations that prevent the successful exploitation of memory corruption vulnerabilities in software, including many zero-day and bu er over ow attacks.

01 October 2014 12 page(s) pdf

This document provides security guidance for network administrator to assist in the initial out-of-the-box configuration of Cisco Adaptive Security Appliance (ASA) 5500 Next Generation Firewalls (software version 9.1). The guidance provided is based on a basic and simplistic security policy for common network architectures; however, the concepts discussed may be applied to complex policies and networks. It is the responsibility...

10 September 2014 22 page(s) pdf

This document discusses mitigations administrators can deploy, in the interim, to reduce PtH’s effectiveness by addressing some of the properties it depends upon.

19 November 2013 17 page(s) pdf

This document includes information for using Adobe’s Customization Wizard (CW) or Microsoft’s PowerShell to configure the necessary settings for uniform distribution of the software throughout an enterprise or on a standalone system. Appendix A lists all of the ARXI security-related settings with recommendations for the environments that should configure those settings.

12 July 2013 20 page(s) pdf

This guide is meant to assist United States government and Department of Defense Windows system administrators deploy BIOSes to their enterprise client systems that support signed BIOSes and signed BIOS update mechanisms but do not have signed BIOSes installed by default due to these systems predating the NIST SP 800-147 standard. Vendors that implement signed BIOses currently ship systems with...

16 November 2012 32 page(s) pdf