Deploying Signed BIOSes to Enterprise Client Systems (version 1)
This guide is meant to assist United States government and Department of Defense Windows system administrators deploy BIOSes to their enterprise client systems that support signed BIOSes and signed BIOS update mechanisms but do not have signed BIOSes installed by...
16 November 2012 32 page(s) pdf
Activating Authentication and Encryption for Cisco Unified Communications Manager Express (CUCME) 7.0/4.3
The intent of this document is to provide step-by-step instructions for configuring authentication and encryption for Cisco Unified Communications Manager Express (CUCME) releases 4.2, and 7.0/4.3.
28 April 2010 30 page(s) pdf
Securing IBM Lotus Sametime
This guide has been designed to provide a high-level security reference when deploying a Sametime solution. It is intended to be utilized in parallel with the security features already present in Lotus Domino® and Sametime. There are many configurations for...
22 September 2010 2 page(s) pdf
Hardening Tips for Mac OS X 10.6 "Snow Leopard" (version 1.0)
This trifold contains, in order of importance, high-impact tips designed for use by an administrative user of Mac OS X 10.6 Snow Leopard.
01 March 2010 2 page(s) pdf
Security Configuration Recommendations for Apple iOS 5 Devices (version 0)
This document provides security-related usage and configuration recommendations for Apple iOS devices such as the iPhone, iPad, and iPod touch.
28 March 2012 37 page(s) pdf
Security Highlights of Windows 7
This guide highlights many of the new security features in Windows 7, just one of the many commercial operating systems available.
06 October 2010 2 page(s) pdf
Guide to the Secure Configuration of Red Hat Enterprise Linux 5 (version 4.2)
The purpose of this guide is to provide security configuration recommendations for the Red Hat Enterprise Linux (RHEL) 5 operating system. The guidance provided here should be applicable to all variants (Desktop, Server, Advanced Platform) of the product. Recommended settings...
26 August 2011 200 page(s) pdf
Application Whitelisting using Software Restriction Policies (version 1.1)
Software Restriction Policies (SRP) enables administrators to control which applications are allowed to run on Microsoft Windows. SRP is a feature of Windows XP and later operating systems. It can be configured as a local computer policy or as domain...
01 August 2010 19 page(s) pdf
Security Tips for Personally Managed Apple iPhones and iPads
This pamphlet provides security recommendations for users of personally managed Apple iPhones and iPads running iOS 5. This refers to a situation in which the user exercises sole administrative control over the device.
01 January 2012 2 page(s) pdf
This document provides an overview of Application Whitelisting, including what it is, why one should use it, and how to enforce it.
01 August 2010 2 page(s) pdf
Guidelines for Implementation of REST
This paper tries to help identify and explain the security risks (positive and negative) with REST, to facilitate development of more robust REST solutions.
25 March 2011 19 page(s) pdf
New Smartphones and the Risk Picture
Mobile phone platforms are susceptible to malicious attacks, both from the network and upon physical compromise. Understanding the vectors of such attacks, level of expertise required to carry them out, available mitigations, and impact of compromise provides a background for certain risk...
01 April 2012 2 page(s) pdf
Deploying and Securing Google Chrome in a Windows Enterprise (version 1)
This paper contains deployment guidance, recommended policies, and technical details for United States government and Department of Defense administrators who want to use the enterprise version of the Google Chrome web browser in their Windows Active Directory domain. Chrome 20.0.1132.47,
22 October 2012 37 page(s) pdf
Recommendations for Configuring Adobe Acrobat Reader XI in a Windows Environment (version 1)
This document includes information for using Adobe’s Customization Wizard (CW) or Microsoft’s PowerShell to configure the necessary settings for uniform distribution of the software throughout an enterprise or on a standalone system. Appendix A lists all of the ARXI security-related settings...
12 July 2013 20 page(s) pdf
Reducing the Effectiveness of Pass-the-Hash (version 1)
This document discusses mitigations administrators can deploy, in the interim, to reduce PtH’s effectiveness by addressing some of the properties it depends upon.
19 November 2013 17 page(s) pdf
Recommendations for Configuring Adobe Acrobat Reader DC in a Windows Environment
This document provides guidance on configuring Adobe Reader DC in a Windows environment. Adobe Reader DC is the latest version of Adobe Reader and replaces Adobe Reader XI. The “DC” in the title stands for “Document Cloud” which refers to...
02 December 2015 13 page(s) pdf
Defending Against Compromised Certificates
This guidance provides IT personnel with actionable information to defend against compromised CA and web site certificates, which could permit a malicious web server to impersonate the genuine one. Each operating system (OS) and browser may use different mechanisms to...
01 July 2012 2 page(s) pdf
Configuring Windows To Go as a Mobile Desktop Solution
Windows To Go is a new feature of Windows 8 Enterprise that allows a fully functional Windows 8 instance to be run from an external USB flash drive. When a host machine is booted from a Windows To Go drive,...
01 November 2012 4 page(s) pdf
Host and Network Integrity through Trusted Computing
This document provides an overview of the Trusted Computing Group including explaining the Trusted Platform Module, Measured Boot and Measured Launch, Network Access Control, Recommendations, and Host Integrity at Startup.
01 April 2010 2 page(s) pdf
Information Assurance Guidance for Microsoft Windows XP End of Life
This document provides instructions for what to do with Windows XP machines at the end of their life.
01 July 2014 2 page(s) pdf