| 翻訳と辞書 |
| Security Technical Implementation Guide : ウィキペディア英語版 |
Security Technical Implementation Guide
A Security Technical Implementation Guide or STIG is a methodology for standardized secure installation and maintenance of computer software and hardware. These guides when implemented 'lockdown' common and typically permissive software to further reduce vulnerabilities. The term was coined in 1998 by DISA which creates configuration documents in support of the United States Department of Defense (DoD). The implementation guidelines include recommended administrative processes and span the devices' lifecycle. STIG scanning software is used to implement / validate proper configuration.
An example where STIGs would be of benefit is in the configuration of a desktop computer. Most operating systems are not inherently secure. This leaves them open to criminals such as identity thieves and computer hackers. A STIG describes how to minimize network-based attacks and preventing system access when the attacker is interfacing with the system, either physically at the machine, or over a network. STIGs also describe maintenance processes, such as software updates and vulnerability patching.
Advanced STIGs might cover the design of a corporate network, covering configurations of routers, firewalls, domain name servers and switches.
==External links==
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Security Technical Implementation Guide」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|