Created
December 29, 2018 03:58
-
-
Save empireshades/1ec9bd8ec33257c5836f9cd84d8c4e58 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# CIS Controls | |
from: https://www.cisecurity.org/controls/ | |
## Basic CIS Controls | |
1. Inventory and Control of Hardware Assets | |
2. Inventory and Control of Software Assets | |
3. Continuous Vulnerability Management | |
4. Controlled Use of Administrative Privileges | |
5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers | |
6. Maintenance, Monitoring and Analysis of Audit Logs | |
## Foundational CIS Controls | |
7. Email and Web Browser Protections | |
8. Malware Defenses | |
9. Limitation and Control of Network Ports, Protocols and Services | |
10. Data Recovery Capabilities | |
11. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches | |
12. Boundary Defense | |
13. Data Protection | |
14. Controlled Access Based on the Need to Know | |
15. Wireless Access Control | |
16. Account Monitoring and Control | |
## Organizational CIS Controls | |
17. Implement a Security Awareness and Training Program | |
18. Application Software Security | |
19. Incident Response and Management | |
20. Penetration Tests and Red Team Exercises |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment