Each individual component follows the same layout. Individual threat sources are described briefly. According to the BSI, the knowledge collected in these catalogs is not necessary to establish baseline protection. C stands for component, M for measure, and T for threat. The conclusion consists of a cost assessment. Please help to establish notability by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. Finally, examples of damages that can be triggered by these threat sources are given.
Uploader: | Jubei |
Date Added: | 25 January 2009 |
File Size: | 65.39 Mb |
Operating Systems: | Windows NT/2000/XP/2003/2003/7/8/10 MacOS 10/X |
Downloads: | 25045 |
Price: | Free* [*Free Regsitration Required] |
IT-Grundschutz
An itemization of individual threat sources ultimately follows. The detection and assessment of weak points in IT systems often occurs by way of a risk assessmentwherein a threat potential is assessed, and the costs of damage to the system or group of similar systems are investigated individually.
The respective measures or threats, which are introduced in the component, can also be relevant for other components. The fifth within that of the applications administrator and the IT user, concerning software like database it-grundsvhutz-kataloge systemse-mail and web servers.
Finally, examples of damages that can be triggered by these threat sources are given. The second is addressed to in-house technicians, regarding structural aspects in the infrastructure layer. However, the cross-reference tables only cite the most important threats. The component catalog is the central element, and contains the following five layers: By using this site, you agree it-grundschuhz-kataloge the Terms of Use and Privacy Policy. Individual threat sources are described briefly.
If the measures' realization is not possible, reasons for this are entered in the adjacent field for later traceability. This page was last edited on 29 Septemberat The component number is composed of the layer number in which the component is located and a unique number within the layer. Retrieved from " https: The measures catalogs summarize the actions necessary to achieve baseline protection; measures appropriate for several system components are described centrally.
Views Read Edit View history. It is not necessary to work through them to establish baseline protection. In this way, a it-grundschutz-katalogee of individual components arises in the baseline protection catalogs. In the process, classification of measures into the categories A, B, C, and Z is undertaken. Finally, the realization is terminated and a manager is named.
IT Baseline Protection Catalogs
The fourth layer falls within the network administrators task area. Measures are cited with a priority and a classification. Partitioning into layers clearly isolates personnel groups impacted by a given layer from the layer in question. The necessary measures are presented in a text with short illustrations.
The component catalogs, threat catalogs, and the measures catalogs follow these introductory sections. The table contains correlations between measures and the threats they address. Category Z measures any additional measures that have proven themselves in practice. If notability cannot be established, the article is likely to be mergedredirectedor deleted.
OWASP Review BSI IT-Grundschutz Baustein Webanwendungen - OWASP
The given threat situation is depicted after a short description of the component examining the it-grundshcutz-kataloge. The conclusion consists of a cost assessment.
From Wikipedia, the free encyclopedia.
During realization of measures, personnel should verify whether adaptation to the operation in question is necessary; any deviations from the initial measures should be documented for future reference.
IT Baseline Protection Handbook.
IT-Grundschutz – Wikipedia
The following layers are formed: Baseline protection can only be ensured if all measures are realized. A table summarizes the measures to be applied for individual components in this regard. A detailed description of it-grundschitz-kataloge measures follows.
Комментариев нет:
Отправить комментарий