RE: [Fed-Talk] Critical directories
RE: [Fed-Talk] Critical directories
- Subject: RE: [Fed-Talk] Critical directories
- From: "Beck, Keith M CDR ACNO NGEN, OPNAV N099" <email@hidden>
- Date: Tue, 15 Mar 2011 17:10:51 -0400
- Thread-topic: [Fed-Talk] Critical directories
Oops. I forgot the Common Criteria setup guide
https://ssl.apple.com/support/security/commoncriteria/CommonCriteriaAdminGuide.pdf
Rex,
Is it worth adding the Common Criteria guide to the monthly FAQ in the security guide section?
Keith
-----Original Message-----
From: Beck, Keith M CDR ACNO NGEN, OPNAV N099
Sent: Tuesday, March 15, 2011 15:51
To: 'Niels Olson'; 'Todd Heberlein'
Cc: 'email@hidden'
Subject: RE: [Fed-Talk] Critical directories
I think NIST should add them to the USGCB site when their review is complete:
http://usgcb.nist.gov/usgcb_content.html
If you are DoD, and not "other Federal," NSA endorsed/adopted Apple's security guide:
http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml
Keith
-----Original Message-----
From: Niels Olson [mailto:email@hidden]
Sent: Monday, March 14, 2011 17:48
To: Todd Heberlein
Cc: email@hidden
Subject: Re: [Fed-Talk] Critical directories
Sounds like there is a larger problem: documents for iOS (and OSX, and
others) aren't readily available online. Is the a custodian for all
fed-wide it standards? NIST? Are those folks on this mailing list?
On Monday, March 14, 2011, Todd Heberlein <email@hidden> wrote:
> I recall us talking about this before, but I cannot find the answers:
>
> What is the list of "critical directories" and/or "critical system files" that DISA (NSA?) wants to know about if they are modified? Also, what are the list of security-related directories/file that should be flagged if they are just read?
>
> Thanks,
>
> Todd
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
--
Niels Olson
email@hidden
h/c: (410) 212-1281
http://nielsolson.us
This message may contain private information for persons named above.
Please don't share that information with anyone without a need to
know. If you received confidential information without a PGP wrapper,
assume it was compromised, delete it, tell the sender, and try to tell
the victim. Please don't send someone else's private information if
you're not reasonably certain the recipient has a need to know and
that the message will be kept private. Plain email is not private. In
some cases, such as health information protected under the US HIPAA
law or information protected under the US Privacy Act, plain email may
be illegal. If you must relate a person's identity to their private
information in email, use Hushmail or insist your recipients provide
you their PGP public key. My public key is here:
http://nielsolson.us/contact.html.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden