Best IT Documents.com Blog


Powerpoint – COBIT ISO 17799 and ITIL

Comments Off on Powerpoint – COBIT ISO 17799 and ITIL

Sample Project – Knowledge Discovery Verification Approach

Posted in Business (600) by Guest on the January 29th, 2013

Sample Project – Knowledge Discovery Verification Approach

“Managed Service Provider” approach to Knowledge Discovery (KD) verification relies on a combination of “In-Process” Checkpoints and “Transition Completion” Assessment”. These are described below. 

Activity

Description

  In-Process Checkpoints
  • Client sign-off on KT plan, goals, and timelines (end of “Project Initiation”)
  • Document reviews to assess KT accuracy (for each stage of the “KT cycle”)
  • Review of Transition Plan and Steady-State Plans (for entry to “Transition”)
  • Review of Draft Service Levels and Metrics (for entry to “Transition”)
  • Baseline documents, processes, and plans for steady-state (in “Transition”)
Transition Completion Assessment
  • Reverse KT: Reverse KT stage wherein the “Managed Service Provider” team delivers process feedback and classroom sessions to the original client team on the entire scope of the outsourced engagement. This stage involves a series of review meetings, presentations and walkthroughs in which the “Managed Service Provider” team demonstrates to the client’s complete confidence that “Managed Service Provider”’ has all the requisite knowledge to take over complete ownership of operations.
  • Steady-State / Offshore Simulation: The KT team simulates “steady-state” operations towards the end of “Transition” stage – to assess to the completion of KT and readiness of the “Managed Service Provider” team for steady-state operations. This includes “Offshore” simulation where the KT team at the client-site simulates “Offshore” operations by working from isolated rooms and using only tools and techniques that will be available from the offshore locations.
Formal Sign Off 
  • Client agrees with Knowledge Acquisition document and proof of KT effectiveness, and signs-off of the same to move into “steady-state” operations.

http://www.bestitdocuments.com/IT_Security_Methodology_solutions.html

 

Comments Off on Sample Project – Knowledge Discovery Verification Approach

Sample eHealth / Spectrum – Network Device Monitoring Considerations

Posted in Business (600),Data Center - SOC - NOC,Networking (340) by Guest on the January 28th, 2013

Overview:

Devices send traps the SDC – Secure Domain Connector 

  • Central trap locations for all devices: 
    • Primary Trap Director         
    • Host-Name:
    • IP Address:
    • Location: 
  • Failover Trap Director  
  • Datacenter Network Devices: 
  • eHealth
  • eHealth Primary
    • snmp-server “Host-Name”
    • snmp-server “community” 
  • Datacenter Network Devices:
  • Host-Name:
  • IP Address:
  • Location: 
  • eHealth
  • eHealth Backup
    • snmp-server “Host-Name”
    • snmp-server “community” 

Variety of mechanisms monitor enterprise at multiple levels 

  • Edge agents track CPU load, memory usage, and disk activity
  • RMON probes collect packet statistics and protocol data from links, paths, and network devices
  • Capable of receiving third party MIBs to leverage existing technology and monitoring solutions 

Information assembled by central console server and correlated to build various views and reports 

  • Backend Database storage and data management
  • Rules and thresholds highly customizable to ensure alerts and reports are tailor to needs of user, whether technical or business 

http://www.bestitdocuments.com/Networking.html

 

Comments Off on Sample eHealth / Spectrum – Network Device Monitoring Considerations

Sample – Corporate Data Damage Policy

Posted in Policies - Standards (600) by Guest on the January 27th, 2013

Policy

Corporate & Company uses access controls and other security measures to protect the:

  • Confidentiality,
  • Integrity,
  • Availability 

Impacting information handled by their computers and communications systems. In keeping with these objectives, management maintains the authority to:

  1. Restrict or revoke any user’s privileges,
  2. Inspect, copy, remove, or otherwise alter any data, program, or other system resource that may undermine these objectives, and
  3. Take any other steps deemed necessary to manage and protect its information systems. This authority may be exercised with or without notice to the involved users. Corporate & Company disclaims any responsibility for loss or damage to data or software that results from its efforts to meet these security objectives. 

Purpose

This policy defines the privileges systems administrators have as delegates of management. Rather legalistic in nature, it notifies users that they cannot hold Corporate & Company liable for damages associated with management’s attempts to secure its system. For example, if a systems administrator was performing a routine virus scan of all PCs on a LAN, he may detect what appears to be a virus. He may then run a program which alters the program which appears to be affected. If the involved user later determines that this very valuable program is inoperative as a result, he cannot hold management responsible for damaging the program. Thus, in an indirect way, this policy 

Exception

Information pertaining to acceptable physical and technical safeguards is available from your unit security or information technology organizations.  The Global Security and Corporate Information Systems Computer Security organizations have additional information. 

http://www.bestitdocuments.com/Risk_management_policy_procedures.html

 

Comments Off on Sample – Corporate Data Damage Policy

Sample Visio – Vulnerability Qualys Scanning Process Flow

Posted in Security (1500),Visio Samples - Stencils (457) by Guest on the January 26th, 2013
Comments Off on Sample Visio – Vulnerability Qualys Scanning Process Flow

Sample Visio – Employee Benefits Orientation Process

Posted in Visio Samples - Stencils (457) by Guest on the January 24th, 2013

Free Visio Document Download

Sample Visio – Employee Benefits Orientation Process

http://www.bestitdocuments.com/IT_Business_solutions.html

 

Comments Off on Sample Visio – Employee Benefits Orientation Process

Sample Visio – Employee Asset Recovery Considerations

Posted in Security (1500),Visio Samples - Stencils (457) by Guest on the January 23rd, 2013
Comments Off on Sample Visio – Employee Asset Recovery Considerations

Sample Excel – HRIS Wage Traking Key Stakeholder User Requirement

Posted in Business (600),Projects (400) by Guest on the January 22nd, 2013
Comments Off on Sample Excel – HRIS Wage Traking Key Stakeholder User Requirement

Sample Visio – Regulations Comliances Best Practices and Best Technology Alignment

Posted in Compliances (1300),Security (1500),Visio Samples - Stencils (457) by Guest on the January 21st, 2013
Comments Off on Sample Visio – Regulations Comliances Best Practices and Best Technology Alignment

Sample Visio – ITIL Server Application Administration (MACs)

Comments Off on Sample Visio – ITIL Server Application Administration (MACs)

Sample Visio – Java Virtual Machine Overview

Posted in Application (380),Security (1500),Visio Samples - Stencils (457) by Guest on the January 19th, 2013
Comments Off on Sample Visio – Java Virtual Machine Overview

Sample Excel – Run State Contact List spreadsheet

Free Excel document download spreadsheet tracking contact list.

 Sample Run State Contact List

 http://www.bestitdocuments.com/Data_center.html

 

Comments Off on Sample Excel – Run State Contact List spreadsheet

Sample Drawing – High Level CobiT Components

Posted in Compliances (1300) by Guest on the January 18th, 2013

http://www.bestitdocuments.com/Risk_management_policy_procedures.html

CobiT Links business goals to IT Goals

Set Objectives

  • IT is aligned with the business
  • IT enables the business and maximizes benefits
  • IT resources are used responsibly
  • IT-related risks are managed appropriately
    • Increase automation  (make the business effective)
    • Decrease cost (make the enterprise efficient)
    • Manage risks (security, reliability and compliance)

http://bestitdocuments.com/Services.html

 

Comments Off on Sample Drawing – High Level CobiT Components

IT Controls who needs it ?

Posted in Business (600),Compliances (1300),Security (1500) by Guest on the January 17th, 2013
  1. Supplies a common language for IT activities and key management practices
  2. To avoid misunderstandings, to have efficient communications and enable success
  3. Provide a business focus and supports governance expectations
  4. Executive alignment to business units and IT engagements
  5. Is consistent with general accepted IT good practices and corporate governance and standards
  6. To provide evidence and acceptance by all parties involved

http://www.bestitdocuments.com/Risk_management_policy_procedures.html

 

Comments Off on IT Controls who needs it ?

Sample – Records Management Policy

Posted in Compliances (1300),Policies - Standards (600),Security (1500) by Guest on the January 17th, 2013

Introduction

The appropriate creation, use and disposition of records are important to the success of the Company and this policy outlines procedures that ensure that the Company remains in compliance with all laws and regulations. 

All records go through a life cycle. The vast majority of them reach a point when they no longer serve a business or legal purpose and may be discarded, thereby avoiding unnecessary expenses and reducing the risk of using outdated information. 

It is expected that ordinary and necessary records will be created, maintained, protected and disposed of in the normal course of Corporate’s business. 

Record Definition

A record is defined as an account of an act, condition, opinion, program, policy, decision, plan, oral exchange, event or transaction preserved on some medium so that it can be read or heard, or unencrypted  at a later time. Records include books of account, invoices, vouchers, cancelled checks, records of sales, correspondence, notes, email, data compilations, reports, forms, reproductions, electronic data bases, calendars and planners, personnel records, and other business papers. Records can be in a variety of formats, including, but not limited to, paper, magnetic tapes, disks, computer internal storage, compact disk, drawings, photographs, slides, films, charts, sound recordings, video recordings, microforms, and other types of electronic storage.  

Records Creation

Only records necessary for the operation of the business and to demonstrate Corporate compliance with all relevant laws will be created and retained for an appropriate period. The document of record will be deemed to be the originating document, unless otherwise defined, and will be responsible for meeting all retention requirements, so that duplicate copies of records will not be retained unnecessarily. 

Ownership of Records

Records related to the business of Corporate are the property of Corporate. Included are records and copies of records retained at off-site locations. Records must not be stored permanently at employee residences. 

Access and Confidentiality

Information that is very important to the operations of the company should be identified and properly managed to ensure the proper levels of confidentiality and access. It is important to recognize that information may be protected by the attorney-client privilege, or other privileges as provided by law. 

Storage

Guidelines for appropriate storage conditions for Company records will be provided by the Corporate policy for Business Conduct regardless of format, records will be organized in such a way that they remain accessible to others in the enterprise as required. 

Privacy

Records will be created, used, retained, and disposed of in ways that will protect the privacy of employees and customers as required by applicable law and consistent with the Corporate’s Business Conduct Guidelines and privacy policies. 

Retention periods

Records will be retained according to applicable laws and regulations, and for business reasons. When they no longer are useful, and no requirement exists for their retention, they will be disposed of to reduce the high costs involved in indexing, storing, and retrieving them. Plus, the risk of using out-dated information can be reduced.  Retention periods apply to all mediums used to store records: electronic, paper, microform, etc., regardless of where the records are stored. 

Copies

Originals and copies are governed by the same retention periods, but copies do not need to be kept when the originals are retained. This includes documents stored off-site permanently (owned or rented facilities) and temporarily (employee homes, employee personal computers, supplier locations, etc). 

Disposition of Records

Records, including those in electronic format, shall be disposed of in the most appropriate manner, in the normal course of business, in compliance with the law and the Company’s Records Disposition Policy. 

All copies of records, including those in electronic format, shall be disposed of when the office of record destroys the original records. Until such time, and subject to the following section, recipients of copies may dispose of such records in the normal course of business. 

Non-destruction Notifications

Destruction of documents shall cease when employees receive a non-destruction notice from the Law Department or if an employee otherwise becomes aware of pending or threatened investigation or litigation. Then the employee shall contact the Law Department, and disposal shall not resume until approved by the Law Department. This applies to all documents described in the notice or in any way related to the investigation or litigation, regardless of whether the documents are originals or copies, and regardless of the format. 

Vital Records

All departments will identify those records that will be required to resume operations after a disaster in conjunction with the Company’s business continuation and disaster recovery programs.  These records will be stored in a special location that provides appropriate physical security and immunity from loss, with back-up copies located in an off-site location. 

Corporate Archives

Some records are of permanent value to the Company for administrative, legal, fiscal, tax, or historical reasons, and the Corporate Archives exists to preserve them and make them available.

Compliance 

This policy applies to all John Corporate units worldwide and to all forms of expression and recording related to the business of the Company.  Operation of the Company’s record management process is the responsibility of department and unit management, with best practice and audit support provided by the Corporate Policy for Business Conduct. 

Non-Compliance

Unit and department management is responsible for working with the Corporate policy for Business Conduct to ensure appropriate audits of the records management process. Company operations should contact the Corporate Policy for Business Conduct  to obtain clarification of the records management policy and to request any potential exemptions. 

Exception 

Information pertaining to acceptable physical and technical safeguards is available from your unit security or information technology organizations.  The Global Security and Corporate Information Systems Computer Security organizations have additional information. 

 

http://www.bestitdocuments.com/Risk_management_policy_procedures.html

 

Comments Off on Sample – Records Management Policy

Sample Mindmap – IT Service Architecture Overview

Posted in Data Center - SOC - NOC,Mindmap (100),Security (1500) by Guest on the January 16th, 2013
Comments Off on Sample Mindmap – IT Service Architecture Overview

Bluecoat – Regular Expressions

Posted in Business (600),Security (1500) by Guest on the January 15th, 2013

3 Roles Bypass

NTLM

Dst – Do not Authenticate

Force Authentication

Regular express ( .*. (FE1 | FE2 | FE3 |…)$ 

 

Use splash screen

Citrix bypass

Proxy if going to

Citrix farm / ssl 

The rules are in layers and can optionally be organized in one or more sections. This is a way of grouping rules together.

1        A section consists of a section header followed by a list of rules. Four sections types are supported in a standard CPL file:

  1. [Rule]
  2. [url]
  3. [url.domain]
  4. [server_url.domain] 

Boolean expression are built from the specific values allowed with the trigger, and the Boolean operators 

  • ! (not), 
  • && (and), 
  • || (or) 
  • and () for grouping 

Long lines can be split using ‘’ as a line continuation character. 

The ‘’ must be the last character on the line and be preceded by space or Tab. For example:

  • url.domain=example.com time=0900..1700
  • deny 

More complex boolean expressions are allowed for the pattern_expression in the triggers

For example, the second part of the condition in the simple rule shown above could be “the request is made between 9 a.m. and noon or between 1 p.m. and 5 p.m”, expressed as: 

  • … time=(0900..1200 || 1300..1700) … 

Unavailable Triggers

Some (but not all) triggers can be unavailable in some transactions. If a trigger is unavailable, then any condition containing that trigger is false, regardless of the pattern expression. For example, if the current transaction is not authenticated (that is, the authenticate property was set to “no”), then the “user” trigger is unavailable. This means that user=kevin and user=!kevin are both false. 

A condition can be false either because the pattern doesn’t match the trigger value, or because the trigger is unavailable. Policy rule-tracing distinguishes these two cases, using “miss” for the former and “N/A” for the latter. 

Note that the special semantics of unavailable triggers are only encountered when you are coding directly in CPL. You will not see this behavior when you use the VPM. 

Quoting

Certain characters are considered special by CPL and have meaning as punctuation elements of the language. For example = (equal) separates a trigger name from its associated value, and blank space separates expressions in a rule. 

To use a value that contains one of these characters, the value must be quoted with either single (‘) or double (“) quotation marks, so that the special characters are not interpreted as punctuation. Text within single quotation marks can include any character other than a single quotation mark. Text within double quotation marks can include any character other than a double quotation mark. Here are some examples of where quoting is necessary: 

  • user=”John Doe” ; value contains a space 
  • url=”www.example.com/script.cgi?param=value” ; value contains ‘=’ 
  • deny( “You don’t have access to that page!” ) ; several special chars

http://www.bestitdocuments.com/Operating_system.html

 

Comments Off on Bluecoat – Regular Expressions

Bluecoat – Using Rule Order to Define Exceptions

Posted in Business (600),Security (1500) by Guest on the January 14th, 2013

When the policy rules within a layer are evaluated, remember that evaluation is from the top down, but the first rule that matches will end further evaluation of that layer. Therefore, the most specific conditions, or exceptions, should be defined first. Within a layer, use the sequence of most-specific to most-general policy. 

Filter File Structure

A CacheOS 5.x filter file consists of two parts, both of which are optional. The two parts are divided by a define_actions line. The first part, which can be considered the filter part, consists of filters and access-control list (ACL) definitions. The second part, or action part, contains action and transformer definitions. All filters must be written above the define_actions line. All action and transformer definitions must be written below the define_actions line. 

By contrast, CPL action and transformer definitions may appear anywhere in the policy file. 

Filter-Part Components

The filter part of a filter file can contain the following:

• Filters that are not part of a section

• Sections

• ALL statements

• default_filter_properties statements

• Access-control list (ACL) definitions 

Filters that are not part of a section must occur before the first section. The default_filter_properties statements must be written after the last filter or section. The ALL statements and ACL definitions can be written anywhere before the define_actions line. All of these components are optional. 

Filters

In CPL, the concept of a filter has been replaced by the concept of a rule. A filter is a line that includes, at a minimum, a URL pattern. The filter is considered to be a match if the requested URL matches the URL pattern. It can also include a tag specifying whether the match will be case-sensitive, an acl condition expression for specifying a defined access-control list, and a property setting. Multiple acl conditions and property settings can be listed. A filter line has the following general syntax:

url_pattern [case_insensitive = { yes | no }] [acl=expression] [property=value]

url_pattern

where url_pattern is either a prefix-style pattern (like the prefix_pattern used in the url=condition) or a regular-expression pattern (as is used in the url_regex= condition, see “Sections” on page 303). For more information on URLs, see “url=” on page 137. 

case_insensitive= {yes|no}

where case_insensitive is an optional property that can specify whether URLs matches are case-sensitive. By default, matching is case-sensitive. For more information, see “Properties” on page 301.

acl=expression

where acl= can include an IP address or subnet, or the label of a define acl definition block. For more information, see “Conditions” on page 301.

property=value

where property= is an optional property setting. For a list of properties available in filter files, see 

Local Policy File Override VPM

define condition Corporate_Sites

        url.domain = xyz

        url.domain = xyz 

Section 1:

Proxy trace – View and diagnose proxy traffic 

Cache:

Sites cached for performance reasons

url.domain=(www.xyz.com) cache(no) pipeline(no)

url.address=(x.x.x.x) cache(no) 

url.domain=(www.xyz.com) direct(yes)

ALLOW condition=WSUS exit

ALLOW condition=owa_auth_problem action.proxy_header(yes)

DENY condition=ms_messenger

DENY condition=yahoo_msg exit

ALLOW condition=ports

Define condition trusted

url.domain=xyz

url.address=x.x.0.0/16

 

Define condition WSUS

Client.address=x.x.x.x /32

Client.address=x.x.0.0 /16

End condition WSUS

 

Define condition owa_auth_problem

set (response.x_header.Proxy-Support, ‘none’)

end condition owa_auth_problem 

http://list.bluecoat.com/Blue-coatwf/activity/download/Blue-coatwf.db

 

Bluecoat

BLK-EXT – Blocked Extensions – First rule

Forced Deny or Accept

Exit – Unconditional

VPM – Control traffic

Networks match on source 

URL Block list 

Forced download 

Expect server – gets logs from Blue-coat’s, configuration – sent to centralized location (disk) then to tape

Scope edge enabled when needed

http://www.bestitdocuments.com/Operating_system.html

 

Comments Off on Bluecoat – Using Rule Order to Define Exceptions

Sample Excel – Financial Segregation of Duties Checklist

Comments Off on Sample Excel – Financial Segregation of Duties Checklist

Sample Visio – Virtual VMWareCenter Design

Posted in Visio Samples - Stencils (457) by Guest on the January 11th, 2013
Comments Off on Sample Visio – Virtual VMWareCenter Design

Sample Visio – VMWare Virtualization Architecture

Posted in Data Center - SOC - NOC,Security (1500),Visio Samples - Stencils (457) by Guest on the January 10th, 2013

VMWare Server

  • Runs on any x86 server hardware and OS
  • Windows Server and Linux Host OS’s
  • Partition a physical server into multiple virtual server machines
    • Target market – IT centers providing multiple services
    • Allows separate virtual servers to be separately configured for separate IT applications
      • Provisioning
      • Portability, replication, etc.

VMware Server ESX

  • Total decoupling between hardware and applications
  • High-end, high-performance IT applications
    • Oracle, SQL Server, Microsoft Exchange server, SAP, Siebel, Lotus Notes, BEA WebLogic, Apache
    • Dynamically move running application to different hardware
      • Maintenance, hardware replacement
      • Provisioning new versions, etc.

 Free Visio Download – VMWare Virtualization Architecture

http://www.bestitdocuments.com/Operating_system.html

 

Comments Off on Sample Visio – VMWare Virtualization Architecture

Cloud Computing 3 of 3

Posted in Compliances (1300),Security (1500) by Guest on the January 9th, 2013

 Cloud Virtualization considerations:

Snapshots & Migrations

  • Snapshot: freeze a copy of virtual machine
    • Identify all pages in disk files, VM memory
    • Use copy-on-write for any subsequent modifications
    • To revert, throw away the copy-on-write pages
  • Migration: move a VM to another host
    • Take snapshot (fast)
    • Copy all pages of snapshot (not so fast)
    • Copy modified pages (fast)
    • Freeze virtual machine and copy VM memory
      • Very fast, fractions of a second 

Cloning

  • Simple clone:
    • Freeze virtual machine
    • Copy all files implementing it
    • Use copy-on-write to speed up
  • Linked clone:
    • Take snapshots
    • Original and each clone is a copy-on-write version of snapshot 
  • VMware Workstation
    • Separates Host OS from virtualization layer
    • Host OS may be Windows, Linux, etc.
    • Wide variety of Guest operating systems

http://www.bestitdocuments.com/Operating_system.html

 

Comments Off on Cloud Computing 3 of 3

An effective Patch Management Repoting Tool can and should

Posted in Data Center - SOC - NOC,Policies - Standards (600),Security (1500) by Guest on the January 9th, 2013

Gernic Policy:

All patches and updates to software installed on computer systems are reviewed and scheduled to be installed based on applicability and severity. In the unlikely event of a breach of security, audit trails are stored for one year and are reviewed by the IT department.

Report details on such things as:

  • Servers and workstation configurations including;
    • Service statuses
    • Installed applications (software compliancy) including known viruses, spyware, malware and resident files like unauthorized music and graphics;
    • Installed patches and hotfixes;
    • TCP and UDP port statuses and hardware details down to the hardware level on each host.

 http://www.bestitdocuments.com/Risk_management_policy_procedures.html

 

Comments Off on An effective Patch Management Repoting Tool can and should

High Level Network Assessment Considerations

Posted in Business (600),Security (1500) by Guest on the January 8th, 2013

Among the many functions to consider the 11 primary functions should be: 

1)    Network Discovery of active hosts

2)    Discovery of Domains, Workgroups and Active Directory members including member servers and workstations

3)    Discovery of System, File and Security Identifications (ACLs)

4)    Enumeration of Registry Hives / keys

5)    Discovery of System services

6)    Event Audit Analysis

7)    Discovery of the directory, folder and file systems on every targeted hosts

8)    Discovery of installed Application Software

9)    Hardware abstraction level reporting on all OS hardware

10) Differential Analysis and comparisons of previous and current scans

11) Granular and historical Analysis and Customized Reporting

http://www.bestitdocuments.com/Risk_management_policy_procedures.html

 

Comments Off on High Level Network Assessment Considerations

Sample Visio – World Map with Time Zones

Posted in Data Center - SOC - NOC,Visio Samples - Stencils (457) by Guest on the January 7th, 2013
Comments Off on Sample Visio – World Map with Time Zones
Next Page »