HostedDB - Dedicated UNIX Servers
-->
IT baseline protection manual

IT Baseline Protection Manual - Index

A B C D E F G H I j K L M N O P R S T U V W X Z

water T 1.5
web spoofing T 5.87
well-regulated familiarisation/training of new staff with their work S 3.1
WfW
- masquerading T 5.46
- storing of passwords T 3.19
- trying out passwords T 5.45
- unintentional granting of read access for Schedule+ T 3.20
- unintentional sharing of directories, printers, etc. T 3.18
- use of log-on passwords S 4.46
WfW network, security strategy S 2.67
Windows 95
- automatic recognition of CD-ROMs T 4.23
- data backup under S 6.45
- data backup S 6.45
- file name conversion when backing up data T 4.24
- improper modification of the registry T 3.22
- lack of auditing under Windows 95 T 2.35
- lack of auditing T 2.35
- setup of user profiles S 2.103
- user profiles S 2.103
Windows NT
- abuse of administrator rights T 5.52
- creating start-up floppy disks for S 6.42
- data backup under S 6.44
- data backup S 6.44
- inadequate protection T 2.31
- password protection under S 4.48
- protection of administrator accounts under Windows NT S 4.77
- protection of devices under S 4.52
- protection of the registry under Windows NT S 4.75
- safeguarding the boot-up procedure S 4.49
- secure configuration of remote access S 5.41
- secure configuration of TCP/IP network administration S 5.42
- secure configuration of TCP/IP network services S 5.43
- secure system version S 4.76
- sharing of directories under Windows NT S 2.94
- structured system administration under S 4.50
- unauthorised acquisition of administrator rights under T 5.79
- use of redundant servers S 6.43
- user profiles S 2.104
Windows NT client-server network
- determining a security strategy for the Windows NT client-server network S 2.91
- performance of security checks S 2.92
- performing security checks in the Windows NT client-server network S 2.92
- secure integration of DOS PC's into S 5.40
- security strategy S 2.91
windows, closed S 1.15
wiring, redundant S 6.18
working place at home, inadequate disposal at T 2.48
workplace, ergonomic S 3.9
WWW
- determining a WWW security strategy S 2.173
- developing a concept for using the WWW S 2.172
- minimal operating system S 4.95
- network address translation (NAT) S 5.70
- one service per server S 4.97
- protection against subsequent changes to information S 4.99
- protection of WWW files S 4.94
- restricting communication to a minimum with packet filters S 4.98
- security of WWW browsers S 5.45
- selection of a suitable Internet service provider S 2.176
WWW -Server
- secure operation of a WWW server S 2.174
- setting up a WWW server S 2.175

© Copyright by
Bundesamt für Sicherheit in der Informationstechnik		 last update:
July 2001
home