DISA
SECURITY TECHNICAL IMPLEMENTATION GUIDES (STIGs)
and CHECKLISTS
|
The Cyber Security
Research and Development Act requires NIST to develop, and revise
as necessary, a checklist setting forth settings and option selections
that minimize the security risks associated with each computer hardware
or software system that, or is likely to become widely used within
the Federal Government. The development of a checklist for a computer
hardware or software system does not --
- require an
Federal agency to select the specific settings or options recommended
by the checklist for the system;
- establish
conditions or prerequisites for Federal agency procurement or deployment
of any such system;
- represent
an endorsement of any such system by the NIST, nor
- preclude any
Federal agency from procuring or deploying other computer hardware
or software system for which no such checklist has been developed
|
|
|
|
|
|
DISA now provides direct access to the public to their STIGs and
Checklists. Please go to the following link to access their guides:
http://iase.disa.mil/stigs/index.html
On
the DISA web page, you may sign up for the "STIG-News Mailing
List:" to be notified when the latest STIGs are available.
|
|
|
|
|
|
|
|
|
|
|
|
Additional
Sites Containing STIGs and Checklists: |
|
|
|
National
Institute of Standards and Technology (NIST)
Computer Security Division
Systems Administration Guidance for Windows 2000 Professional
(Special Publication 800-43)
http://csrc.nist.gov/itsec/guidance_W2Kpro.html
|
|
National
Security Agency - System and Network Attack Center (SNAC)
http://www.nsa.gov/snac/
|
|
The
Center for Internet Security (CIS)
http://www.cisecurity.org/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|