6.1 : Auditing Operating Systems Flashcards

1
Q

Auditing operating systems requires attention to:

A
  • Standards
  • Maintenance and support
  • Change management
  • Configuration management
  • Security Management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Auditor examining standards

A

Examine written standards to see if they are complete and up-to-date. Examine a sampling of servers and workstations to see whether they comply with the written standards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Maintenance and support Examination

A

Auditor should examine business record to see whether the operating system running on servers or workstations are covered by maintenance or support contracts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Examination of change management

A

Examine OS change management processes and records to see whether changes are being performed in a systematic manner.
All changes made should be requested and reviewed in advance, approved by management, and recorded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Examine configuration management

A

Examine configuration management processes, tools, and recordkeeping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Examine security management

A

The auditor should examine security configuration on a sample of servers, and workstations, and determine whether they are hardened or resemble manufacturer default configuration. Examine also patch management and administrative access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly