6.3: Auditing Network Infrastructure Flashcards
Auditing Network infrastructure includes:
- Enterprise architecture
- Network architecture
- Security architecture
- Standards
- Change management
- Capacity Management
- Configuration Management
- Administrative access management
- Network components
- Log management
- User access management
Examine SECURITY ARCHITECTURE of Network infrastructure
Examine security architecture documents, including critical and sensitive data flows, network security zones, access control devices and systems, security countermeasures, intrusion detection systems, firewalls, screening routers, gateways, anti-malware, and security monitoring.
Examine STANDARDS of Network infrastructure
Examine standards documents and determine whether they are reasonable and current. Examine a sample of devices to see whether they conform to these standards.
Examine CHANGE MANAGEMENT of Network infrastructure
All changes to network devices and services should be governed by a change management process. Auditor should review change management procedures and records, and examine a sample of devices and systems to ensure that changes are being performed within change management policy.
Examine CONFIGURATION MANAGEMENT of Network infrastructure
Determine whether any configuration management standards, procedures, and record exist are used. Examine the configuration of a sampling to see whether configurations are consistent from device to device.
Examine ADMINISTRATIVE ACCESS MANAGEMENT of Network infrastructure
Examine access management procedures, record, and configurations to see whether only authorized persons are able to ACCESS and MANAGE network devices and services.
Examine NETWORK COMPONENTS of Network infrastructure
Examine several components and their configuration to determine how well the organization has contracted its network infrastructure to support business objective
Examine LOG MANAGEMENT of Network infrastructure
Determine whether administrative activities performed on network devices and services are logged. Examine the configuration of logs to see if they can be altered. Examine logs to determine whether any unauthorized activity are taking place.
Examine USER ACCESS MANAGEMENT of Network infrastructure
Examine user ID convention, password controls, inactivity locking, user account provisioning, user account termination, and password reset procedures.