Skip to main content
Information Security

Questions tagged [audit]

Ask Question

For questions about the assessment of software, hardware, systems, people, processes, procedures, projects, etc, that are somehow related to the security of an organization or product. Often these are related to a certification the organization or product holds, or looking for tools or processes for performing an audit.

459 questions
Newest Active Bountied Unanswered
14 votes
3 answers
12k views

PostgreSQL Security Audit

Could anyone provide a good resource or check-list for a security review of PostgreSQL?
David Stubley's user avatar
David Stubley
  • 2,896
9 votes
4 answers
2k views

What is an appropriate auditing standard for a law firm?

I'm an IT Admin at a law firm. We handle sensitive customer data and some health records. I'd really like to have an outside consultant assess our data security practices, but I'm not sure what to ask ...
SLY's user avatar
SLY
  • 387
11 votes
6 answers
22k views

Automated tools for Cisco IOS config auditing? [closed]

Are there any automated tools for auditing config files exported from Cisco IOS devices? Free/Open Source is always nice, but anything that does the job would be of interest.
Iszi's user avatar
Iszi
  • 27.2k
7 votes
2 answers
1k views

What a programmer should know before their web service's client audit

Situation: I have created a WS client (.net wcf) for the customer that access a third party web service (Websphere). This WS uses HTTPS and I get a certificate from WS vendor. All works fine, I have ...
Roman Pokrovskij's user avatar
Roman Pokrovskij
  • 283
14 votes
5 answers
2k views

How to get into RFID auditing?

I would like to get more knowledge around RFID-systems auditing. Does anyone have a basic guide step-by-step which I can use to set up a lab with proper RFID "sniffing" equipment? I would like to ...
Chris Dale's user avatar
Chris Dale
  • 16.2k
7 votes
4 answers
1k views

Firewall Reviews - What is in your Toolbox?

In the vein of the questions about forensics, I'd be interested to hear what tools/techniques people use on Firewall reviews, both in terms of periodic reviews as an auditor or consultant, or ...
Rory McCune's user avatar
Rory McCune
  • 62.5k
6 votes
3 answers
775 views

Are Windows security updates audited?

An IT guy said that in his company, the Windows updates (small security updates that are downloaded automatically by the Windows autoupdate) are checked by the auditor. ie: the auditor checks if every ...
Nav's user avatar
Nav
  • 341
7 votes
1 answer
507 views

Are NTFS Alternate File Streams considered a security risk in your organisation; how is it mitigated?

Alternate File Streams allows a user to embed hidden content within any NTFS file. That file can be a TXT file, or MOV for example. Some may consider this a form of steganography, and therefore the ...
makerofthings7's user avatar
makerofthings7
  • 51k
6 votes
1 answer
359 views

What are the resources that an auditor would need to access in read mode?

Here a more concrete question: I am interested in documentation for an External Security Audit for ERP applications. What are the types of External Security Audit for ERP applications? What types ...
Phoenician-Eagle's user avatar
Phoenician-Eagle
  • 2,237

15 30 50 per page
1
27 28 29 30
31