Highest Voted 'audit' Questions - IT Security Stack Exchange

9

votes

10 answers

Why is privacy not one of the pillars of information security?

We have the three pillars: confidentiality, integrity and availability. Why is privacy not one of the three pillars?

audit

asked Sep 21 '16 at 00:07

PlayMa256

279
2
5

9

votes

2 answers

Breaching a computer knowing only IP when all ports closed - possible?

I'm checking my setup for security holes with some dedicated Linux distros. First thing I did was to scan all ports, and beyond that - it seems like it's pretty much unhackable. Since all ports were closed, I feel safe, but I wonder - am I…

audit

asked Sep 11 '15 at 13:26

Jack

421
2
4
10

7

votes

2 answers

Did KeePassX ever have an audit funding?

Did KeePassX ever had an Audit Funding like ex.: TrueCrypt? Or any other password manager?

audit

asked Dec 21 '15 at 06:41

Harrrrold1985

105
4

6

votes

1 answer

What are the resources that an auditor would need to access in read mode?

Here a more concrete question: I am interested in documentation for an External Security Audit for ERP applications. What are the types of External Security Audit for ERP applications? What types of resources should be provided in read access only…

audit

asked Nov 29 '10 at 09:39

Phoenician-Eagle

2,237
17
21

6

votes

1 answer

RKHunter and CHKRootkit Warns About /usr/lib/pymodules/python2.7/.path

In relation to my previous question. I have this Warning again from both RKHunter and Chkrootkit. My VPS has been turned off for how many weeks, until I turned it on again to deploy my website. After the deployment, I did the RKhunter Scan and…

audit

asked Mar 05 '14 at 03:18

GaryP

173
6

3

votes

2 answers

Password capturing from dump file or browser after log out

I am working on web application security auditing. I was going through various checklists & methodology. I found one interesting stuff in a document. Type - Configuration Management Security Testing - After logout, I created a dump file of my chrome…

audit

asked Mar 30 '14 at 21:52

FrOgY

329
1
11

3

votes

1 answer

What are the basic points to check during a systems audit?

I work in the petroleum industry and I am 'the young geek'. As such, I am often tasked with writing VBA macros, a bit of JS for data visualization and so on. Lately, I have been assigned the task of 'conducting systems audits'. A few words of…

audit

asked Mar 29 '18 at 13:53

Peter

138
3

3

votes

2 answers

Security Configuration Audit - CIS benchmarks

I'm trying to conduct a comparative study between the standards used to conduct a security configuration audit. I only found CIS benchmarks. If you could suggest some more known standards it would be helpful.

audit

asked Mar 15 '18 at 11:16

Rahmouni Abdelhak

33
5

3

votes

5 answers

How can I easily determine if a website security company is reputable?

Is there a BBB-type listing or some other reputable badge I should look for when choosing someone to perform a security review?

audit

asked Jun 29 '12 at 01:16

Micah Bolen

133
4

3

votes

2 answers

Where do I start to learn more about a given company's or software solutions' security track record?

I don't personally have the resources or authority to audit for security issues all of the third-party services and companies I might want to use or be forced to use by business circumstances. How then can I learn more about their security track…

audit

asked Jul 13 '16 at 01:24

Molly Stewart-Gallus

131
5

2

votes

2 answers

Auditing Event Logs of a System

Soon I will be acquiring the event logs of the systems my company produces and expected to audit them. Multiple logs are generated from each computer and there are multiple operating systems to audit. The systems are isolated from the internet and…

audit

asked Jul 17 '14 at 16:34

Savvly

23
4

2

votes

2 answers

Printer Job Auditing

Is there a way to audit the actual contents of print jobs sent to a Windows 2008 / Windows 2012 print server? I'm not interested in the metadata (pages, username, datatime etc), but the job itself - as in the data that was printed. I can't find…

audit

asked Sep 27 '12 at 08:18

ben

123
3

2

votes

4 answers

Is it safer to trust software/company that has been hacked in the past?

Which is better, when you have choices between 2 competing products: First one, which has never been publicly reported about being hacked or having security holes or Second one, which has had bad days in the past, and was hacked (critical…

audit

asked Oct 14 '18 at 12:57

T.Todua

2,727
4
21
30

2

votes

1 answer

SOC 2 audit for small business (6 employees) with no IT department

One of our clients is demanding that we complete a SOC 2 Type II audit. There is no way we will meet the standard, and, considering we only handle publicly available data, it is ridiculous that they are asking for one. We're talking about 6-8 Excel…

audit

asked Sep 24 '18 at 17:44

user1454170

21
1

2

votes

1 answer

Information Security Audit - Employment Contract

As part of a a security audit, a customer has asked for some documentation - usual stuff - data classification policy, incident management policy etc. They have also asked for a blank employment contract. I don't see what use this could really be to…

audit

asked Apr 06 '17 at 10:42

iainpb

4,172
2
18
35

Questions tagged [audit]