SANS Audit Checklists

The SANS Audit Advice and Resources* website has a free checklists section:

6 VMWare Settings Every IT Auditor Should Know About

5 Things Every IT Auditor Needs to Know About: SSH Configuration

PCI/DSS Self Assessment Tools Update! Verifying Free Web Filters

Active Directory Security Checklist

Auditing Web Applications: Part 1**

Auditing Web Applications: Part 2**

Auditing Web Applications 3: Validating Session Controls**

If you ever have a chance to take a SANS class (or another one), I strongly recommend it. I took a wireless auditing class from SANS and it was excellent.

* If “sans” means without (e.g., a sans serif font has no serifs), does that mean SANS really doesn’t have any advice? Or that you should just go without it?

** This is a five part series, and as of this post, only these have been published.


Leave a comment

Filed under Audit, Security

Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.