Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Settings Checked by
System Settings Required Setting
TSCM / Manual
4.1 Encryption
Concentrix's encryption requirements
are defined in CNX_ITSS_005
Chapter 1.2 Authentication, Chapter
1.4 Information Protection and
Confidentiality, and Chapter 3
Application Security. This Technical
Specification defines encryption
facilities that support the basic
requirements. If there are no
Manual encryption facilities specified,
acceptable encryption algorhithms
must be used. Other products can be
used as long as they meet the
Chapter 1.2, 1.4, and 3 requirements.
Add-on product options from None - handled by the host operating system.
Concentrix (not a comprehensive list
Manual or tested)
File/Database Storage
Exceptions:
Files/commands executed that are OSR's and
meet applicable OSR requirements are compliant
and do not have to meet the requirements below.
Shell bult-in commands executed do not have to
TSCM meet the requirements below.
Files/commands/scripts executed are not
required to exist as long as all the existing
directories in it's path meet all the requirements
below.
sudoers config file Each active entry must specify full path of the
file/command/script to be executed.
TSCM Sudo Logging If a sudo-specific log file is used, the file must
Sudo Log File exist
If used, the file must exist
Sudo logging may be accomplished
several ways. If a sudo-specific log is
kept, it must be retained as required
by CNX_ITSS_005 - 1.6.
8 Network Settings
Use of "NOPASSWORD' parameter in This parameter may be used, although it is not
sudoers configuration file required.
Manual
Commands which allow shell escape Sudo access to commands which are able to
escape to a shell is allowed.
However, the provider of service should consider
Manual this issue at the time access is granted.
Examples of such commands: {vi, more}
Methodology
Date Actual
Health Checking Actual Values Used to
Actual Value Values
Requirement Yes/No Documented By Document Actual
Documented
Value
No
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
Yes
Visually reviewed
vivek.grover@concentrix.com settings on the
Value set as per server.
CNX_ITSS_005 Policy 13-May-16
Yes
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
Value set as per
CNX_ITSS_005 Policy 13-May-16
Yes
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
Value set as per
CNX_ITSS_005 Policy 13-May-16
Yes
Visually reviewed
vivek.grover@concentrix.com settings on the
Value set as per server.
CNX_ITSS_005 Policy 13-May-16
No
Yes
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
No NA
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
13-May-16
No NA
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
13-May-16
No NA
Visually reviewed
vivek.grover@concentrix.com settings on the
server.
13-May-16
If EoS fill all the raws. If it
is for HC, filter it with
Health Checking
requirement Yes in column
E
Legend
Finding Level
Final Value Must be
"Compliant" or
"Deviation"
Remarks
=IF(H16=I16,"Comp
liant","Requires
Assessment")