7.7 Auditing Fundamentals 207
Chapter 7
tem performance. Also, patches may introduce new vulnerabilities, or
reintroduce old vulnerabilities. The considerations shown in Figure 7.2 can
help ensure patches do not compromise the security of systems.
7.7 Auditing Fundamentals
Computer security is of increasing importance to private and government
sector entities in minimizing the risk of malicious attacks from individuals
and groups. These risks include the fraudulent loss or misuse of resources,
unauthorized access to release of sensitive information such as tax and medi-
cal records, disruption of critical operations through viruses or hacker
attacks, and modification or destruction of data. According to a recent Gen-
eral Accounting Office (GAO) publication [3], the risk that information
attacks will threaten vital interests increases with the following developments
in information technology:
Figure 7.2
Operating System
Patch process
Obtain the patch from a known, trusted source
Verify the integrity of the patch using cryptographic hashes
Apply the patch to an isolated test system and verify that the patch:
1. Is compatible with other software used on systems where
patches will be applied
2. Does not alter system security posture unexpectedly, e.g.,
altering log settings
3. Corrects the pertinent vulnerability prior to applying the
Back up production systems prior to applying the patch
Apply the patch to production systems using secure methods
Update the cryptographic checksums of key files as well as that sys-
tems software archive
Test the resulting system for known vulnerabilities
Update the master configurations used to build new systems
Create and document an audit trail of all changes
Seek additional expertise as necessary to maintain a secure comput-
ing environment

Get Business Continuity and Disaster Recovery for InfoSec Managers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.