April 2016
Intermediate to advanced
558 pages
19h 52m
English
book
Information Security Management Handbook, Volume 5, 6th Edition
by Micki Krause Nozaki, Harold F. Tipton
Content preview from Information Security Management Handbook, Volume 5, 6th Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
382 ◾ Information Security Management Handbook
VSH06 Restrict usage of vSphere administrator privilege
Enforce the rule of least privilege and separation of duties by only granting
administrative rights to those users that actually need it to get their job done.
VSC01 Do not use default self-signed certificates
You can mitigate a large part of the risk of a man-in-the-middle attack by
simply replacing self-signed certificates with certificates from a commercial
Certificate Authority (CA) or an organizational CA. is is low hanging
fruit in risk mitigation and should be a prerequisite in the deployment of any
virtual realm.
VSC02 Monitor access to SSL certificates
Any nonservice account access to the directory containing SSL certificates
should be