HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Technicals Security Audits for BS7799
Go to: HSC Trainings
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Technicals Security Audits for BS7799  
> Access to the content HTML Beginning of the presentation
PDF PDF version [345 KB]
AdobeFlash Adobe Flash version  
> Description Standard BS7799 consists of a whole of measurements aiming to adopt, on a well defined perimeter, the good practices in term of security management. Measurements to be set up are, at the same time, technical and organisational.
This presentation shows by examples the importance of measurements of a technical nature. It also up to what point explains the audits of technical security contribute to the setting in conformity BS7799.  
> Context & Dates Talk presented during the 7799 annual conference organized by ISSA, on 24 May 2005.
 
> Author Alexandre Fernandez-Toro (Alexandre.Fernandez@hsc.fr) , Hervé Schauer (Herve.Schauer@hsc.fr) 
> Type [ French - HTML ]  
> Abstract &
Table of content
Flyleaf
Plan
Les audits de sécurité techniques
Lien souvent manquant dans la sécurité
Deux populations
La BS7799
L'audit dans la BS7799
BS 7799-2:2002, annexe A
Mesures de sécurité techniques
A.9.4.6 Segregation in networks
A.10.2.4 Output data validation
Mesures de sécurité techniques
BS7799
Apports de la BS 7799-2:2002
Apport des audits techniques
BS7799 <-> Audits techniques : atout
Conclusion
Prochains rendez-vous
Références
Ressources
Ressources HSC
Remerciements
Annexe : audit de sécurité technique  
> Related documents
themeStandard ISO27001 / ISO17799
[Course]  Juridique de la SSI
[Course]  ISO27001 Lead Auditor
[Course]  ISO 27005 Risk Manager
[Course]  Indicateurs et tableaux de bord de la SSI / ISO 27004
[Course]  Implementation of ISO17799 and ISO27001 (BS7799-2) standards
[Course]  Gestion des risques SSI
[Course]  Gestion des mesures de sécurité et norme ISO 27002
[Course]  Identity and Access Management
[Course]  Sécurité du Cloud Computing
[Course]  Formation RSSI
[Course]  Essential of ISO27001 series
[Course]  Présentation de la certification ISO 27001
[Presentation]  [25 November 2010 - French]
[Presentation]  How to respond to new security challenges [24 September 2010 - French]
[Presentation]  ISO 27005 risk management methodology [15 April 2010 - French]
[Presentation]  ISO 27005 risk management methodology [12 June 2009 - French]
[Presentation]  RGS Presentation [11 June 2009 - French]
[Presentation]  Five questions about the real utility of ISO 27001 [3 June 2009 - French]
[Presentation]  ISO27001 / ISO27002 Norms - Principles and technical aspects [11 February 2009 - French]
[Article]  L'abécédaire de la norme ISO 27005 [1 December 2008 - French]
[Presentation]  Information Security Management System [26 November 2008 - French]
[Article]  La norme ISO 27005 [30 September 2008 - French]
[Article]  Le management de la sécurité des systèmes d'information enfin normalisé par l'Afnor [15 May 2008 - French]
[Presentation]  ISO 27001 and risk management [10 April 2008 - French]
[Presentation]  Return on Investment with ISO 27001 [3 April 2008 - French]
[Presentation]  use of ISO 27001 within companies [15 February 2008 - French]
[Presentation]  ISO 27001 standard : A global and consistent approach ? [7 February 2008 - French]
[Presentation]  Mutualization oportunities between ITIL and ISO 27001 [30 January 2008 - French]
[Presentation]  ISMS and ISO 27001 standard, introduction and perpectives [21 November 2007 - French]
[Presentation]  Information Security Management System - ISO 27001 [8 November 2007 - French]
[Article]  La norme ISO 27001 [8 October 2007 - French]
[Article]  La gestion de risque pour la série de normes ISO 2700x [3 September 2007 - French]
[Presentation]  Security strategies : ISO 27001 [13 June 2007 - French]
[Presentation]  ISO 27001 Certification [24 May 2007 - French/English]
[Presentation]  ISO 27005 : Risk management [15 May 2007 - French]
[Presentation]  ISO 27001 : interest of ISMS implementation [11 May 2007 - French]
[Presentation]  ISO 27001, the standard of the future ? Wich role in our information systems security strategy ? [26 April 2007 - French]
[Presentation]  Oportunities for the simultaneous implementation of ITIL and ISO 27001 [19 April 2007 - French]
[Presentation]  ISO 27001 standards [28 March 2007 - French]
[Article]  Performance des services informatiques et sécurité de l'information [28 February 2007 - French]
[Presentation]  Introduction to ISMS [15 December 2006 - French]
[Presentation]  Information Security Certifications [28 November 2006 - English]
[Presentation]  ISO 27001 Certification [26 October 2006 - French]
[Presentation]  ISO 27001 principles and certification [12 October 2006 - French]
[Presentation]  ISO 27004 : ISMS measurement and measures [21 April 2006 - French]
[Presentation]  How to choose indicators for ISO 27001? [5 April 2006 - French]
[Presentation]  ISO27001 Lead Auditor course [7 March 2006 - French]
[Presentation]  Why and how undertake a 7799 project ? [16 June 2005 - French]
[Presentation]  BS7799 Standard Interest and usage [13 February 2005 - French]
[Presentation]  Security Certifications for individuals [28 April 2004 - French]
[Presentation]  Usage of BS-7799 in technical security audits. [23 March 2004 - French]
[Presentation]  use of ISO17799 & BS7799-2 standards [18 January 2004 - French]
[Presentation]  Useful standards for network security [20 October 2003 - French]
themeAudit
[Service]  Audit & Assessment
[Presentation]  Feedback on security audits [1 April 2008 - French]
[Presentation]  Useful standards for network security [20 October 2003 - French]
[Presentation]  Audits, Assessments and Penetration Tests [22 January 2003 - French]
[Presentation]  Audits, Assessments and Penetration Tests [26 June 2002 - French]
[Presentation]  Network auditing [12 November 1997 - French]
[Presentation]  Tests and evaluation of Internet security solutions [30 May 1997 - French]
[Presentation]  Autohack [13 June 1995 - French]
[Presentation]  Satan [11 April 1995 - French]
> Copyright © 2005, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 19 May 2005 at 13:51:55 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants