apiperCIS
commented
5 years ago Internal note (not for spec): Compare the format used for this proposal to the format of the similar 4.9. Which do we prefer for this type of check?
Inputs 1) List of network vulnerability scanning tools 2) Approved configuration(s) for detecting unauthorized wireless access points (WAPs) 3) Approved configuration(s) for alerting on unauthorized wireless access points (WAPs)
Operations 1) For each network vulnerability scanning tool in Input 1, check its configuration against the appropriate approved detection configuration in Input 2. Make a list of those network vulnerability scanning tools that are configured correctly for detecting unauthorized WAPs (M1) and a list of those that are not configured correctly (M2) noting the deviations. 2) For each network vulnerability scanning tool in Input 1, check its configuration against the appropriate approved alerting configuration in Input 3. Make a list of those network vulnerability scanning tools that are configured correctly for alerting on unauthorized WAPs (M3) and a list of those that are not configured correctly (M4) noting the deviations.
Measures M1: List of network vulnerability scanning tools correctly configured for detecting unauthorized WAPs M2: List of network vulnerability scanning tools not correctly configured for detecting unauthorized WAPs M3: List of network vulnerability scanning tools correctly configured for alerting on unauthorized WAPs M4: List of network vulnerability scanning tools not correctly configured for alerting on unauthorized WAPs M5: Count of network vulnerability scanning tools correctly configured for detecting unauthorized WAPs (count of M1) M6: Count of network vulnerability scanning tools correctly configured for alerting on unauthorized WAPs (count of M3) M7: Total count of network vulnerability scanning tools (count of Input 1) M8: List of network vulnerability scanning tools correctly configured for both detecting and alerting on unauthorized WAPs (intersection of M1 and M3) M9: Count of network vulnerability scanning tools correctly configured for both detecting and alerting on unauthorized WAPs (count of M8)
Metrics Ratio of network vulnerability scanning tools correctly configured for detecting unauthorized WAPs: M5 / M7 Ratio of network vulnerability scanning tools correctly configured for alerting on unauthorized WAPs: M6 / M7 Ratio of network vulnerability scanning tools correctly configured for both detecting and alerting on unauthorized WAPs: M9 / M7
Configure network vulnerability scanning tools to detect and alert on unauthorized wireless access points connected to the wired network.Measures
Metrics