matthew at linuxfromscratch.org
Mon Jan 5 13:00:30 PST 2004
On Sun, 04 Jan 2004 22:32:01 -0500
Robert Connolly <cendres at videotron.ca> wrote:
> This looks like a pretty good guild.
> http://www.businesscontinuityinternational.com/threat Assesment.htm
If people want a (supposedly) thorough threat analysis/assessment they
could do worse than http://niap.nist.gov/tools/cctool.html.
Admittedly, the Common Criteria (CC) is a largely worthless statement of
the security of a system (at least up to Evaluation Assurance Level
(EAL) 4), but the questions posed by cctool can at least get someone
thinking about the right kind of areas to consider securing. As an
example MS Windows 2000 reached EAL4
BTW: The tool is Java based - those without a JRE need not download.
More information about the hlfs-dev