Thesis Details
Nástroj pro bezpečnostní audit OS Linux/Unix/AIX
The subject of this bachelor's thesis is in regards to an issue of automated testing of Linux, Solaris and AIX operating systems according to security configuration audit in consideration of applicable norms and established standards. The bachelor thesis deals with risk analysis, its assessment and risk mitigation and evaluation policy compliance. For this purpose, a tool was designed for operating systems mentioned earlier. It is implemented in the bash script language. The tool allows automated vulnerability management depending on established standards of SCAP: CCE, CVE, XCCDF, OVAL and CIS a NVD specifications. Moreover, it helps to reduce the time requirements during the auditing process while preserving an integrity of the auditing system.
information security, configuration audit, risk analysis, policy compliance, risk mitigation, security configuration remediation, automated vulnerability management, system assessment, ISO/IEC 27000, CIS, NVD, SCAP, CCE, CVE, XCCDF, OVAL
Burget Lukáš, doc. Ing., Ph.D. (DCGM FIT BUT), člen
Matoušek Petr, doc. Ing., Ph.D., M.A. (DIFS FIT BUT), člen
Peringer Petr, Dr. Ing. (DITS FIT BUT), člen
Vašíček Zdeněk, doc. Ing., Ph.D. (DCSY FIT BUT), člen
@bachelorsthesis{FITBT18865, author = "Martin Koppon", type = "Bachelor's thesis", title = "N\'{a}stroj pro bezpe\v{c}nostn\'{i} audit OS Linux/Unix/AIX", school = "Brno University of Technology, Faculty of Information Technology", year = 2016, location = "Brno, CZ", language = "czech", url = "https://www.fit.vut.cz/study/thesis/18865/" }