Main Page

From POA&M Evidence Guidelines

POA&M Evidence Guidelines

Style Guide

Consult the User's Guide for information on using the wiki software.

BACKGROUND INTRODUCTION Screenshot, Command Line, and Documentation Evidence Criteria

Contents 1 EVIDENCE COLLECTION METHODOLOGIES 1.1 Operating Systems 1.2 Security Platforms 1.3 Databases 1.4 Applications 1.5 Physical Environment 1.6 Virtualization Platforms 1.7 Network Devices 2 SITUATIONAL GUIDANCE 3 Getting started

EVIDENCE COLLECTION METHODOLOGIES

Operating Systems

• AIX / HP-UX / QShell / RHEL / Solaris / z/Linux
• i5/OS, System i & AS/400
• Windows
• z/OS

Security Platforms

• Active Directory
• Windows NT Domains
• CA ACF2
• Secret CA Top Secret
• RACF
• IBM Tivoli Identity Manager
• RSA ACE/Server
• SunOne LDAP

Databases

• DB2
• MS SQL
• Oracle
• Sybase

Applications

• Apache
• IIS
• JRE
• MQSeries
• Tomcat
• WebLogic
• WebSphere
• ClearQuest
• Remedy
• Citrix
• Lotus Notes
• SiteMinder

Physical Environment

Virtualization Platforms

• VMware ESX
• z/VM

Network Devices

• Checkpoint
• Cisco
• F5 (Big-IP)
• Netscreen

SITUATIONAL GUIDANCE

• Cisco Password Hashes
• Code Samples
• Creating Command-Line Evidence Using Hashing
• Linux Applications Using Non-Standard Installation Method
• Creating Mainframe Output with SDSF
• Appropriate Sampling Methodology

Getting started

• Configuration settings list
• MediaWiki FAQ
• MediaWiki release mailing list