 | 3.1.1. Make users aware of malicious code issues. |
| 3.1.10. Configure the network perimeter to deny all incoming traffic |
| 3.1.11. Secure all remote access methods, including modems and virtual |
| 3.1.12. Put all publicly accessible services on secured demilitarized zone |
| 3.1.13. Disable all unneeded services on hosts and separate critical |
| 3.1.14. Use host-based/personal firewall software to limit individual hosts’ exposure |
| 3.1.15. Create and implement a password policy. |
| 3.1.2. Read antivirus bulletins. |
| 3.1.3. Deploy host-based intrusion detection and prevention systems, including file |
| 3.1.4. Use antivirus software, and keep it updated with the |
| 3.1.5. Configure software to block suspicious files. |
| 3.1.6. Eliminate open Windows shares. |
| 3.1.7. Configure intrusion detection software to alert on attempts to |
| 3.1.8. Configure all hosts to use centralized logging. |
| 3.1.9. Establish procedures for having all users change their passwords. |