Network Vulnerability Assessment Checklist 211
33. Encryption requirements for passwords,
security parameters, encryption keys, tables,
etc.
34. Shielding requirements for fiber-optic lines
35. Controls to prevent wiretapping
36. Reporting procedures for all interrupted
telecommunication sessions
37. Identification requirements for station/
terminal access connection to network
38. Printer control requirements for classified
information
39. Appropriate “welcome” connection screens
40. Dial-up access control procedures
41. Anti-daemon dialer controls
42. Standards for equipment, applications,
protocols, operating environment
43. Help desk procedures and telephone
numbers
44. Protocol converters and access method
converters dynamic change control
requirements
45. LAN administrator responsibilities
46. Control requirements to add nodes to the
network
47. Telephone number change requirements
48. Automatic sign-on controls
49. Telephone trace requirements
50. FTP access controlled
51. Are patches tested and applied?
52. Software distribution current
53. Employee policy awareness
54. Emergency incident response plan/
procedure
55. Internal applications control
56. Proper control of the development
environment