Hello,
This thread was moved to the Security & Compliance forum.
Unfortunately, we cannot really help you fill out the CCM. The answers are specific to your environment and require some research on your part (or someone you have hired to assist). In effect, you are using the CCM to perform an audit of your system. You need to know how incidents are handled, how and where AV is implemented, and how you patch all your systems. This is not something an outsider can really answer without a whole lot of information.
If you have a specific question perhaps we can assist, but not much we can do generically other than to interpret the same words you are. There is quite a bit of research required for your virtual/cloud environment to answer any of the CCM questions.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
Hi Friend,
What I understood from this file is.
1.You need to fill the sheet with
1}whether your system is compliance with anti-virus policies. ex. XYZ anti-virus should be installed on each VM
2} Same is the case with Patch management: whether all your systems have compliance with latest patches to reduce security threats? (This can be again policy from your org,)
Same logic for other fields.
Hello,
This thread was moved to the Security & Compliance forum.
Unfortunately, we cannot really help you fill out the CCM. The answers are specific to your environment and require some research on your part (or someone you have hired to assist). In effect, you are using the CCM to perform an audit of your system. You need to know how incidents are handled, how and where AV is implemented, and how you patch all your systems. This is not something an outsider can really answer without a whole lot of information.
If you have a specific question perhaps we can assist, but not much we can do generically other than to interpret the same words you are. There is quite a bit of research required for your virtual/cloud environment to answer any of the CCM questions.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast
