Medium
Agency: | State-wide | Report Date: | September 28, 2012 |
Type: | IT Security Review | LAFRC Date: | October 17, 2012 |
Issued By: | ManTech International Corporation | Period: | May-August 2012 |
[pdf] Download Report
Executive Summary
During the months of May through August 2012, ManTech performed an external vulnerability assessment, internal vulnerability assessment, and penetration testing of the State of North Dakota’s statewide computer network.
Findings
- Implement Formal Patch Management Program
- Internal Segregation of Critical Servers and Development Systems
- Require use of Encrypted Protocols for Remote Management
- Restrict Access to Protocols for Remote Management from the Internet