MAHAKUMBH

Cyber Security
Readiness Assessment Final Recommendation
Confidential

Version 1.0

TLP: Red
Document ID: MAHAKUMBH-CSRA-FR-001-V1.0

Assessed and Recommended by C3iHUB IIT Kanpur in collaboration with

IIIT Allahabad

For Mahakumbh Management’s Internal Use Only

Disclaimer
This Cyber Security Readiness Assessment final recommendation document is exclusively intended for
benefit of Mahakumbh Management & is considered proprietary. If you are not a subscriber or client
Mahakumbh ManagemenL, you are expressly prohibited from accessing, reading, copying, modifyin
distributing, or otherwise utilizing the content contained within this document. Unauthorized use or disc
is strictly prohibited & may be subject to legal action.
 Disclaimer
This Cyber Security Readiness Assessment final recommendation document is exclusively intended for
benefit of Mahakumbh Management & is considered proprietary. If you are not a subscriber or client
Mahakumbh ManagemenL, you are expressly prohibited from accessing, reading, copying, modifyin
distributing, or otherwise utilizing the content contained within this document. Unauthorized use or disc
is strictly prohibited & may be subject to legal action.
 LI D
TE SC
MI
DI OS
L E,
UR ST
RE T
RI D
C
E
TO E
TH H
MAKU
A H
MB M
CO N
MU Y.
IT

MBH
commendation

R-001-V1.0

r in collaboration with

Use Only

ument is exclusively intended for the

you are not a subscriber or client of Legends
ssing, reading, copying, modifying,
ument. Unauthorized use or disclosure
gal action.
 ument is exclusively intended for the
you are not a subscriber or client of
ssing, reading, copying, modifying,
Terms
ument. Unauthorized use or disclosure
TLP: Red
gal action.

ID: MAHAKUMBH-CSRA-
FR-001-V1.0
 Meaning
Restricted to recipients only:
CSRA- Cyber Security Readiness Assessment Final
Recommendation
001- Document No. 1
V1.0- Version No. 1
Cyber Security Requirements

N/W Segmentation Policy &

Procedures

N/W Architecture Docs

 Server Hardening Procedure

Reviews of Running Server Services

Access Control for Remote Server

Access
 Password Policy

MFA Implementation

Secure COMM Policy

 SSL/TLS Certificate MGMT
Procedures

Asset MGMT Policy

Flagging & Removing Unauthorized

Devices

Device Authorization Procedure

Logging & Monitoring Unauthorized
Device Connection Attempts

Access Control Policy with Key-Based

Authentication for Remote Access

Patch & Vulnerability MGMT

Procedure

Regular Vulnerability Assessments

 Monitoring & Tracking Software
Updates

N/W Security Policy on IP-MAC or

MAC-Port Binding

config in N/W Devices for Binding

Enforcement

ARP Poisoning Test Records

 NIDS/NIPS & Firewall Usage

Logs & Reports from NIDS &

Antivirus Tools

IP Whitelisting Guidelines in Firewall

config

Public N/W Access Restriction

Logs of Attempted Connections &

Actions Taken
Physical Access Controls for N/W
Ports

Physical Security Practices for N/W

Backup Procedures Logs, Testing &

Compliance Reviews
Redundancy & High Availability in
critical infrastructure & services

Infrastructure Docs on Redundancy

Failover Testing Records

Training & Awareness, Records &

Certifications, Preparedness
Assessments
EP Security Tool config & Logs

N/W Segmentation Procedures

Firewall & VLAN config

Monitoring Logs for Unauthorized
Access Attempts
 Policy/Procedure/Process Should be Incorporated in Governance

Documented policy defining N/W segmentation requirements.

Policy guidelines specifying DMZ placement for public-facing services.

Policy Docs defining DMZ-to-internal N/W access control requirements.

Policy section defining roles & respo. for segmentation MGMT.

Document updated schedules for the segmentation policy.
Policy Docs requiring traffic monitoring within the DMZ.

Policy Docs specifying traffic restrictions for public-facing services.

Policy section describing least privilege guidelines.
Policy section mandating encryption for sensitive data in transit & at rest.

Updated N/W diagram showing DMZ placement.

Firewall config & rules.
Updated N/W architecture document.
N/W architecture Docs & segmentation policy.

ACL config logs.

N/W architecture document with IDS/IPS placement.

N/W architecture document with load balancer & WAF details.

Docs of redundancy mechanisms (failover systems).

N/W architecture document & external connection logs.

Docs of zero trust implementations in the architecture.
Documented procedure outlining server hardening practices.

List of disabled/uninstalled services & applications on servers.

Server accounts list with defaults removed or disabled.
Evidence of enabled encryption protocols for server COMM.
List of minimum system config for each server.

Evidence of disabled unused N/W ports on servers.

Evidence of applied software patches & updates.

List of secured administrative tools & access methods.

Documented guidelines for each operating system (Windows, Linux).

Server logs for running services on critical servers.

Documented review reports for active server services.

Logs showing service status changes with timestamps.

Logs or reports identifying unauthorized services.

Documented COMM records of findings.

Alert config for unauthorized service changes.

Securely stored & protected audit trails.

Logs or reports identifying inactive/obsolete services.

Documented log retention policy with log retention duration.

Evidence of automated log analysis tools like SIEM in use.

Documented Access Control Policy for remote access.

List of authorized users with access rights based on least privilege.

Evidence of IP restrictions in access control lists.

Evidence of MFA enforcement for remote access.

List of RBAC config for server access.

Evidence of secure protocols being used (SSH, RDP).

config of real-time alerting for failed access attempts.

Evidence of remote access config through a bastion host.

Documented Password Policy & employee COMM records.

Documented password length & complexity requirements in the policy.
Evidence of enforced password expiration settings in user accounts.
Settings or logs showing password history enforcement.
Evidence of hashing & salting mechanisms for stored passwords.
Docs recommending password manager tools for employees.
Docs of guidelines for phishing & social engineering protection.
Logs or system settings showing forced PW change on first login.
Evidence of lockout thresholds configured in authentication systems.
Documented records of periodic policy reviews & updates.

MFA Implementation Plan document outlining scope, objectives, & strategy.

Records of MFA-enabled systems, applications, & remote access setups.
Docs of integration procedures & compatibility testing.
Docs of supported MFA methods & user provisioning records.
Audit logs or access control records showing MFA usage for privileged accounts.

Training attendance records, user guides, or awareness materials.

Evidence of secure recovery code issuance & storage policies.

Results of penetration tests or MFA-specific security assessments.

System logs showing authentication events & monitoring activities.

Docs of periodic plan reviews & update logs.

Secure COMM Policy document.

Records of HTTPS implementation across web applications.
Implementation guidelines for encryption protocols.

Cipher usage guidelines & key MGMT policies.

Evidence of end-to-end encryption implementation.

Records of disabled protocols in server config.

Email encryption policy, user awareness records.

VPN config records & remote access guidelines.

SSL/TLS Certificate MGMT Procedure document.

Renewal schedule records & alert mechanisms for expiration.

List of trusted CAs, CA-issued certificates.
Active certificate inventory records.
Incident response plans for key compromise scenarios.
Key storage policy, access control records.
config records for certificate encryption settings.
Records of installation processes & audits.

Asset MGMT Policy document.

Asset classification guidelines.

Asset inventory records with unique identifiers.

Logs of asset updates & change records.

Asset lifecycle MGMT guidelines.

Asset security procedures & risk assessments.

Asset ownership records with assigned owners.

Asset disposal guidelines & records of data wiping are needed.

N/W monitoring procedures & detection reports.

Alert config settings & alert logs.

Asset MGMT system records of flagged devices.

Guidelines for removing unauthorized devices & response records.

Logs of quarantined devices & restriction policies.

Investigation reports & forensic analysis logs.

Documented Device Authorization Procedure.

Device authentication policies & config.

Guidelines for device registration, sample device records.
List of approved devices & vendor agreements.

MDM/EMM enrollment records, config guidelines.

Authentication mechanism config, certificate records.

Exception request forms & approval records.

De-registration guidelines, asset disposal records.

N/W connection logs, logging system config.

Sample log records showing connection attempt details.

Log storage security config, access control records.

Alert config settings, notification logs.

Log review schedules, meeting minutes, review reports.
Incident reports, suspicious activity logs.

Documented Access Control Policy with specific sections on SSH key-based authentication.

Documented key MGMT guidelines & process flow diagrams.

List of approved cryptographic algorithms for key generation.
Distribution procedure Docs & key exchange logs.
Role mapping Docs & access control config.
MFA policy documents, MFA config settings.

Audit logs of access reviews, meeting records, & updated access lists.
Logs showing key assignments per user/device/system.

Key revocation logs, exit checklists, & deprovisioning records.

Audit reports, compliance review records, & enforcement logs.

Documented Patch MGMT Policy & Vulnerability MGMT Procedure.

Documented timelines & assigned roles for patch deployment.

Automated patch MGMT system logs, NVD, or CVE subscription.
Vulnerability scan reports & remediation logs.
Vulnerability tracking records, regular review meeting notes.

Vulnerability scan reports, NVD, or scanning platform subscriptions.

Vulnerability assessment reports, CVSS score classifications.

Assessment schedules & documented records of vulnerability assessments.
Vulnerability triage & assignment logs, meeting minutes, & follow-up records.

Remediation effectiveness review reports & meeting notes.

Documented procedures & centralized tracking system reports.

Automated alert config & updated logs with timestamps & administrators.

Patch installation schedules & integration Docs.

Rollback procedure Docs & testing logs.

Audit logs, review meeting records, & compliance reports.

Documented N/W Security Policy.

Policy outlining MAC address binding standards & N/W device config requirements.

Docs of review schedules & defined roles & responsibilities for N/W admins.

N/W segmentation plan, alerting config for binding mismatches.

Remediation procedures, audit & compliance reports.

N/W device config files & port security settings.

Device config settings for dynamic & static IP-MAC bindings.

MAC address table size limits, port security violation settings.
Alert config & integrity check reports.

Device logs for binding enforcement activities & policy violation logs.

Test schedules, ARP poisoning test reports.

ARP poisoning test records, remediation action reports.
Test records documenting man-in-the-middle simulations.
Review meeting records & remediation plans.

Remediation tracking, follow-up assessment records, & audit logs.

Documented Intrusion Detection & Prevention Policy.
Policy guidelines on NIDS & firewall deployment.

Docs on IPS usage, firewall rules, & signature update procedures.

Policy on integration with other security tools & alert threshold guidelines.

Incident response procedures, roles, & responsibilities document.

Logs from NIDS & antivirus tools.

Central log MGMT system & log review procedures.

Docs of log review responsibilities & procedures.

Example logs with metadata (timestamps, IPs, threat severity).

Log retention policy document, log alert config.

Firewall config policy, IP whitelisting guidelines.

Firewall rules for IP whitelisting & N/W segment access list.

IP whitelist review procedure, N/W, & business change Docs.
IP address change approval process, logging of whitelist changes.
Policy review cycle Docs, multi-layered defense strategy.

Public N/W Access Restriction Policy document.

Authentication & access control guidelines in the policy.

Encryption requirements & remediation procedures are in the policy section.

Training schedule & audit/review guidelines.

N/W segmentation guidelines, incident Docs, & archiving procedures.

Access logs with relevant metadata.

Real-time alert config & log entry with mitigation actions.

Centralized log MGMT system & log retention policy.
Logs with records of automated actions & incident responses.
Data retention policy, audit trail.

Physical access controls for N/W ports & signage near ports.

Access control policies for N/W closets & logs of physical access.
Asset inventory for N/W ports & port status records.

CCTV footage & audit reports of N/W ports.

Visitor access control system, incident reports.

Physical Security Policy document.

Guidelines within the policy for restricting access to critical devices.

Access control policy, records of badge, & biometric system usage.
Physical access monitoring procedures & access logs.

CCTV surveillance guidelines in the policy.

Training program Docs & employee awareness training records.

Incident handling procedures in the policy.

Audit schedule & procedures in the policy.

Policy guidelines for securing critical devices in enclosures.

Visitor MGMT procedures in the policy.

Backup logs & reports documenting successful/failed backups.

Sample backup logs showing the date, time, & location of backups.
Backup logs listing files, folders, or databases included.
Backup logs with error/warning records.

Review records & backup administrator/team review logs.

Backup logs with details of failed backups & resolution steps.
Docs on automated backup logging tools & storage methods.

Compliance review reports on backup schedules & retention adherence.

Compliance or security audit reports on backup encryption & transmission security.

Backup log retention policy, stored logs, & compliance review reports.

Approved policy document covering redundancy for systems & infrastructure.

Policy sections on load balancing & data center distribution.

Policy document specifying monitoring & failover testing criteria.
Policy section on roles & responsibilities & RTO/RPO targets.
Policy update schedule, redundancy config Docs.

Updated infrastructure diagrams.

Docs of UPS, generators, & replication methods.

Records of ISP contracts & failover N/W config.

Change logs, contact lists, & updated Docs.

Access logs & secure storage mechanisms for Docs.

Test schedule, recent failover test reports.

Detailed failover test records.

Test reports with success rates, issue logs, & time-to-recovery records.
Test records with real-world failure simulation details.
MGMT review records, action logs for test findings.

Certificates or completion records for relevant cybersecurity certifications.

Approved Training & Awareness Policy.

Policy section outlining training frequency & schedule.

Role-specific training content, including advanced security topics.

Records of tabletop exercises, participation logs.
Policy section on incident response training.

Training content on config MGMT & system hardening.

Policy section on privileged access MGMT training.

Policy section for updating training content.

Policy section & records of training evaluations.

Approved EP Security Policy document.

config settings for EP security tools or group policy objects (GPOs).

Policy section on whitelisting & approval workflows.

Policy section on encryption standards for devices.

Incident reporting guidelines in the policy.

EP security settings, including device control policies.

Policy section on user group coverage.

Policy review logs & revision history.

Policy section defining enforcement & disciplinary measures.

EP logs showing device connection attempts.
config details for real-time monitoring capabilities.

Physical access audit reports, access logs for critical areas.

Approved N/W Segmentation Policy document.

Sections of the policy referencing VLANs, firewalls, DMZs, & segmentation techniques.

Specific access control rules for third parties & unauthorized users.

Policy section addressing IoT, guest N/Ws, & high-risk asset segmentation.
Policy provisions for periodic reviews & testing.

Firewall config & ACLs.

VLAN config Docs & switch settings.
Firewall rule sets & policy Docs.
Firewall logs capturing traffic details (allowed/denied).
N/W diagrams & segmentation Docs showing isolated sensitive systems.

SIEM tool logs, firewall logs, & IDS logs showing unauthorized access attempts.

Firewall, SIEM, & IDS logs containing detailed access attempt records.

SIEM or firewall alert config Docs.

Firewall & IDS logs indicating blocked traffic with timestamps & actions taken.

Incident response & escalation procedures with logs or tickets of escalated events.
Recommendation for Policy Governance and Technical I

Technical Controls Should be Implemented/Defined/Placed in Asset

N/W diagrams

DMZ config. in firewalls

DMZ config. in firewalls
Firewall rules
ACL config
Not applicable (policy-based control).
Change MGMT records for policy reviews.
IDS/IPS Config
N/W Monitoring Tools/SIEM logs.
Firewall & Web Application Firewall (WAF) config.
User Access Control (UAC), RBAC, & server access logs.
TLS/SSL certificate, encryption protocols on servers/applications.

DMZ config. in firewalls

Firewall rules & ACLs on routers.
Firewall config, router rules, & IDS/IPS placement.
VLAN config., firewall segmentation rules, & logical N/W zones.

Router & firewall ACL config.

IDS/IPS config & deployment topology.

Load balancer & WAF config.

High-availability config & failover testing logs.

VPN config, dedicated links, & secure gateway logs.

Zero trust access controls, micro-segmentation config, & MFA implementations.
Server config MGMT tools, Docs review

Server OS config, service MGMT tools

User account MGMT systems, audit logs
Encryption settings, web server config
config MGMT, system baseline checks

N/W config, firewall settings

Patch MGMT tools, OS software update logs

Admin tool access controls, user access logs

OS-specific security config, guidelines, Docs

Log MGMT system, syslog config

Audit logs, review schedules, access control systems

Service monitoring tools, logging config

Intrusion detection systems (IDS), log analysis tools

COMM MGMT systems, security report templates

Intrusion detection systems (IDS), event MGMT tools

Log storage solutions, encryption tools

Service MGMT systems, server config settings

Log retention config, storage policies

SIEM tools, log aggregation platforms

Access control systems, policy Docs

User MGMT system/RBAC

Firewall settings, access control config

MFA config, authentication systems

RBAC systems, user access controls

SSH/RDP settings, VPN config

Security information & event MGMT (SIEM) tools

Bastion host config, remote access logs

Policy repository, email/COMM system

User account settings, password policy enforcement tools
Active Directory or IAM config, system policy settings
Password history settings in IAM or directory services
Hashing algorithms (SHA-256), database storage settings
Password manager tool usage & config
Awareness training materials, phishing simulation tools
User account MGMT systems, policy enforcement tools
Account lockout policies in IAM, authentication tools
Document MGMT system, policy review schedule

Policy repository, document MGMT system

Authentication systems, VPNs, IAM tools
Authentication server config, system compatibility tests
MFA solutions supporting OTPs, tokens, biometrics
Privileged account access controls, MFA usage logs

Awareness & training programs, phishing simulation results

Secure vaults for recovery codes, policies for recovery mechanism usage

Phishing-resistant MFA mechanisms, vulnerability assessment tools

SIEM solutions, authentication event logs

Document versioning system, change MGMT records

Policy repository, document MGMT system

Web servers, application settings
TLS config, encryption libraries

Cipher suite settings, key MGMT systems

Messaging platforms, email servers, encryption mechanisms

Protocol config in servers & applications

Email servers, encryption plugins

VPN servers, remote access logs

Policy repository, document MGMT system

Certificate monitoring tools, certificate expiry alerts

Public Key Infrastructure (PKI), certificate authority checks
Certificate inventory systems
Certificate revocation systems, incident MGMT systems
Hardware Security Modules (HSMs), key MGMT solutions
Certificate details, encryption algorithm standards (RSA, ECC)
Server config, SSL/TLS validation tools

Policy repository, document MGMT systems

Asset inventory database, categorization schema

Asset tagging systems, inventory MGMT tools

config MGMT Database (CMDB), inventory logs

Asset MGMT tools

Security controls, access logs

Asset ownership tracking systems

Disposal records, secure erasure tools

NAC tools, intrusion detection systems

SIEM tools, NAC alert config

Asset MGMT tools, incident tracking systems

Incident response tools, NAC quarantine settings

NAC systems, quarantine policies

Forensic analysis tools, incident MGMT systems

Policy repository, document MGMT systems

N/W Access Control (NAC), identity MGMT systems

Asset MGMT tools, MDM/EMM systems
NAC systems, approved device repository

MDM/EMM platforms, config MGMT databases

NAC systems, device certificate MGMT systems

Exception tracking systems, request MGMT tools

Asset lifecycle MGMT tools, decommissioning logs

SIEM tools, NAC systems, logging servers

SIEM tools, intrusion detection systems (IDS)

Log MGMT systems, SIEM tools

SIEM tools, alert config tools

Incident MGMT tools, review tracking systems
SIEM systems, anomaly detection systems

Policy repository, document MGMT system

Key MGMT systems, secure key storage solutions

SSH config files, cryptographic policy settings
Secure file transfer tools, key exchange mechanisms
NAC systems, RBAC-enabled directory services (LDAP, AD)
MFA tools, authentication logs

IAM tools, review & recertification workflows

Key MGMT systems, SSH server config

IAM systems, access provisioning/deprovisioning tools

SIEM tools, audit MGMT systems

Policy repository, patch MGMT system Docs

IT task MGMT system, team assignments, patch scheduling tool

Patch MGMT software, vulnerability tracking tools
Vulnerability scanning tools, ticketing systems for remediation
Vulnerability MGMT systems, meeting minutes, remediation workflows

Vulnerability scanning tools, NVD subscriptions

Vulnerability MGMT system, CVSS risk classification system

Vulnerability MGMT system, risk MGMT Docs
Ticketing systems, vulnerability MGMT systems, meeting minutes

Remediation MGMT system, meeting Docs

Centralized software update MGMT system, update logs

Patch MGMT tools, monitoring tools

Patch MGMT system, vulnerability tracking tools

Testing environment, change MGMT system

Audit MGMT tools, software update logs

N/W security policy document, ARP poisoning & MAC spoofing prevention measures

N/W device config settings (switches, routers)

Administrative access & monitoring tools, policy review process

N/W segmentation controls, alerting systems (SIEM)

Auditing tools, N/W MGMT systems

N/W device config (switches, routers, firewalls)

config MGMT tools, N/W device settings

Switch config settings, port security settings
SIEM system, N/W monitoring tools

Logging tools, N/W device logs, SIEM

Testing tools (ARP spoofing test tools), test reports

Test logs, vulnerability MGMT system
Testing tools (MITM attack simulators)
Incident response system, remediation tracking

Vulnerability MGMT system, audit log systems

NIDS, IPS, firewall config, policy document
NIDS config, firewall rules

IPS config, firewall signature MGMT, NIDS rules

SIEM integration, NIDS alert thresholds

Incident response Docs, audit logs, NIDS, & firewall logs

Log MGMT system, NIDS, antivirus tools

SIEM systems, log aggregation tools

SIEM, ticketing systems for incident response

Logging config, log data standards.

Log MGMT & retention system, alert config

Firewall rules for IP whitelisting, inbound/outbound traffic filters

Firewall access control lists (ACLs), IP whitelisting rules

N/W change MGMT procedures, IP whitelisting audit logs
Change MGMT logs, firewall config audit logs
IP whitelisting practices, VPN & MFA config

N/W monitoring tools, access control policies

802.1X config, MAC filtering, role-based access controls

SSL/TLS config, remediation procedures

Staff training records, audit, & review reports

N/W segmentation, incident MGMT process

Log MGMT systems & N/W access control logs.

Intrusion detection systems, SIEM integration, alert config

Log MGMT system, retention policy settings
Security tools' automated action logs, incident response records
Data retention policy, audit system logs

Physical security controls, signage policies

Physical access control logs, locked access points

Switch port config, asset inventory MGMT

CCTV surveillance systems, audit records

Access control systems, incident response system

Physical access controls, policy Docs

Access control procedures for critical devices

Badge systems, biometric access control systems
Access logs, physical access monitoring tools

CCTV systems, surveillance footage review

Training logs, employee awareness programs

Incident response procedures, reporting systems

Audit reports, audit schedules

Equipment enclosures, lock mechanisms

Visitor logs, escort procedures

Backup logging tools, report generation tools

Backup software, log MGMT system

Backup software logs, data inventory
Error logging in backup software

Log review process, access control for log files.

Backup failure alerts, resolution Docs
Backup automation tools, encryption protocols for log storage

Compliance review records, backup schedule adherence

Encryption tools, transmission security protocols

Data retention policy, log storage compliance.

Policy documents repository

Load balancing tools, data center architecture

Monitoring tools, automated failover testing tools
Role assignment matrix, alignment with BCP Docs
Version control systems for policy updates

Asset inventory, N/W diagrams

Power supply logs, data replication software

ISP agreements, N/W failover plans

Version control systems, support contact databases

Access control policies, business continuity plans

Test schedules, failover logs

Test records, incident simulation scripts

Monitoring tools, failover testing metrics

Simulated test environments, incident playbooks
Action plans, test review records

Certification tracking system, HR records

Training policy repository, HR policy database

Training MGMT tools, administrator training logs

Training content repository

Incident response tabletop simulation tools
Incident response training tools

Secure config checklists, system hardening guides

PAM systems, privileged access audit tools

Audit logs, incident reports, training content change logs

Training feedback forms, assessment reports, LMS analytics

Policy repository, EP security compliance checklist

EP MGMT tools (Microsoft Intune, CrowdStrike)

Whitelisting logs, device MGMT systems

Encryption tools (BitLocker, VeraCrypt), EP policies

Incident MGMT systems (ServiceNow)

EP tools with USB blocking (Symantec, ESET, MS Defender)

Role-based access control (RBAC) settings

Policy version control records

HR policy integration, compliance logs

Centralized logging systems (SIEM tools like Splunk LogRhythm)
EP tools supporting real-time response (CrowdStrike, Sentinel One)

Physical access systems, CCTV logs, physical security policies

N/W architecture & security policies

VLAN & firewall config, DMZ layout

Access control lists (ACLs), firewall rule sets, user access controls

VLAN config, N/W segmentation reports

Docs of reviews, testing logs, update records

Firewall rule sets, N/W segmentation logs

VLAN config, switch logs
Firewall ACLs, N/W access policies
Log MGMT tools, SIEM system integrations
N/W segmentation setup, firewall config

SIEM system, IDS/IPS logs, firewall logs

Log aggregation tools (Splunk, ELK Stack), SIEM integrations

SIEM alert rules, firewall IDS/IPS config

Log MGMT tools, firewall & IDS logs

Incident MGMT systems, escalation workflows, ticketing systems

lementation for M/S ------------

Evidence Submitted for Compliance Evidence

(Governance) with Evidence No. Number
Evidence Submitted for Technical Implementation
Evidence Number