Microsoft System Center 2012 R2 Compliance Management Cookbook -- Table of Contents -- Microsoft System Center 2012 R2 Compliance Management Cookbook -- Credits -- About the Authors -- About the Reviewers -- www.PacktPub.com -- Support files, eBooks, discount offers, and more -- Why subscribe? -- Free access for Packt account holders -- Instant updates on new Packt books -- Preface -- What this book covers -- What you need for this book -- Who this book is for -- Conventions -- Reader feedback -- Customer support -- Errata -- Piracy -- Questions -- 1. Starting the Compliance Process for Small Businesses -- Introduction -- Planning the scope of a basic compliance program -- Getting ready -- How to do it... -- How it works... -- Scope definition defined by the business -- Scope definition defined by regulatory, standard, contractual, or internal requirements -- An example on how to start with scope definition -- There's more... -- Understanding possible controls for compliance -- Getting ready -- How to do it... -- How it works... -- Evaluating the efforts of controls -- Getting ready -- How to do it... -- How it works... -- Bringing it all together into a basic compliance program -- Getting ready -- How to do it... -- Step 1 - understanding the terms of the authority document -- Step 2 - identifying objects and/or requirements based on key words -- Step 3 - identifying controls that fulfill this objective -- Step 4 - mapping controls to your business - defining the scope -- Step 5 - mapping controls to your business - defining the type of controls -- Step 6 - mapping controls to your business - defining the broader scope to simplify controls -- How it works... -- 2. Implementing the First Steps of Basic Compliance -- Introduction -- Preparing for the creation of a compliance baseline -- Getting ready -- How to do it... -- How it works...

OU design -- GPO design -- Installing Security Compliance Manager -- Getting ready -- How to do it... -- How it works... -- See also -- Creating a compliance baseline using GPO to ensure system security -- Getting ready -- How to do it... -- How it works... -- There's more… -- Auditing or checking your existing GPO policies against established standards -- Exporting baselines to other tools -- Deploying new GPO settings -- Active Directory Domain Services fine-grained password policies -- Implementing the GPO baseline in Active Directory -- Getting ready -- How to do it... -- There's more... -- Test your customized GPO baseline using LocalGPO -- The Advanced Group Policy Management tool -- 3. Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager -- Introduction -- Configuring Microsoft System Center 2012 Configuration Manager for compliance -- Getting ready -- How to do it... -- Creating a configuration item -- Creating a baseline -- Deploying a baseline -- Monitoring and reviewing baseline compliance -- How it works... -- There's more... -- Compliance assessment scheduling -- Remediation -- User data and profiles -- Company Resource Access -- Remote Connection Profiles -- See also -- Creating a baseline to monitor for unapproved software -- Getting ready -- Enable Configuration Manager for software inventory -- How to do it... -- Creating a software label -- Assigning a software label -- Reporting unapproved software -- How it works... -- There's more... -- See also -- Creating a baseline to monitor for unapproved hardware and virtual systems -- Getting ready -- How to do it... -- Enabling a discovery method -- Reviewing discovery data -- How it works... -- There's more... -- Delta Discovery -- See also -- Using Security Compliance Manager baselines in Microsoft System Center 2012 Configuration Manager.

Getting ready -- How to do it... -- How it works... -- There's more... -- See also -- 4. Monitoring the Basic Compliance Program -- Introduction -- Planning a compliance program for Microsoft System Center 2012 Operations Manager -- Getting ready -- How to do it... -- Monitoring failed logons caused by a brute-force attack -- Logging any access to files in a shared folder on a server -- How it works... -- Monitoring failed logons caused by a brute-force attack -- Logging any access to files in a shared folder on a server -- There's more... -- Defining other compliance program events to monitor -- Adding a compliance program monitor in Microsoft System Center 2012 Operations Manager -- Getting ready -- How to do it... -- Creating a group in SCOM 2012 -- Creating a monitor in SCOM 2012 -- How it works... -- There's more... -- Testing the created compliance program monitor -- See also -- Installing Microsoft System Center 2012 Operations Manager Audit Collection Services to support the compliance program -- Getting ready -- How to do it... -- How it works... -- There's more... -- Checking whether ACS reports are installed -- See also -- Configuring a compliance program in Microsoft System Center 2012 Operations Manager Audit Collection Services -- Getting ready -- Setting permissions in the registry key on the SCOM 2012 ACS Server -- Copying the required files from the SCOM 2012 installation media -- How to do it... -- Creating an ACS Filter on the SCOM 2012 ACS server -- Activating the Microsoft System Center 2012 Operations Manager Audit Collection Services Forwarder -- Activating auditing on a folder of the file server -- How it works... -- There's more... -- Check the ACS Forwarder configuration on the audited server -- Checking the auditing filter on the SCOM 2012 ACS server.

Checking the audit data for the specified folder in the SCOM 2012 ACS database -- See also -- 5. Starting an Enterprise Compliance Program -- Introduction -- Using project management in your compliance approach -- Getting ready -- How to do it... -- Step 1 - defining and understanding the reason for your company's compliance program -- Step 2 - defining and understanding the approach to the compliance program -- Step 3 - defining and understanding the project structure -- How it works... -- See also -- Understanding management support -- Getting ready -- How to do it... -- How it works... -- Defining your communication approach -- Getting ready -- How to do it... -- How it works... -- Planning the risk assessment approach -- Getting ready -- How to do it... -- How it works... -- There's more... -- Planning documentation requirements -- Getting ready -- How to do it... -- How it works... -- Defining your test approach -- Getting ready -- How to do it... -- How it works... -- 6. Planning a Compliance Program in Microsoft System Center 2012 -- Introduction -- Understanding the responsibilities of the System Center 2012 tools -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also -- Planning the implementation of Microsoft System Center 2012 Service Manager -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also -- Planning the connection of the System Center 2012 components -- Getting ready -- How to do it... -- How it works... -- There's more... -- Automating CSV import -- See also -- Planning and defining the responsibilities for a compliance program -- Getting ready -- How to do it... -- How it works... -- Responsibility - primary owner of the overall compliance baseline -- Responsibility - primary owner for remediation in case of noncompliance -- Responsibility - primary owner for controls.

Planning System Center Service Manager 2012 related settings and configuration -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also -- Planning and defining compliance reports -- Getting ready -- How to do it... -- Compliance status / audit reports -- Stakeholder-targeted reports -- Complete -- Measurable -- Relevant -- Transparent -- How it works... -- There's more... -- See also -- 7. Configuring a Compliance Program in Microsoft System Center 2012 Service Manager -- Introduction -- Configuring connectors in System Center 2012 Service Manager to support a compliance program -- Getting ready -- How to do it... -- Configuring the Active Directory connector -- Configuring the Configuration Manager Connector -- Configuring Operations Manager CI connector -- How it works... -- There's more... -- Adding more than one connector in SCSM -- See also -- Adding Configuration Items manually in System Center 2012 Service Manager to support a compliance program -- Getting ready -- How to do it... -- How it works... -- There's more... -- Importing CIs manually via CSV -- Adding new classes in SCSM 2012 -- See also -- Configuring compliance process Incident Classification Categories in System Center 2012 Service Manager -- Getting ready -- How to do it... -- How it works... -- There's more... -- Adding compliance-program-related categories for Change Management -- See also -- Adding support groups in System Center 2012 Service Manager to support the compliance program -- Getting ready -- How to do it... -- How it works... -- There's more... -- Creating a new view for compliance-related Incidents based on the support group in SCSM 212 -- See also -- Creating compliance program Incident templates in System Center 2012 Service Manager -- Getting ready -- How to do it... -- How it works... -- There's more...

Adding compliance program Change Request templates in SCSM 2012.