|
|
A Tool for Development of OVAL Definitions within OpenSCAP Project
Černý, Jan ; Rogalewicz, Adam (referee) ; Smrčka, Aleš (advisor)
This thesis deals with the SCAP standard, used in area of computer security, and describes its open source implementation OpenSCAP. The analysis focuses on OVAL, a language for determining vulnerabilities and configuration issues on computer systems. Typical problems of OVAL are discussed. Based on obtained findings, an extension of the OpenSCAP project for reporting and diagnostics of OVAL interpretation has been designed. The thesis describes implementation, integration and testing of proposed extension.
|
|
| |
|
|
Safety audit of the industrial enterpises
Martanová, Iveta ; Mukhametzianova, Leisan (referee) ; Kotek, Luboš (advisor)
The aim of this diploma thesis is a basic overview of system safety audit in the industrial enterprises with the application and evaluation of methodology of self audit in an industrial enterprises processed according to the Self-Audit Handbook for SMEs designed for small to medium-sized enterprises and to recommend measures to improve the occupational safety and health system.
|
|
|
Safety Audit in Industry
Ringel, Miloslav ; Tabasová, Andrea (referee) ; Babinec, František (advisor)
This diploma thesis contains the basic theoretic information which is needed for implementing of the safety management at the small and middle companies in Czech republic. The thesis explicates the methodology of the Self-Audit Handbook for SMEs and describes self audit applications in the industry.
|
|
|
Preparation and implementation of an OHS audit
Niče, Tomáš ; Kotek, Luboš (referee) ; Blecha, Petr (advisor)
The diploma thesis deals with preparation and implementation of an OHS audit in the industrial enterprise. In the theoretical part, contemporary trends in OHS are described and then attention is kept to the occupational safety, including injury rate in Czech republic and new requirements for occupational health and safety management system according to standard ČSN ISO 45001:2018. In the practical part, company FORTEX – AGS, a.s. is introduced, especially department of transport and mechanization, where was safety audit executed. Then there is assessed occupational health and safety management systém introduced, first by analyzing this system and then by internal audit OHS, in which were requirements new standard ČSN ISO 45001:2018 accounted. At the last part, recommendations are proposed to improvement of occupational health and safety management system and obtaining certificate ČSN ISO 45001:2018.
|
|
| |
|
|
Implementation of a tool for cyber security management
Strachová, Zuzana ; Josef,, Horáček (referee) ; Sedlák, Petr (advisor)
The thesis is focused on the implementation of a software tool to increase the effectiveness of cyber security management. The tool is implemented in a company preparing to be classified as a part of critical information infrastructure. Based on the customer's requirements, a suitable cyber security management tool is selected. Subsequently, I propose a methodology for implementing the tool, which I immediately apply. The output of the work is an implemented tool, risk analysis and security documentation required by law.
|
|
| |
|
|
Automated Security Compliance Scanning of MS Windows Operating System Using OpenSCAP Project
Černý, Jan ; Barabas, Maroš (referee) ; Smrčka, Aleš (advisor)
This work deals with security compliance of computer systems, namely operating systems, applications and system services. Concept of security policies, their evaluation and their enforcement is described. Security compliance automation and the SCAP standard are presented. OpenSCAP project, which is used as an SCAP scanner, is described together with its tools and its usage. An idea to add support of Microsoft Windows within OpenSCAP, which was previously unsupported, is presented. The core part of the thesis is to identify necessary changes of OpenSCAP and to design an extension of this project. All these modifications are implemented. The solution is demonstrated on security policies for Windows. The solution is evaluated and further improvements are discussed.
|
|
|
Mapping Cyber Security Measures: From Legislation to Technical Implementation
Hopp, Jiří ; MSc, Mezera Michal, (referee) ; Sedlák, Petr (advisor)
In my thesis, I focused on creating a systematic tool for mapping technical measures and mitigations to national legislative cybersecurity requirements. I conducted an analysis of the addressed issue, which revealed opportunities for developing the tool and revealed forthcoming changes in legislative requirements based on the EU directive NIS2. In the following part of the thesis, I described the design and development of the mentioned tool in the form of a table. The tool met the client's requirements and mapped relevant technical measures to individual points of the current and NIS2-derived legislative requirements. Based on consultations with the client, I determined that the objectives outlined in the thesis were successfully met and that the developed tool will be utilized in a real-world environment.
|
guest ::
