The Supplier will provide oversight and verification of the design of NERC CIP V6 compliant security controls, and the specification of those controls for individual Vendor review and installation. A Concept System Protection Profile (SPP) will be generated for classes of BES Cyber Assets based on a logical grouping of the BES cyber assets. These Concept SPPs will be used to focus vendor security configuration efforts, and provide a method of ensuring proper configuration of security controls during each Vendor Security FAT, the IFAT, and Installation. It is anticipated that major SPP groups will be: MS Windows Servers, MS Windows Workstations, Network Devices, and oOther Capable Devices.…show more content… Verify that the OEM AV Management Console (or method) can update the AV signatures on the applicable systems. Obtain print-out documentation from the OEM demonstrating that the applicable systems have the AV software active and current using the OEM AV Management Console (or method).
e. Capture user account baseline configuration of computers, switches and routers to validate and document that all usernames/passwords have been updated.
f. Validate that the NextEra audit policies have been properly implemented by checking the configuration on all appropriate BCAs.
g. Validate that the Security Information and Event Monitoring (SIEM) system is monitoring the logs of all applicable OEM devices and document. Successful detection should include the following: computer restart, unsuccessful login, changes to admin privileges.
h. Run a complete vulnerability scan of the system and document any vulnerability that is discovered versus the OEM tested security configuration for the DCS software level. Mitigation of any vulnerabilities found are to be resolved by OEM.
i. Functional testing of all the major DCS tools during the FAT and/or SAT will be executed with Security Appliances/Features running.
j. Validate that OEM can patch the applicable systems with Security Appliances/Features running and verify system is
