Please enable JavaScript.
Coggle requires JavaScript to display documents.
CAP 16 Managing security operations (Applying security operations concepts…
CAP 16 Managing security operations
Applying security operations concepts
need to know -> pemissions
least privilege -> privileges
separation of duties and responsabilities
separation of privilege
segregation of duties
two person control
job rotation
mandatory vacations
privileged account management
managing information lifecycle (creation,classification,storage,usage,archive,destruction)
SLA , MOU(memorandum of understanding), ISA (agreement on how transmit data)
personnel safety and security
securely provisioning resources
managing hardware and sofware assets (bar code, rfids, protection of licence keys)
managing virtual assets
managing cloud based assets (ISA->PAS-SAS cloud service provider responsability) (public,private,community,hybrid)
managing configuration
baseline-> default configuration (use images)
managing change
primary goal->avoid outages
easier to check consequences of a change
ITIL
security impact analysis
request the change
review the change
approve/reject the change
test the change
schedule and implement the change
document the change
versioning
configuration documentation
managinf patches and reducing vulnerabilities
patch management
evaluate
test
approve
deploy
verify
vulnerability management
vulnerability scans
vulnerability assessments (similar to scans, but deeper)
CVE (common vulnerabilities and exposures)