Please enable JavaScript.
Coggle requires JavaScript to display documents.
Chapter 11 - Coggle Diagram
Chapter 11
Time to Implement
purchasing servers and hardware
providing training to administrators
balancing servers on different power grids
installing and configuring servers
adding power from a different source
testing
adding additional air-conditioning capacity
implementing
adding an additional equipment bay
CBA Report
a CBA (cost-benefit analysis) helps determine whether a countermeasure should be used
risk to be mitigated
initial costs
annual or recurring costs
a comparison of the costs and benefits
annual projected benefits
recommendation
Best Practices
including current countermeasures in analysis
controlling costs
prioritizing countermeasures
controlling the schedule
redoing CBAs if new costs are identified
following up
staying within the scope
Password Policy
maximum age
password history (no repeated passwords)
complexity
minimum age
password length minimum/maximum
Measure Countermeasure's Performance
adding a server to the web farm
transferring nodes on the failover cluster logically
removing a server from the web farm
shutting down the active node on the failover cluster
measuring the load on the web farm
Risk Assessment Steps
identify and evaluate relevant vulnerabilities
identify and evaluate countermeasures
in-place
planned
approved
identify and evaluate relevant threats
develop mitigating recommendations
Identifying Countermeasures
creating a script to check account usage
controlling physical access to employee areas
creating an account management policy
Mitigation Plan Considerations
time to implement the countermeasures
operational impact of the countermeasures
cost to implement the countermeasures
installation
facility
initial purchase
training