Security+ Certification/Compliance and Operational Security

From Wikibooks, open books for an open world
< Security+ Certification
Jump to: navigation, search

Compliance and Operational Security[edit]

Explain risk related concepts[edit]

  • Control types
    • Technical
    • Management
    • Operational
  • False positives
  • Importance of policies in reducing risk
    • Privacy policy
    • Acceptable use
    • Security policy
    • Mandatory vacations
    • Job rotation
    • Separation of duties
    • Least privilege
  • Risk calculation
    • Likelihood
    • ALE
    • Impact
  • Quantitative vs. qualitative
  • Risk-avoidance, transference, acceptance, mitigation, deterrence
  • Risks associated to Cloud Computing and Virtualization

Carry out appropriate risk mitigation strategies[edit]

  • Implement security controls based on risk
  • Change management
  • Incident management
  • User rights and permissions reviews
  • Perform routine audits
  • Implement policies and procedures to prevent data loss or theft

Execute appropriate incident response procedures[edit]

  • Basic forensic procedures
  • Order of volatility
  • Capture system image
  • Network traffic and logs
  • Capture video
  • Record time offset
  • Take hashes
  • Screenshots
  • Witnesses
  • Track man hours and expense
  • Damage and loss control
  • Chain of custody
  • Incident response: first responder

Explain the importance of security related awareness and training[edit]

  • Security policy training and procedures
  • Personally identifiable information
  • Information classification: Sensitivity of data (hard or soft)
  • Data labeling, handling and disposal
  • Compliance with laws, best practices and standards
  • User habits
  • Password behaviors
  • Data handling
  • Clean desk policies
  • Prevent tailgating
  • Personally owned devices
  • Threat awareness
  • New viruses
  • Phishing attacks
  • Zero days exploits
  • Use of social networking and P2P

Compare and contrast aspects of business continuity[edit]

  • Business impact analysis
  • Removing single points of failure
  • Business continuity planning and testing
  • Continuity of operations
  • Disaster recovery
  • IT contingency planning
  • Succession planning

Explain the impact and proper use of environmental controls[edit]

  • HVAC
  • Fire suppression
  • EMI shielding
  • Hot and cold aisles
  • Environmental monitoring
  • Temperature and humidity controls
  • Video monitoring

Execute disaster recovery plans and procedures[edit]

  • Backup / backout contingency plans or policies
  • Backups, execution and frequency
  • Redundancy and fault tolerance
  • Hardware
  • RAID
  • Clustering
  • Load balancing
  • Servers
  • High availability
  • Cold site, hot site, warm site

Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives

Exemplify the concepts of confidentiality, integrity and availability (CIA)[edit]