|
2.0 Compliance and Operational Security
2.1 Explain risk related concepts
- Control types
- Technical
- Management
- Operational
- False positives
- Importance of policies in reducing risk
- Privacy policy
- Acceptable use
- Security policy
- Mandatory vacations
- Job rotation
- Separation of duties
- Least privilege
- Risk calculation
- Quantitative vs. qualitative
- Risk-avoidance, transference, acceptance, mitigation, deterrence
- Risks associated to Cloud Computing and Virtualization
2.2 Carry out appropriate risk mitigation strategies
- Implement security controls based on risk
- Change management
- Incident management
- User rights and permissions reviews
- Perform routine audits
- Implement policies and procedures to prevent data loss or theft
2.3 Execute appropriate incident response procedures
- Basic forensic procedures
- Order of volatility
- Capture system image
- Network traffic and logs
- Capture video
- Record time offset
- Take hashes
- Screenshots
- Witnesses
- Track man hours and expense
- Damage and loss control
- Chain of custody
- Incident response: first responder
2.4 Explain the importance of security related awareness and training
- Security policy training and procedures
- Personally identifiable information
- Information classification: Sensitivity of data (hard or soft)
- Data labeling, handling and disposal
- Compliance with laws, best practices and standards
- User habits
- Password behaviors
- Data handling
- Clean desk policies
- Prevent tailgating
- Personally owned devices
- Threat awareness
- New viruses
- Phishing attacks
- Zero days exploits
- Use of social networking and P2P
2.5 Compare and contrast aspects of business continuity
- Business impact analysis
- Removing single points of failure
- Business continuity planning and testing
- Continuity of operations
- Disaster recovery
- IT contingency planning
- Succession planning
2.6 Explain the impact and proper use of environmental controls
- HVAC
- Fire suppression
- EMI shielding
- Hot and cold aisles
- Environmental monitoring
- Temperature and humidity controls
- Video monitoring
2.7 Execute disaster recovery plans and procedures
- Backup / backout contingency plans or policies
- Backups, execution and frequency
- Redundancy and fault tolerance
- Hardware
- RAID
- Clustering
- Load balancing
- Servers
- High availability
- Cold site, hot site, warm site
- Mean time to restore, mean time between failures, recovery time objectives and recovery point objectives
2.8 Exemplify the concepts of confidentiality, integrity and availability (CIA)
|
|
|