Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Systems Security
Lesson 6
Security Operations and Administration
Identification
Authentication
Authorization
Accountability
• Regulatory compliance
• Organizational compliance
Risk
Data security
Ownership
Adherence to policy
Event logs
Compliance liaison
Remediation
Social
engineering
Policies
Standards
Procedures
Baselines
Guidelines
• Unclassified
• Restricted
U.S. government • Confidential
(standardized) • Secret
• Top Secret
• Public (low)
Private sector • Private (medium)
(not standardized) • Confidential (high)
Configuration control
• The management of the baseline settings for
a system device
Change control
• The management of changes to the
configuration
• Properly tested
• Authorized
• Scheduled
• Communicated
• Documented
Implementation
Build (develop) Acceptance
(transition to
and document testing
production)
Operations and
Disposal
maintenance
Agile
The waterfall
development
model
method