System Resilience, High Availability, QoS, and Fault Tolerance In this part of this tutorial, we'll take a look at System Resilience, High Availability, QoS, and Fault Tolerance to help you understand the different aspects of these concepts. As a CISSP candidate, it is important to be able to differentiate between these concepts: System Resilience: [...]
Implement Recovery Strategies Recovery strategies are important because they have a big impact on how long the organization will be down or have a degraded environment. Backup Storage Strategies In order to cover all reasonable scenarios, backup storage strategies often involve the following: 1- Secure offsite storage: Store backup media at a remote location. [...]
Understand and Participate in Change Management Processes In this part of this tutorial, we'll take a look at change management processes to help you understand the different aspects of change management processes. System, network, and application always require changes. A system that does not change will become less secure over time, as security updates [...]
Implement and Support Patch and Vulnerability Management Patch and vulnerability management is the process of regularly assessing, testing, installing and verifying fixes and patches for software bugs and flaws as they are discovered. Some of software bugs and flaws are security vulnerabilities that could permit an attacker to control a target system and at result [...]
Operate and Maintain Detective and Preventative Measures These days, one of the most important aspects of cyber security is operate and maintain detective and also preventative measures. In this part of this tutorial, we'll take a look at operate and maintain detective and also preventative measures to help you understand the different aspects of [...]
Apply Resource Protection Techniques One of the important aspects of cyber security is resources protection techniques. In this part of this tutorial, we'll take a look at resources protection techniques to help you understand the different aspects of resources protection.. We will look at some tips for managing media and use asset management for [...]
Conduct Logging and Monitoring Activities This topic includes the methods or procedures that help to conduct the logging and monitoring activities. Event logging is an essential part of an organization’s IT operations. Intrusion Detection and Prevention These technologies can use to detect and prevent intrusions. The important thing is that both should be used [...]
Understand Requirements for Investigation Types Investigations and incident management must often be conducted simultaneously in a well-coordinated and controlled manner to ensure that the initial actions of either activity don’t destroy evidence or cause further damage to the organization’s assets. In this part of this tutorial, we'll take a look at requirements for investigation [...]
Conduct or Facilitate Security Audits Security audits should occur on a daily basis according to the policy fixed in place by the organization. Internal auditing normally occurs more frequently than external or third-party auditing. Internal Security auditing should be an ongoing task of the security team. Process of aggregating log data is not very [...]