Security+ 2008 Lab Overview SY0-201-SS01.csv

    The process of managing changes made to systems in a company. Specifically; it's the process of TESTING; IMPLEMENTING and DOCUMENTING changes made to the system.This includes but is not limited to: INSTALLING; UPGRADING and CONFIGURING Apps; services; and Operating Systems Components; installing and configuring Hardware; Network configuration changes; Beta testing on non-production systems; performance testing to ensure proper deployment and most any change that happens to a device on the Network
  2. Change Management Procedures should be
    Well documented to ensure that all employees are using the PROPER procedures. Everyone will be able to view all of the changes that have been made to they System. For all these reasons change DOCUMENTATION is so important.
  3. Change Control DOCUMENTATION provides
    Information of changes that have been made to the system and often provides BACK OUT steps that show how to restore the system to its previous working state.
  4. The concept of CLASIFICATION is
    Assigning various CLASSIFICATION or LABELS to INFORMATION or DATA. Example: in the Military and large Commercial Businesses these labels are used: Public; Sensitive; Private; Confidential; Unclassified; Secret; Top Secret; Proprietary and For Your eyes only; to name a few... Once data has been classified; Specific Handling; Storage; and Security requirements for each classification level. These include WorkFlow; BackUp and Recovery; encryption; User access; Storage and Retrieval and Disposal Procedures and so on.
  5. Due Dilegence and Due care are closely related terms. Explain each
    "DUE DILIGENCE in legal terms is defined as the PROCESS of REASEARCHING & INVESTIGATING all reasonable aspects of a particular course of action. Example: Before you implement a security measure
  6. Due Diligence and Due Care - in simple terms
    Due Diligence is identifying POTENTIAL RISKS and THREATS; while DUE CARE is ACTING UPON the conclusion of these findings to mitigate the Risks and Threats.

    • Due Diligence = Do Detect, as in attempting to reasonably detect all known Risks
    • Due Care = Do Correct, as in follow the reasonable procedures to do the correct or reasonable thing
Card Set
Security+ 2008 Lab Overview SY0-201-SS01.csv