Security+ 2008 Lab Overview SY0-201-SS01.csv

The process of managing changes made to systems in a company. Specifically; it's the process of TESTING; IMPLEMENTING and DOCUMENTING changes made to the system.This includes but is not limited to: INSTALLING; UPGRADING and CONFIGURING Apps; services; and Operating Systems Components; installing and configuring Hardware; Network configuration changes; Beta testing on non-production systems; performance testing to ensure proper deployment and most any change that happens to a device on the Network

Well documented to ensure that all employees are using the PROPER procedures. Everyone will be able to view all of the changes that have been made to they System. For all these reasons change DOCUMENTATION is so important.

Information of changes that have been made to the system and often provides BACK OUT steps that show how to restore the system to its previous working state.

Assigning various CLASSIFICATION or LABELS to INFORMATION or DATA. Example: in the Military and large Commercial Businesses these labels are used: Public; Sensitive; Private; Confidential; Unclassified; Secret; Top Secret; Proprietary and For Your eyes only; to name a few... Once data has been classified; Specific Handling; Storage; and Security requirements for each classification level. These include WorkFlow; BackUp and Recovery; encryption; User access; Storage and Retrieval and Disposal Procedures and so on.

"DUE DILIGENCE in legal terms is defined as the PROCESS of REASEARCHING & INVESTIGATING all reasonable aspects of a particular course of action. Example: Before you implement a security measure

Due Diligence is identifying POTENTIAL RISKS and THREATS; while DUE CARE is ACTING UPON the conclusion of these findings to mitigate the Risks and Threats.

• Due Diligence = Do Detect, as in attempting to reasonably detect all known Risks
• Due Care = Do Correct, as in follow the reasonable procedures to do the correct or reasonable thing