2 cissp ® Official Study Guide Eighth Edition

Essential Security Protection Mechanisms 
379
Firmware Version Control
Similar to manual software updates, strict control over firmware in a static environment is 
important. Firmware updates should be implemented on a manual basis, only after testing 
and review. Oversight of 
firmware version control
should focus on maintaining a stable 
operating platform while minimizing exposure to downtime or compromise.
Wrappers
A 
wrapper
is something used to enclose or contain something else. Wrappers are well 
known in the security community in relation to Trojan horse malware. A wrapper of this 
sort is used to combine a benign host with a malicious payload.
Wrappers are also used as encapsulation solutions. Some static environments may be 
configured to reject updates, changes, or software installations unless they’re introduced 
through a controlled channel. That controlled channel can be a specific wrapper. The wrap-
per may include integrity and authentication features to ensure that only intended and 
authorized updates are applied to the system.
Monitoring
Even embedded and static systems should be monitored for performance, violations, com-
pliance, and operational status. Some of these types of devices can perform on-device mon-
itoring, auditing, and logging, while others may require external systems to collect activity 
data. Any and all devices, equipment, and computers within an organization should be 
monitored to ensure high performance, minimal downtime, and detecting and stopping 
violations and abuse.

Download 19,3 Mb.

Do'stlaringiz bilan baham: