2 cissp ® Official Study Guide Eighth Edition


Understand service-level agreements



Download 19,3 Mb.
Pdf ko'rish
bet679/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   675   676   677   678   679   680   681   682   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Understand service-level agreements.
Organizations use service-level agreements (SLAs) 
with outside entities such as vendors. They stipulate performance expectations such as 
maximum downtimes and often include penalties if the vendor doesn’t meet expectations.
Understand secure provisioning concepts.
Secure provisioning of resources includes 
ensuring that resources are deployed in a secure manner and are maintained in a secure 
manner throughout their lifecycles. As an example, desktop personal computers (PCs) can 
be deployed using a secure image.
Understand virtual assets.
Virtual assets include virtual machines, a virtual desktop 
infrastructure, software-defined networks, and virtual storage area networks. Hypervisors 
are the primary software component that manages virtual assets, but hypervisors also pro-
vide attackers with an additional target. It’s important to keep physical servers hosting vir-
tual assets up-to-date with appropriate patches for the operating system and the hypervisor. 
Additionally, all virtual machines must be kept up-to-date.
Recognize security issues with cloud-based assets.
Cloud-based assets include any 
resources accessed via the cloud. Storing data in the cloud increases the risk so additional 
steps may be necessary to protect the data, depending on its value. When leasing cloud-
based services, you must understand who is responsible for maintenance and security. The 
cloud service provider provides the least amount of maintenance and security in the IaaS 
model.
Explain configuration and change control management.
Many outages and incidents can 
be prevented with effective configuration and change management programs. Configuration 
management ensures that systems are configured similarly and the configurations of sys-
tems are known and documented. Baselining ensures that systems are deployed with a 
common baseline or starting point, and imaging is a common baselining method. Change 
management helps reduce outages or weakened security from unauthorized changes. A 
change management process requires changes to be requested, approved, tested, and docu-
mented. Versioning uses a labeling or numbering system to track changes in updated ver-
sions of software.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   675   676   677   678   679   680   681   682   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish