Lesson 14: Summarize Security Governance Concepts Flashcards
What are policies, and what do they support?
High-level documents defining security commitments, ensuring compliance, and supporting governance.
Can you give examples of common security policies?
Examples: Acceptable Use Policy (AUP), Incident Response, Business Continuity, and Disaster Recovery policies.
What is the purpose of guidelines?
Flexible recommendations to support policy implementation, providing best practices for tasks.
What are procedures, and why are they important?
Step-by-step instructions ensuring tasks align with policy, promoting consistency and efficiency.
How does personnel management contribute to security?
Through recruitment, onboarding, and termination policies that ensure security and compliance.
What is critical during onboarding?
Background checks,
Secure transmission of credentials,
Asset allocation,
Training
How does offboarding prevent security risks?
By disabling accounts, retrieving company assets, and revoking privileges.
What frameworks establish compliance and security benchmarks as industry standards?
ISO/IEC 27001, NIST SP800-63, PCI DSS, and GDPR.
What are internal standards focused on?
Organizational practices ensuring consistent access control, encryption, and physical security.
What are playbooks used for in security operations?
Providing centralized strategies for consistent operations, incident response, and continuous improvement.
What do change management programs handle?
Changes to software, configurations, infrastructure, and updates with robust planning and risk assessment.
What is the purpose of impact analysis in change management?
o evaluate the implications of proposed changes.
Why are test results and backout plans necessary?
To ensure changes can be reversed if they cause issues.
How can you reduce confusion regarding documentation?
Keep the documentation (policies, diagrams, and procedures) up to date in order to improve accuracy and reduce confusion.
Why is it critical to consider dependencies in change management?
Its critical to consider interconnections between services to avoid unintended outages.
What challenges do legacy systems pose in change management?
Outdated technology, lack of vendor support, and extensive customizations, requiring cautious management.
How does automation benefit security operations?
It reduces manual tasks, improves efficiency, and combats operator fatigue.
What are some tasks that can be automated?
You can automate baseline enforcement, vulnerability scanning, patching, and ticket generation for improved detection and response times.
What is the purpose of provisioning in automation?
To automate resource allocation.
How does automation support continuous integration and testing?
When you are automating you are code testing and the more you do it you are able to improve the quality of the automation/code.
What role do APIs play in automation?
APIs enhance workflows and system communication, ensuring seamless integration between applications.
What challenges can arise during automation implementation?
High initial cost, complexity, risk of single points of failure, and technical debt.
What benefits does automation provide?
Enforces standard configurations, improves compliance, streamlines auditing, and strengthens governance.
