N2K - Flash Cards - General Security Concepts - Explain the importance of change management processes and the impact to security
What is the term for a time period in which a system will be unavailable due to servicing?
Maintenance Window
Which business process impacts security operations by ensuring that proposed changes undergo thorough review and authorization before implementation?
The approval process of formal change management
What is the primary concern of the BIA?
Business Impact Analysis (BIA) identifies all business resources that could be lost
Allow lists, deny lists, restricted activities, service restart, application restart and legacy applications are examples of what kind of impacts to security in the change management process?
Technical Implications
What is it called when a system is offline and/or unavailable to perform services?
Downtime
Which technical implication impacts change management security operations by stopping and starting specific processes to enforce security policies or apply updates?
Service Restart
What is the term for a plan for reversing changes made during an unsuccessful update to IT operations?
A rollback or backout plan
What is a dependency vulnerability?
Vulnerabilities caused by dependencies on insecure code found in shared or public code repositories.
Which step must be completed before a change request can be sent for approval or denial, according to COMPTIA?
Determining the correct decision-makers for the change
Which two entities are responsible for the majority of project changes?
Stakeholders (including the project sponsor) and team members
Which business process impacts security operations by providing critical feedback on the effectiveness and integrity of proposed changes?
Test Results
Which technical implication impacts change management security operations by limiting or prohibiting certain actions or behaviors to prevent security breaches or unauthorized activities?
Restricted Activities
Which business process impacts security operations by assigning responsibility for overseeing change implementation and ensuring that security considerations are addressed?
Ownership
Which technical implication of change management impacts security operations by restarting specific applications to address security vulnerabilities or apply configuration changes?
Application restart
Which change management process impacts security by ensuring that changes are tracked, documented, and reversible, reducing the risk of unauthorized or malicious alterations?
Version Control