Security Operations: Examining Asset Management

Question 1

what are the benefits of asset management?

Answer 1

Improving decision-making through data-driven insights.

Using asset data for strategic planning and resource allocation.

Enabling efficient resource allocation for appropriate resource utilization.

Tracking and safeguarding of valuable assets.

Reducing the risk of asset loss or theft.

Ensuring compliance with regulatory requirements.

Assisting audits through accurate asset tracking.

Minimizing operational costs by optimizing asset life cycles.

Enhancing accountability and responsibility within an organization.

Question 2

What are the processes of obtaining assets? (purchasing)

Answer 2

Govern the acquisition of hardware, software, or other assets before they’re integrated into an organization’s infrastructure.

Includes documenting asset details and ensuring each asset meets security and compliance standards.

Plan
Research
Purchase
Document
integrate

Question 3

What are two key factors of Asset Management?

Answer 3

Ownership and Classification

Question 4

What does ownership entail in Assets management?

Answer 4

Ownership: Designates individuals or teams responsible for specific assets, clarifying who is accountable for asset upkeep, security, and compliance.

Once chosen an owner they will need to consider?

Accountability
Responsibility

Through:
Deployment
Maintenance
Security
Compliance
Retirement

Question 5

What does Classication entail in Assets management?

Answer 5

Classification: The process of categorizing assets based on their type, function, or other relevant criteria. This helps ensure they’re grouped logically for identification, monitoring, management, and retrieval.

Through:

Identification
Monitoring
tracking
Security requirements
Compliance

Question 6

What are the factors to consider when monitoring and tracking assets?

Answer 6

Inventory: It’s important to have a comprehensive list or database of assets for monitoring, management, and security purposes. This can help reduce the risk of unauthorized or unmonitored access points.

Enumeration: This is the process of identifying and cataloging all assets and can include:

Devices

Software

Applications

Infrastructure

Data

Question 7

What are two ways that we can consider when we need to dispose assets?

Answer 7

Sanitations
Destructions

Question 8

What does sanitization involve in asset disposal?

Answer 8

Sanitization: Refers to the irreversible process of removing or erasing sensitive data from a device or storage medium to ensure it can’t be recovered or accessed by unauthorized individuals, thereby helping mitigate data-security risks.

Degaussing

overwriting

Question 9

What does Destruction involve in asset disposal?

Answer 9

Destruction: Refers to the process of physically rendering a device or storage medium unusable or irreparable to ensure that it can’t be retrieved from the medium, thereby helping prevent potential security breaches.

Incinerate

Pay third party for data destruction

Question 10

What do we need to consider when we use third pary vendors for destructions?

Answer 10

Certification: Refers to the process of obtaining formal documentation or proof that the asset-disposal process has been executed according to established security standards and protocols. This helps ensure compliance and security during the disposal process.

Question 11

Why is data retention important?

Answer 11

Data retention: Refers to the process of retaining and preserving specific data or information for a defined period after an asset is retired or decommissioned. Typically, this is done for legal or compliance reasons.