Summary

In this chapter, you learned the key elements of security management, best practices, change management, computer forensics, law enforcement, and privacy regulations.

Security management is an ongoing process that requires the use of best practices and documentation. These processes attempt to document and classify the policies, procedures, and guidelines you need to implement an effective security policy.

Computer forensics is the process of gathering data, protecting it, and analyzing the results of an incident. Here are the three A's of forensics:

  • Acquire the evidence.

  • Authenticate the evidence.

  • Analyze the evidence.

This process should be done in conjunction with a skilled forensic expert who can ensure that information is not tainted in these steps. Tainted evidence is inadmissible in a legal process.

The chain of custody ensures that information is protected, analyzed, and stored in a manner that ensures the safety of the information or device. The process should log all activities with the evidence from the time it is initially collected until it is used in a trial. All activities involving the evidence should be well documented.

The issue of involving law enforcement is a big one. This decision should be made only in consultation with legal opinion and the consensus of management. The legal process, once started, is under the control of a law enforcement agency, and it is out of your hands.

The best practices of computer security include information classification, information retention, storage, and information destruction policies. Best practices also include the security policy, usage policies, backup, configuration management, inventories, change, and user management.

In order to carry out an effective security management process, an organization must allocate sufficient resources, identify responsibilities, and implement prevention, enforcement, and educational opportunities. It is unrealistic to expect that an effective security policy can be implemented and maintained unless users, managers, and technical staff are equipped to deal with these changes.

The process of implementing change requires careful consideration of the systems that the change process affects. This requires clear sponsorship, realistic expectations, and adequate training. Change is difficult for everyone involved in the process. Successfully implementing change requires patience, persistence, and a clear vision about the objectives of the change.

Implementing changes should only occur after they have been tested and documented, and concerned individuals should be notified of the change and what the impact is expected to be.

Your job as a security professional includes keeping yourself up-to-date on current issues, as well as informing affected parties of changes occurring in the industry and new threats. Numerous trade publications and websites are available to help you grow in the field and educate decision makers in your organization.

The process of raising sensitivity about security is part of a security awareness program. This program should include communications about the nature of the issues, education about policies and procedures, and clear support from management.

For an organization to stay on top of security issues, it must keep operating systems, applications, and network devices up-to-date. Policies must be kept current as the environment changes, and personal development initiatives of individuals must be considered. This helps the organization stay current with security issues and provides a growing base of knowledge in the organization about the issues.

There are numerous security and privacy regulations that affect security management and your environment. These laws or acts govern privacy, security, and the use of information systems and resources. Become aware of these laws and the impact they have on your organization.



CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net