Chapter 11. Privilege Management, Forensics, Risk Identification, Education, and DocumentationTerms you'll need to understand:
Techniques you'll need to master:
After securing both physical and network access, as discussed in Chapter 10, "Organizational Security," it is necessary to plan for proper privilege management over network resource access as well as to plan for later security auditing and incident-response standards. This chapter will look at models of privilege management and basic details relating to risk identification, education, documentation, and post-incident forensics. This chapter will not attempt to cover all possible avenues of risk assessment and response management but will provide you with the necessary details for the exam. Additional resources are detailed at the end of the chapter. |