What is the objective of the external monitoring domain of the maintenance model?
We’ve updated our privacy policy so that we are compliant with changing global privacy regulations and to provide you with insight into the limited ways in which we use your data. Show
You can read the details below. By accepting, you agree to the updated privacy policy. Thank you! View updated privacy policy We've encountered a problem, please try again.
Concepts:Chapter 12Chapter 12 closes the book, and discusses maintaining your IT security system and program once they are installed. The author points out that protection must be dynamic and fluid because threats, exploits, and risks are always changing and new ones are always emerging. On page 511, the text has a list of seven events that may require a reaction or a change in a security program:
The point in the text is that any or all of these events may occur while you are standing up your security program, which should lead you to start a cycle of reexamination and improvement. The text should point out that these events take place constantly, so staff who work in IT security should be watching for them. When these and other changes take place, IT security staff should take the actions that are required, whether those actions are to make improvements or to rebuild entire solutions. The text spends the next twenty four pages discussing the application of a security management model from the NIST. Refer to the thirteen point list on page 575 (in the chapter review) to see an overview of this model. It is probably never used in its entirety. Many organizations are very
compartmented, and the interests of the security division may be addressed by mandated interactions between it and other departments, rather than by direct oversight. For instance, it seems very appropriate that the head of the security division should be involved in information security governance, security planning, and risk management. It seems less likely that such a person would be involved in system development, except for systems the security staff
own or use. Security awareness and training? Sure. Capital planning and investment control? Not really, except to make proposals for spending in the security division. I think the author may have inserted this section on managing security simply because he had not used it yet in this book. It is useful background about things a company might do, but it does not fit in the chapter as well as we might like. Be aware that several of these concerns may fall under other
organizational banners, for reasons that have to do with organizational structure, money and staffing, or both. On page 536, the author returns to the topic of the chapter. He presents a list of five subject areas that all fit in the larger concept of security maintenance. Then the headings on the sections that follow make it difficult to know which pages are about which subject area.
The chapter concludes with a discussion of forensics, gathering and preserving evidence when there is suspected wrongdoing. A forensic investigation is typically one that concerns a crime. This section is about computer forensics, investigations into crimes that involve computers and other information system equipment. The text discusses five aspects of an investigation:
Assignment 1: Chapter 12 Review Questions
What are the primary objectives of the internal monitoring domain?the primary goal of the internal monitoring domain is an informed awareness of the state of the organization's networks, information systems and information security defenses. This awareness must be communicated and documented, especially for components that are exposed to the external network.
What are the five domains of the General information security Maintenance Model?The five domains of the security maintenance model are external monitoring, planning and risk assessment, internal monitoring, readiness and review, and vulnerability assessment and remediation.
What are the three primary aspects of information security risk management Why is each important?The CIA triad refers to an information security model made up of the three main components: confidentiality, integrity and availability. Each component represents a fundamental objective of information security.
Why maintenance of the information security program is needed on an ongoing basis?It requires ongoing maintenance and continual improvement, which ensures that policies and procedures are kept up to date, resulting in better protection for your sensitive information.
|