Chapter 10
Security Operations
In This Chapter
Using administrative management and control
Managing security operations concepts and controls
Knowing your threats and countermeasures
Understanding auditing and audit trails
Making monitoring a priority
The Security Operations domain introduces several essential concepts. Fortunately, it also overlaps other domains, such as Information Security Governance and Risk Management, Access Control, and Business Continuity and Disaster Recovery Planning.
What do you need to know about the Security Operations domain? We let the official (ISC)2 CISSP study guide answer that question: “The candidate will be expected to know the resources that must be protected, the privileges that must be restricted, the control mechanisms available, the potential for abuse of access, the appropriate controls, and the principles of good practice.”
This chapter covers administrative management and control, security operations concepts and management, security threats and countermeasures, security auditing, audit trails, and security monitoring — everything you need to know about the Security Operations domain (not to be confused with the concept of need-to-know, which we also cover in this chapter)!