CISSP Domain 7

Absence of a Business Intelligence (BI) solution

Inadequate cost modeling

Improper deployment of the Service-Oriented Architecture (SOA)

Insufficient Service Level Agreement (SLA)

Certify and approve releases to the environment

Provide version rollbacks for system changes

Ensure that all applications are approved

Ensure accountability for changes to the environment

Consolidation of multiple providers

Directory synchronization

Web based logon

Automated account management

Continuously without exception for all security controls

Before and after each change of the control

At a rate concurrent with the volatility of the security control

Only during system implementation and decommissioning

Guaranteed recovery of all business functions

Minimization of the need decision making during a crisis

Insurance against litigation following a disaster

Protection from loss of organization resources

Determine the cause of the incident

Disconnect the system involved from the network

Isolate and contain the system involved

Investigate all symptoms to confirm the incident

Collecting security events and correlating them to identify anomalies

Facilitating system-wide visibility into the activities of critical user accounts

Encompassing people, process, and technology

Logging both scheduled and unscheduled system changes

Negotiate schedule with the Information Technology (IT) operation’s team

Log vulnerability summary reports to a secured server

Enable scanning during off-peak hours

Establish access for Information Technology (IT) management

Notifying law enforcement is crucial before hashing the contents of the server hard drive

Identifying who executed the incident is more important than how the incident happened

Removing the server from the network may prevent catching the intruder

Copying the contents of the hard drive to another storage device may damage the evidence

Risk Control

Facility Disaster

Compromisation

Asset Threats