Chapter 10

Security Operations

In This Chapter

Using administrative management and control

Managing security operations concepts and controls

Knowing your threats and countermeasures

Understanding auditing and audit trails

Making monitoring a priority

The Security Operations domain introduces several essential concepts. Fortunately, it also overlaps other domains, such as Information Security Governance and Risk Management, Access Control, and Business Continuity and Disaster Recovery Planning.

What do you need to know about the Security Operations domain? We let the official (ISC)2 CISSP study guide answer that question: “The candidate will be expected to know the resources that must be protected, the privileges that must be restricted, the control mechanisms available, the potential for abuse of access, the appropriate controls, and the principles of good practice.”

This chapter covers administrative management and control, security operations concepts and management, security threats and countermeasures, security auditing, audit trails, and security monitoring — everything you need to know about the Security Operations domain (not to be confused with the concept of need-to-know, which we also cover in this chapter)!