Chapter 8 - 06 - Understand the Fundamentals of CM and Asset Management - 02_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
CompTIA
Tags
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools What is Configuration Management? O Configuration manageme...
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools What is Configuration Management? O Configuration management is a technical and administrative process employed to build and ensure the stability of a product’s performance, track the product’s real-time operation, and keep the product updated all the time Q Itis an activity performed to ensure that software or hardware is running as expected, even if configuration changes are made Configuration Management Activities Configuration Management Configuration Configuration Configuration Configuration Configuration Management and Status Verification Identification Control Planning Accounting and Audit What is Configuration Management? Configuration management (CM) is a technical and administrative process employed to build and ensure the stability of a product’s performance, track the product’s real-time operation, and keep the product updated all the time. CM is an activity performed to ensure that software or hardware is running as expected, even if configuration changes are made. CM is also referred to as IT service management, and it guarantees that the configuration of system resources, servers, and other assets is effective and trusted. CM helps in building robust and sound systems with the use of tools that can automatically control and monitor updates to configuration data. Without automation, a failure to update software manually can leave the system with an obsolete version of the software, thus making the system susceptible to malware attacks. Automation enhances efficiency and makes the process of system management easy. CM majorly focuses on maintaining servers, software, and network in a determined state and contains the description of the required state for systems and software automation. CM is an organized method of managing changes that ensures the overall integrity of the system. It enforces a set of methods, policies, and tools that can handle, assess, and monitor changes as well as maintain the system’s repository and documents supporting the applied changes. Module 08 Page 1121 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Configuration Management Activities Configuration Configuration Management Managemen Configuration Manegementand Managementand Configuration Configuration Configuration Configuration = Identification Control Status Accounting Verification and Audit Planning v’ This activity involves v/ It entails the v It involves the v Itis an activity of v ltisan settings directions, settings and assessment of recording and independent expectations, and baselines that change reporting baselines review of software configuration determine the recommendations for individual and hardware to strategies as well as architecture or and requests as configuration items assess their preparing formal system/subsystems, well as the tracking at a point in time compliance with documentation of items, and of the standards, product the requirements developments approval/disapprov baselines, and basic procedures al status performance for precise requirements, and configuration policies management Copyright © by EC- cil. All Rights Rights Reserved. Reproduction is Strictly Prohibited. Configuration Management Activities Configuration management (CM) for both software and hardware is performed through five activities. Each activity is performed as a procedure or policy to build a baseline and implement a standard CM process. Configuration Mianagement Management Configuration -. :. :0 Configuration Configuration Confi ti Configuration tion Configur : : ation Configuration Configur ation Configuration g8 oniigura 4 Management and Identification Control Status Verification Accounting and Audit A Figure 8.20: Configuration management activities Configuration management and planning: This activity involves setting directions, expectations, and configuration strategies as well as preparing formal documentation of the requirements and basic procedures for precise configuration management. Supporting the CM program involves the following elements. o Personnel: Personnel refers to prominent individuals responsible for conducting the activities of the CM program such as configuring, reviewing, monitoring, and performing day-to-day configuration activities and preparing appropriate documentation. o Responsibilities and resources: A record of configuration management tools, products, resources, and the supportive environment required for the configuration management process are maintained in the document. Module 08 Page 1122 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Training requirements: These entail the training procedures, techniques, or programs necessary for personnel and CM teams that conduct configuration management activities. Administrative meeting guidelines: These guidelines contain the administrative directions to design and implement the procedures, tools, functions, services, and processes necessary for making configuration management successful. Baselining processes: These are processes of documenting the steps involved in the configuration process and relevant information such as time, metrics, role, and volume. They also involve specifying the breakdown points of the configuration process. The documentation is also incorporated with all the approved changes made to the system. Configuration control: It is a part of configuration management (CM) that contains the record of co-ordination, assessment, approval/disapproval status, and applied changes to the configuration items after creating their configuration identification. Configuration-status accounting: It is a part of CM that contains the record and report of the information required to manage the configuration easily and effectively. The required information can be the approved configuration identification, status of recommended changes to the configuration, and enforcement status of approved changes. Naming conventions: A naming convention with the label is used to identify the configuration items (Cls) and products that are under CM. Naming conventions are also used to uniquely identify individual configuration items and different versions of items. Audits and reviews: Audits are conducted to ensure that a Cl or a set of Cls that create a baseline comply with the specified rules, requirements, and standards. Reviews are conducted to validate the Cls and approve configuration changes. Subcontractor/vendor CM requirements: Vendors or subcontractors should be certified to conduct configuration management. The vendor should take overall responsibility for configuration management activities. = Configuration identification: It entails the settings and baselines that determine the architecture or system/subsystems, items, and other developments. It is a fundamental factor that identifies and documents system changes and further uses them for monitoring via different SDLC phases such as design, development, testing, and deployment/delivery. Configuration identification covers the following elements: o Identifying applicable Cls o Creating baselines for controls and maintaining revisions and versions o Identifying the granted configuration document of the functional and physical attributes related to the system or item Module 08 Page 1123 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools o Generating records that can be stored in the configuration management database (CMDB) o Providing documents for external audits and CM o Managing the Cl document library inside the CMDB Configuration control: It involves the assessment of change recommendations and requests as well as the tracking of the approval/disapproval status. Controlled change processes should be implemented properly and should provide organized mechanisms and standard working methods to efficiently plan, control, record, and validate the product as well as data. Controlled configuration is achieved using a CMDB or other relevant databases that allow centralized and logical access to configuration files or data, which hold information such as Cls and their characteristics, documentation, baselines, relationships, and changes. The change requests are generally placed in the CMDB. Configuration status accounting: It is an activity of recording and reporting baselines for individual configuration items at a point in time. In case of suspicious items, the baseline configuration and approved changes are instantly validated. The CMDB is employed to trace requests for modifications. The primary goal of the system is to offer improved coordination, accountability, and overall visibility. The records detailing the Cls should be created and stored in the CMDB. Further, the CMDB should allocate a unique identity to every request for change and maintain the inventory of all the change requests. The CMDB should hold appropriate information regarding Cls, their baselines, documents, attributes, relationships, and changes. The record of changes should include the following: o Appropriate reasons for changes o If arecommended change is approved, that change should be applied to the Cl and other areas influenced by it. o Maodified Cls should be rolled out only after thorough review and approval. Changes should not be accepted until they are properly validated and approved. Configuration verification and audit: It is an independent review of software and hardware to assess their compliance with standards, product baselines, performance requirements, and policies. Configuration audits verify whether a product complies with physical and functional attributes before being approved in the baseline documentation. Configuration auditing is also performed to ensure the integrity of the systems, Cls, processes, and baseline compliances. Change control activities are also performed in configuration auditing. Further, it is helpful in accurately maintaining the CMDB by verifying the efficacy of changes, accomplishment of change management activities, and data and documentation, and it guarantees the compliance of the project with given standards, agreements, and requirements. The record of audit and individual lapses associated with processes should be stored in the CMDB so that relevant action items, shutdown dates, and Module 08 Page 1124 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools dropped activities are tracked easily. Configuration auditing should be conducted periodically, and records should be maintained in the CMDB. Advantages of Configuration Management Increased efficiency: CM provides management control and minimizes the risks of downtimes and malicious intrusions by creating clear visibility, which enables the precise tracking of any modifications applied to the system. Cost reduction: With detailed knowledge of all the elements of configuration, there will be no scope for the unnecessary duplication of assets. Increased agility: With CM, organizations can attain increased agility and faster issue resolution, which result in high-quality services. Efficient change management: Configuration management reduces the probability of product incompatibility issues. Faster restoration of services: During downtimes, the system can be easily restored if configuration strategies are properly recorded and automated. Disaster recovery: CM ensures that lost assets are easily recoverable. Uptime and reliability: CM ensures that the service is always active, thus making the website reliable. Scalability: CM allows the inclusion of more services into the active application. Module 08 Page 1125 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.