Chapter 8 - 06 - Understand the Fundamentals of CM and Asset Management - 03_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
Tags
Related
- Chapter 3 - 02 - Discuss Network Security Fundamentals - 01_ocred.pdf
- Chapter 3 - 02 - Discuss Network Security Fundamentals - 02_ocred.pdf
- Chapter 3 - 02 - Discuss Network Security Fundamentals - 03_ocred.pdf
- Chapter 3 - 02 - Discuss Network Security Fundamentals - 04_ocred.pdf
- Chapter 3 - 02 - Discuss Network Security Fundamentals - 05_ocred.pdf
- 5. Computer Security - Lec 4.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools O Configuration r...
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools O Configuration review is a process of verifying the configuration settings of hardware and software devices/components such as systems, servers, Configuration ° and firewalls in an enterprise. a The Security Content Automation Protocol Review (SCAP) is a standard evaluation process used to validate the security standards of an organization’s network and devices connected to the network Standard Components of SCAP Open Vulnerability Assessment Extensible Configuration Checklist Language (OVAL) Description Format (XCCDF) » Itis an international information security » Itis a language used for writing security contents community standard for evaluating and such as checklists, system configuration reporting system condition procedures, and benchmarks It uses XML schema to expose the vulnerabilities Y in a system Copyright © by All Rights Reserved. Reproduction is Strictly Prohibite Configuration Review Configuration review is a process of verifying the configuration settings of hardware and software devices/components in an enterprise. Configuration review covers devices such as systems, servers, firewalls, and all the other network-connected devices. While adding a new device or a component to the network, if the configuration is not fully implemented, the entire network can become vulnerable to attacks. It is important to schedule a periodical evaluation of system security and configuration review of security components, which can eliminate misconfiguration issues and default configuration settings. Security Content Automation Protocol (SCAP) The Security Content Automation Protocol (SCAP) is a standard evaluation process used to validate the security standards of an organization’s network and devices connected to the network. It is an automated process that checks for bugs, security misconfigurations, and product updates and explores the vulnerabilities in the network. SCAP is a combination of multiple standard components, some of which are as follows. = Open Vulnerability Assessment Language (OVAL): OVAL is an international information security community standard for evaluating and reporting system condition. It uses a standard Extensible Markup Language (XML) schema to expose the vulnerabilities in a system. = Extensible Configuration Checklist Description Format (XCCDF): XCCDF is a language used for writing security contents such as checklists, system configuration procedures, and benchmarks. An XCCDF document is a set of security configurations of selected systems and is developed in a system-understandable format. Compatible software can only be used to validate the system. Module 08 Page 1126 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Configuration Management Tools Network Configuration Manager is a network change, configuration, and compliance Ansible management solution for various network https://www.ansible.com https://www.onsible.com devices Network Configuration Manager e Desa Po CFEngine Change Mansgerment https.//cfengine.com https://cfengine.com Pelicies (¢ HIPAAROICy HIPAAROIcy vRealize Automation SaltStack Config https://www.ymwore.com https://www.vmware.com Microsoft Endpoint Manager https://www.microsoft.com Puppet Enterprise https.//puppet.com https://puppet.com https//www.manageengine.com https/fwww.manageengine.com il. All Rights Reserved. Reproduction isis Strictly Prohibited. Configuration Management Tools Configuration management tools are used to perform various activities to ensure the stability of physical and logical assets. These tools are used to locate and track configuration items (Cls) and store relevant data in the configuration management database (CMDB). = Network Configuration Manager Source: https://www.manageengine.com Network Configuration Manager is a network change and compliance management solution for various network devices. It helps in automating and managing the configuration management lifecycle. Network Configuration Manager consists of various features that include the following: o Automated configuration backup o Scheduling configuration backup o Database backup and disaster recovery o Baseline configuration o Configuration versioning and comparison Module 08 Page 1127 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Network Configuration Manager HDesaQ Pu Dashboard Inventory Compliance Change Management Alarms Tools Settings Reports Support Policies (6) HIPAAPolicy oOopRDZ opDzZ e @ policy new O N[ G oORl® e # HIPAA Compliance Policy. NCM runs Actions NCM runs through all the associated Actions through afl sl the associated devices devices Runaing configuration and Running configur ation and ensures the Run Compliance Check endures the configuration stay compliant Run Compliance Check Chec configuration stay compliant 1o the to the policy's rules, policy's policy’s rubes. Associate Associate Dev Device Associate Associate Devices Devices Your or ganization is Run Adhoc Test Please ensure that you Run Adhoc Test 100% 1(1)% compliant to O% satisty all the the Comofiant Comoliant Regulatory Regulatory (8 Y Mandates Mandates - Gene Generate enerate Renort Report Comoliant Coempliant compliance o < snerate (G enerate B Reoort Report eport ] ompli 0 Viol: Violats 0 Figure 8.21: Dashboard of Network Configuration Manager The following are some additional configuration management tools: * Ansible (https://www.ansible.com) (https.//www.ansible.com) » CFEngine (https://cfengine.com) = vRealize Automation SaltStack Config (https.//www.vmware.com) »* Microsoft Endpoint Manager (https.//www.microsoft.com) *» Puppet Enterprise (https://puppet.com) Module 08 Page 1128 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Change Management ? Change Management Process Change management is a process of managing the changes to an organization’s IT systems and infrastructure L @’ P | Doemen Analyze ‘9 : Change RaEecs Management Process The main focus of change management is to enforce an appropriate plan for implementing and controlling changes ' and assisting individuals in adapting to Implement “M o 3 Changes ~ - those changes : — Changes o Change Management Change management is a process of managing the changes to an organization’s IT systems and infrastructure. It is an organized procedure that addresses the enterprise’s objectives, functionalities, and technologies. The main focus of change management is to enforce an appropriate plan for implementing and controlling changes and assisting individuals in adapting to those changes. The change management process should be attentively planned and executed because unwanted changes to a system or network can cause adverse effects on the associated processes and components. The management process must be implemented with a rollback mechanism so that any unintended changes can be reverted. The changes are then classified based on their expected impacts and risk levels on the organization’s assets. The change control process, a subset of the change management process, is a technique employed to request and approve changes in a controlled, organized, and effective manner. This type of change management process includes a systematic method of requesting changes, analyzing their impacts, and approving changes while monitoring them until implementation and documenting or reporting them for assessing their effects further. Module 08 Page 1129 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Request Analyze Impacts Management Process Implement Changes Figure 8.22: Change management process Continual business changes are unavoidable, and change management allows individuals, processes, and assets to adapt to the changes swiftly to improve the success rate of the changes. Inconsistent and poorly implemented business changes can put the business at risk or necessitate expensive and unnecessary re-implementation. Advantages of Change Management Frequent and meticulously devised changes can improve the efficiency of business processes. An effective change management process can enable organizations to do the following: = Evaluate and comprehend the required changes and their effects on the running processes = Support all the resources to be adapted to new changes = Reduce the time and cost required for implementing changes = Make employees aware of new changes = |Implement effective strategies to enhance communication = |mprove business collaboration = Allow continuous business operations even during the implementation of changes = Reduce the probability of change failures Module 08 Page 1130 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Change Management Tools SunView It is an IT change management software that allows the automation of the capture and ChangeGear processing of all IT change records across an enterprise 1) ) ManageEngine ServiceDesk Plus. ' https://www.manogeengine.com StarTeam StarTeam https://www.microfocus.com Freshservice IT Asset Management Software https://freshservice.com SolarWinds Service Desk https://www.solorwinds.com SysAid : https://www.sysoid.com Pttps.//www sumviewsoftwore.com https//www sunviewsoftwore.com o Av 4 Copyright Copyright©© byby EC-Commcll. AlN Rights Reserved. Reproduction Rights Reserved. RepeoductionssStrictly Srictly Prohibited. Prohibited. Change Management Tools = SunView ChangeGear Source: https://www.sunviewsoftware.com SunView ChangeGear is an IT change management software that allows the automation of the capture and processing of all IT change records across an enterprise. It eliminates emails, spreadsheets, and other manual methods for tracking IT changes. Ounge Falure Rate Figure 8.23: Screenshot of SunView ChangeGear Module 08 Page 1131 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools The following are some additional change management tools: * ManageEngine ServiceDesk Plus (https://www.manageengine.com) = StarTeam (https://www.microfocus.com) = Freshservice IT Asset Management Software (https://freshservice.com) = SolarWinds Service Desk (https://www.solarwinds.com) = SysAid (https://www.sysaid.com) Module 08 Page 1132 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.
