VIDEO
HIGHLIGHT
Log InSign up
Security Procedures - CompTIA Security+ SY0-701 - 5.1
SummaryTranscriptChat

Security Procedures - CompTIA Security+ SY0-701 - 5.1

Change Management in Organizations

Overview of Change Management

  • Change management is a critical security procedure that ensures systematic processes are followed when changes are made to organizational systems, preventing downtime and mistakes.
  • The scope of the change must be determined, including whether it involves a single server, multiple devices, or an entire operating system.

Risk Assessment and Approval Process

  • Understanding the risk associated with changes is essential; this includes evaluating if the change affects one application or an entire system.
  • A formal plan for the change is necessary, which requires approval from end users. Most organizations utilize a change control board to analyze and approve proposed changes.

Documentation and Onboarding Procedures

  • After implementing changes, documentation is crucial to inform all stakeholders about what modifications were made.
  • Onboarding procedures involve providing new hires with necessary resources like handbooks and technology while ensuring proper account setup with appropriate rights.

Offboarding Policies and Playbooks

Importance of Offboarding

  • Formal offboarding policies ensure clarity on handling user assets when they leave the organization, addressing hardware return and data management.
  • Disabling accounts during offboarding helps retain access to important data or decryption keys that may be needed later.

Role of Playbooks in Security Protocols

  • Organizations maintain playbooks outlining steps for specific events such as data breaches or ransomware recovery, ensuring structured responses.
  • These playbooks can be integrated into SOAR (Security Orchestration Automation Response) platforms for automating mundane tasks within security teams.

Continuous Improvement in Security Practices

Monitoring and Revising Processes

  • Continuous monitoring of processes is vital due to evolving technologies; organizations must adapt their security posture accordingly.
  • Existing playbooks should be reviewed regularly for efficiency improvements or updates based on newly installed technologies or emerging threats.

Governance Structure in Organizations

  • Governance typically starts with a board that sets broad objectives for committees composed of subject matter experts who implement these goals through defined tasks.

Understanding Governance in Public vs. Private Sectors

Differences in Policies and Procedures

  • Working within the public sector, such as government organizations, involves distinct policies and procedures compared to private organizations.
  • Key concerns for governmental agencies often revolve around legal issues, administrative requirements, and political matters.
  • The presentation and scope of information in public agencies differ significantly from that of private entities.
  • Governmental agencies operate with a mandate to serve the public, leading to meetings typically being open to the public.
Playlists: Page 5
Video description

Security+ Training Course Index: https://professormesser.link/701videos Professor Messer’s Course Notes: https://professormesser.link/701notes - - - - - IT security maintains a number of procedures to ensure control of data and services. In this video, you'll learn about change management, onboarding, offboarding, playbooks, and more. - - - - Subscribe to get the latest videos: https://professormesser.link/yt Calendar of live events: https://www.professormesser.com/calendar/ FOLLOW PROFESSOR MESSER: Professor Messer official website: https://www.professormesser.com/ Twitter: https://www.professormesser.com/twitter Facebook: https://www.professormesser.com/facebook Instagram: https://www.professormesser.com/instagram LinkedIn: https://www.professormesser.com/linkedin