Secure Network Lifecycle - Initiation
Preliminary risk assessment and categorizing of risk (low, medium, high).
Secure Network Lifecycle - Acquisition and Development
Detailed risk assessment, acquiring the products and tools needed to reduce risk.
Secure Network Lifecycle - Implementation
When you put countermeasuers in place on the production network.
Secure Network Lifecycle - Operations & Maintenance
Monitoring and care for network security devices. Also includes incident handling.
Secure Network Lifecycle - Disposition
Getting rid of network equipment (including formatting / destroying media storage devices).
What is Qualitative risk analysis?
Data is gathered by an individual to determine an asset's value, it's vulnerabilities, potential threats, and the impact or risk based on those factors.
What is Quantitative risk analysis?
Uses raw data, numbers, and statistics to determine risk.
What are the primary reasons for documenting the value of an asset, in combination with the vulnerabilities of that asset?
To identify risk, and possible countermeasures.
Who is ultimately responsible for the data and security on the network?
What kind of policy does the senior executive team create?
Governing policy (high-level security policy)
What are the 5 steps to Cisco's Secure Network Lifecycle?
2. Acquisition and development
4. Operations and maintenance