Documentation and Proceses Flashcards
(40 cards)
What is IT Governance?
Used to provide a comprehensive security management framework for the organization
IT Governance is implemented using policies, standards, baselines, guidelines, and procedures.
What does a policy define?
Defines the role of security inside of an organization and establishes the desired state for that security program.
What are the levels of security policies?
- Organizational
- System-specific
- Issue-specific
What is the purpose of an organizational security policy?
Provide framework to meet the business goals and define the roles, responsibilities, and terms associated with it.
What does a system-specific policy address?
Address the security of a specific technology, application, network, or computer system.
What is the function of a standard in an organization?
Implements a policy in an organization.
What is a guideline?
Recommended action that allows for exceptions and allowances in unique situations.
What is a physical network diagram used for?
Used to show the physical arrangement of network components, including cabling and hardware layout.
What does a logical network diagram illustrate?
Illustrates data flow and device communication, including subnets, network objects, routing protocols, and domains.
What is the purpose of a site survey report?
Conducted for wireless network assessments to show access point locations and signal strength.
What is a wired site survey typically part of?
Preparation for a major upgrade or installation, checking power, space, and cooling for new equipment.
What is included in an audit and assessment report?
- Executive summary
- Scope and objectives
- Assumptions and limitations
- Methods and tools
- Environment and system diagram
- Security requirements
- Findings and recommendations
- Audit results
What is a baseline configuration?
Most stable versions of device configurations documented and changeable only through change control procedures.
What is asset management?
A systematic approach to the governance and realization of value of things over their entire life cycle.
What are the types of assets?
- Tangible Assets
- Intangible Assets
What are key processes in asset management?
- Developing
- Operating
- Maintaining
- Upgrading
- Disposing of assets
What is asset inventory?
Maintain a complete list of all assets in the organization using a database system.
What is the purpose of asset identification?
Each asset should have a unique asset tag and ID for tracking purposes.
What is the procurement lifecycle?
Birth to death of an asset, including change management procedures for proper procurement and deployment.
What is the purpose of warranty and licensing in asset management?
Keep track of asset warranties and support contracts and ensure software licensing compliance for all devices.
What is IP Address Management (IPAM)?
A methodology and suite of tools used to plan, track, and manage the IP address space inside a network infrastructure.
What are the benefits of automated IPAM?
- Detects and resolves IP conflicts
- Integrates with DHCP and DNS servers
- Supports horizontal cloud scaling
What is the strategic importance of IPAM?
Involves a strategic shift in managing network infrastructure to enhance efficiency, security, and resilience.
What are the three main types of agreements in network management?
- Non-Disclosure Agreements (NDAs)
- Memorandum of Understanding (MOU)
- Service Level Agreement (SLA)
