Information Security – Cybersecurity Notes
UoPX Advanced Cybersecurity Certification
Configuration and Patch Management
Configurations should be secure, checked, tested, and backed up. Patch management should be
automated and kept up to date using the NIST 800-53 or ISO27001 framework.
Managing configuration:
Baselining - is a starting point within the context of configuration management - it is the starting
configuration for a system
Baselines can be created with checklists that require someone to make sure a system is deployed
in a secure state
Manual baselines are susceptible to human error.
Using images of the baseline - many organizations use images to deploy baselines.
Administration starts by installing the Operating System and all desired applications, then
configures the system with relevant security and other settings to meet the needs of the
organization.
Next, the admin captures an image of the system using imaging software and stores it on a
server. Personnel then deploy the image to systems as needed.
Baselines images improve the security of systems by ensuring that desired security settings are
always configured correctly.
Managing Change:
Deploying systems in a secure state is a good start - it is important to ensure systems retain that
same level of security. Change Management helps reduce unanticipated outages caused by
unauthorized changes.
The primary goal of change management is to ensure that changes do not cause outages - ensure
that appropriate personnel review/approve changes before implementation and ensure that
personnel test/document the changes. Unauthorized changes can directly affect the Availability
as part of the CIA triad.
Security Impact Analysis - CM process ensures that personnel can perform a security impact
analysis.
1. Request the Change
2. Review of the Change
3. Approve/Reject the Change
4. Test the Change
1
UoPX Advanced Cybersecurity Certification
Configuration and Patch Management
Configurations should be secure, checked, tested, and backed up. Patch management should be
automated and kept up to date using the NIST 800-53 or ISO27001 framework.
Managing configuration:
Baselining - is a starting point within the context of configuration management - it is the starting
configuration for a system
Baselines can be created with checklists that require someone to make sure a system is deployed
in a secure state
Manual baselines are susceptible to human error.
Using images of the baseline - many organizations use images to deploy baselines.
Administration starts by installing the Operating System and all desired applications, then
configures the system with relevant security and other settings to meet the needs of the
organization.
Next, the admin captures an image of the system using imaging software and stores it on a
server. Personnel then deploy the image to systems as needed.
Baselines images improve the security of systems by ensuring that desired security settings are
always configured correctly.
Managing Change:
Deploying systems in a secure state is a good start - it is important to ensure systems retain that
same level of security. Change Management helps reduce unanticipated outages caused by
unauthorized changes.
The primary goal of change management is to ensure that changes do not cause outages - ensure
that appropriate personnel review/approve changes before implementation and ensure that
personnel test/document the changes. Unauthorized changes can directly affect the Availability
as part of the CIA triad.
Security Impact Analysis - CM process ensures that personnel can perform a security impact
analysis.
1. Request the Change
2. Review of the Change
3. Approve/Reject the Change
4. Test the Change
1
