Skip to content

Security Engineer Intro

Asset Management/Inventory

  • Purpose: Maintaining a centralized repository of information about an organization's digital assets.
  • Information Stored:
    • IP addresses
    • Hostnames
    • Operating systems
    • Installed software
    • Owners/responsible parties
    • Location
    • Criticality
  • Benefits:
    • Improved visibility and control over assets.
    • Facilitates risk assessment and vulnerability management.
    • Supports incident response and recovery.

Security Policy Exceptions

  • Purpose: Allowing deviations from a security policy under specific circumstances.
  • When to Grant Exceptions:
    • When compliance is impractical or impossible.
    • When the risk is deemed acceptable.
    • When a temporary exception is needed for a specific project or activity.
  • Important Considerations:
    • Document the exception and the justification.
    • Regularly review and reassess exceptions.
    • Ensure compensating controls are in place to mitigate risks.

Secure-by-Design

  • Definition: Integrating security considerations into the design and development of systems and applications from the outset.
  • Benefits:
    • Reduces vulnerabilities and security risks.
    • Improves the overall security posture.
    • Minimizes the need for costly security fixes later.
    • Maximizes return on investment (ROI) in security.

Change Management

  • Purpose: Managing and controlling changes to systems and configurations to minimize disruptions and security risks.
  • Key Aspects:
    • Tracking changes.
    • Assessing the impact of changes.
    • Approving changes.
    • Implementing changes in a controlled manner.
    • Documenting changes.
  • Benefits:
    • Reduces the risk of unintended consequences.
    • Maintains system stability and security.
    • Supports compliance and auditing.

Tabletop Exercises

  • Definition: Simulated scenarios used to test incident response plans and procedures.
  • Benefits:
    • Identifies gaps and weaknesses in plans.
    • Improves decision-making and communication during incidents.
    • Provides training and awareness for incident response teams.

Business Continuity

  • Definition: The ability of an organization to maintain essential functions during and after a disruption.
  • Key Elements:
    • Business Impact Analysis (BIA)
    • Recovery Time Objective (RTO)
    • Recovery Point Objective (RPO)
    • Disaster Recovery Plan (DRP)
  • Importance:
    • Minimizes downtime and financial losses.
    • Protects reputation and customer trust.
    • Ensures business resilience.

Security Decision-Making

  • Key Factors:
    • Ease of use
    • Ease of implementation
    • Cost
    • Improvement in security posture
  • Examples:
    • Patching vulnerabilities
    • Rebuilding legacy servers
    • Restricting server access
  • Balancing Security and Usability: Finding the right balance between security and user experience is essential for effective security management.