Need-to-know/least privilege
16
|
|
7.4.2
|
Separation of Duties (SoD) and responsibilities
|
16
|
|
7.4.3
|
Privileged account management
|
16
|
|
7.4.4
|
Job rotation
|
16
|
|
7.4.5
|
Service Level Agreements (SLA)
|
16
|
|
7.5
|
Apply resource protection
|
16
|
|
7.5.1
|
Media management
|
16
|
|
7.5.2
|
Media protection techniques
|
16
|
|
7.6
|
Conduct incident management
|
17
|
|
7.6.1
|
Detection
|
17
|
|
7.6.2
|
Response
|
17
|
|
7.6.3
|
Mitigation
|
17
|
|
7.6.4
|
Reporting
|
17
|
|
7.6.5
|
Recovery
|
17
|
|
7.6.6
|
Remediation
|
17
|
|
7.6.7
|
Lessons learned
|
17
|
|
7.7
|
Operate and maintain detective and preventative measures
|
11, 17
|
|
7.7.1
|
Firewalls (e.g., next generation, web application, network)
|
11
|
|
7.7.2
|
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
|
17
|
|
7.7.3
|
Whitelisting/blacklisting
|
17
|
|
7.7.4
|
Third-party provided security services
|
17
|
|
7.7.5
|
Sandboxing
|
17
|
|
7.7.6
|
Honeypots/honeynets
|
17
|
|
7.7.7
|
Anti-malware
|
17
|
|
7.7.8
|
Machine learning and Artificial Intelligence (AI) based tools
|
17
|
|
7.8
|
Implement and support patch and vulnerability management
|
16
|
|
7.9
|
Understand and participate in change management processes
|
16
|
|
7.10
|
Implement recovery strategies
|
18
|
|
7.10.1
|
Backup storage strategies
|
18
|
|
7.10.2
|
Recovery site strategies
|
18
|
|
7.10.3
|
Multiple processing sites
|
18
|
|
7.10.4
|
System resilience, High Availability (HA), Quality of Service (QoS), and fault tolerance
|
18
|
|
7.11
|
Implement Disaster Recovery (DR)
СКАЧАТЬ
|
