Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our security operations, concepts, duties, and responsibilities module. In order to keep your systems secure, there are several different concepts that you will need to be familiar with. You will need to ensure operational assurance, making sure that your systems are functioning correctly from day to day. To keep your systems functioning securely, there are several procedures that you will need to conduct on a daily basis.
You will need to monitor your network for threats, provide for configuration and change management, to make sure that systems are configured correctly, and changes are authorized before they are implemented. Maintaining your assets, so you know what equipment you have and what equipment needs to be upgraded or properly disposed of.
Maintaining your licenses to make sure that your software is correctly licensed and that you're not in violation of any software agreements, planning for any additional capacity that you may need as your business grows. Making sure that you have fault management in case any devices fail, that you can quickly get them back up and running.
You'll need to conduct security awareness for your employees, as well as training, and make sure that you load balance and optimize your network to make sure that it's running as efficiently as possible. You'll also need to conduct vulnerability assessments to determine if you have any vulnerabilities on your system that need to be corrected.
And also have someone conduct penetration testing to make sure that your system is secure. And that an outside attacker or a internal disgruntled employee is not able to take advantage of your system by stealing sensitive data or damaging your systems. Your operations team will have many responsibilities. The most important is maintaining your production systems and making sure that they are functioning properly.
They'll need to handle any trouble tickets that are called in by your employees, as well as response to any anomalies or changes in the way that your system traditionally functions. They will need to integrate new systems and new software into the production environment, and this is known as provisioning.
They will be responsible for installing new versions of programs or updating different versions of your programs, patching your systems to make sure that they are up to date, creating reports, running batch jobs, managing your backups, which is critical in case an incident occurs where you lose your primary storage.
They will need to create your backups, label them, including their retention time. Make sure that they're stored securely in an environment where they cannot be damaged in case of fire or other emergency, and make sure that they are securely disposed of at the end of their lifecycle. They'll be responsible for managing your audit logs, they'll need to study these logs to make sure that there are no unauthorized activities going on with your network.
They'll also need to make sure to store them securely and archive them as necessary. If they detect any violations while reviewing the audit logs, they need to report them to the management team, so that that employee can be disciplined or that external attacker can be investigated. They'll also need to deal with any network failures or system failures, upgrades of equipment, and reconfiguring of equipment.
It's important to plan for any unusual or unexplained incidence on your network or within your organization. If there is a broadcast storm or an Arp storm, perhaps someone is attempting to attack your network. And this should be responded to very quickly. There could be lost connectivity due to a malicious attack or a denial of service attack, or perhaps just because your Internet service provider is experiencing issues.
You'll need to examine these incidents to determine if there is a risk, or if perhaps, there is just a technical difficulty with your Internet service provider. And therefore, no further investigation would be needed. They need to be familiar with any deviations from your standard operating procedures because these could be signs of incidents that are occurring.
If your performance decreases on one of your servers or on an employee's machine, this could indicate that there is a process running taking up the resources, or perhaps the system has a virus. If there's a large increase in the amount of bandwidth that you're using on your network, this could indicate that someone is trying to steal data from your network.
An excessive memory use, your computer restarting for no reason, or an increase in the number of calls to your help desk could also be indicators that something is not right on your system. And that there could be an incident that you need to respond to. Your administrators may also receive reports from your intrusion detection or prevention systems, as well as your security information and event management systems, which may alert them to anomalies in your system or network that need to be responded to and investigated promptly.
Once the administrators have been notified of a potential issue, they need to evaluate these issues to determine the root cause, whether that is an attacker who is attempting to gain access to your system or perhaps it is because of a technical difficulty, or simply a user who made a mistake when conducting their daily operations.
You'll need to make sure that your IT personnel are conducting their daily duties that are assigned to them each day. Your network administrators are responsible for controlling your network and maintaining it, expanding the network as you add new devices, or you need to increase your bandwidth for additional employees, or increased demand from customers. They will also be responsible for device and system administration tasks, such as updating, patching systems as necessary, upgrading systems, and replacing systems. Your security administrator is responsible for the technical controls that protect your organization's equipment. They will need to set up initial passwords and security profiles for your new employees.
They will be responsible for implementing user clearance levels as set by management staff. They'll be responsible for configuring your sensitivity levels based on the requirements set by the data owner, monitoring the networks to make sure that they are secure and that the networks are available when employees need them.
Implementing your device security procedures and secure communications channels, and also for reviewing your logs and audit files in real time in case there are any anomalies or other incidents that need to be responded to. This concludes our security operations concepts, duties, and responsibilities module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!