• Choose a category
• All
• Classic-Fiction

Security Administration

THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

✓ 1.2 Explain the security risks pertaining to system hardware and peripherals.

■ BIOS

■ USB devices

■ Cell phones

✓ 3.3 Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.

✓ 3.4 Apply appropriate security controls to file and print resources.

✓ 3.5 Compare and implement logical access control methods.

■ ACL

■ Group policies

■ Password policy

■ Domain password policy

■ User names and passwords

■ Time of day restrictions

■ Account expiration

■ Logical tokens

The title of administrator implies management—management of resources, computers, users, and so on. Most important, from your perspective, is the management of security. While you must oversee it, security management is the responsibility of everyone. The job requires the cooperation of every department and every individual in an organization. However, many people don’t understand or know how to improve security. Your job is to help educate those people in your organization, to assist in policy development, to act as a consultant, and to be part of the security process. This means that you must become knowledgeable about best practices, computer privacy and security laws, and incident response. In short, you have to be knowledgeable in many different areas and constantly (as well as cautiously) keep on top of new developments.

This chapter discusses the key elements of implementing, supporting, and maintaining security efforts in an organization. You’re faced with the task of keeping current in an environment that is changing constantly. Not only are the technologies shifting rapidly, but the laws that govern how we must protect our stakeholders are also constantly changing.

Understanding Security Management

The process of security management is all encompassing. The process includes managing strategic policies, departmental policies, technology issues, and personnel issues. You need to address each of these areas as part of an effective security system. One of the more difficult aspects of managing security is that change is a constant part of the process, and change is difficult in the best of circumstances. Your job includes understanding the best practices of security management and change documentation, and you must ensure that people are informed when changes need to be made.

Drafting Best Practices and Documentation

The term best practices refers to a set of recommendations about a practice or process. The recommendations, in this case, will help provide an appropriate level of security for an organization. The following sections provide an overview of the best practices involved in a security program and the components you must consider when evaluating your current security practices.

Using Policies and Procedures

Organizational security policies help describe what activities, processes, and steps are necessary to continue your security program. They provide the glue that holds the security program together. Policies and procedures also set expectation levels within the organization to help keep things moving forward. Your organization should minimally have policies and procedures that define information and storage, information destruction, security, use of company resources, backups, configuration management, logs and inventories, system architecture, change documentation, and user management.

Information Classification and Notification Policies

Information classification policies define how information is classified. The most common types of classification involve an evaluation of whether information is internal or external and whether it can be used for public dissemination or controlled distribution. These policies help everyone in an organization understand the requirements of information usage and confidentiality.

Notification policies define who is notified when information classifications