Chapter 16

               Managing Security Operations


               THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER

               INCLUDE:

                      Domain 7: Security Operations

                        7.4 Securely provisioning resources

                             7.4.1 Asset inventory

                             7.4.2 Asset management

                             7.4.3 Configuration management

                        7.5 Understand and apply foundational security operations
                        concepts

                             7.5.1 Need-to-know/least privileges


                             7.5.2 Separation of duties and responsibilities

                             7.5.3 Privileged account management

                             7.5.4 Job rotation

                             7.5.5 Information lifecycle

                             7.5.6 Service-Level Agreements (SLAs)

                        7.6 Apply resource protection techniques

                             7.6.1 Media management

                             7.6.2 Hardware and software asset management

                        7.9 Implement and support patch and vulnerability
                        management


                        7.10 Understand and participate in change management
                        processes

                        7.16 Address personnel safety and security concerns

                             7.16.1 Travel