Page 1145 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1145
Software licensing also refers to ensuring that systems do not have
unauthorized software installed. Many tools are available that can
inspect systems remotely to detect the system’s details. For example,
Microsoft’s System Center Configuration Manager (ConfigMgr or
SCCM) is a server product that can query each system on a network.
ConfigMgr has a wide range of capabilities, including the ability to
identify the installed operating system and installed applications. This
allows it to identify unauthorized software running on systems, and
helps an organization ensure that it is in compliance with software
licensing rules.
Tools such as ConfigMgr regularly expand their
capabilities. For example, ConfigMgr now can connect to mobile
devices, including those running Apple’s iOS and Android-based
operating systems. In addition to identifying operating systems
and applications, it can ensure that the clients are healthy
according to predefined requirements, such as running antivirus
software or having specific security settings configured.
Protecting Physical Assets
Physical assets go beyond IT hardware and include all physical assets,
such as an organization’s building and its contents. Methods used to
protect physical security assets include fences, barricades, locked
doors, guards, closed circuit television (CCTV) systems, and much
more.
When an organization is planning its layout, it’s common to locate
sensitive physical assets toward the center of the building. This allows
the organization to implement progressively stronger physical security
controls. For example, an organization would place a datacenter closer
to the center of the building. If the datacenter is located against an
outside wall, an attacker might be able to drive a truck through the
wall and steal the servers.
Similarly, buildings often have public entrances where anyone can
enter. However, additional physical security controls restrict access to
