Page 1197 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1197
Implementing Detective and
Preventive Measures
Ideally, an organization can avoid incidents completely by
implementing preventive countermeasures. This section covers several
preventive security controls that can prevent many attacks and
describes many common well-known attacks. When an incident does
occur, an organization will want to detect it as soon as possible.
Intrusion detection and prevention systems are one of the ways that
organizations do detect incidents and are also included in this section,
along with some specific measures organizations can take to detect
and prevent successful attacks.
You may notice the use of both preventative and
preventive. While most documentation currently uses only
preventive, the CISSP objectives include both usages. For example,
Domain 1 includes references to preventive controls. This chapter
covers objectives from Domain 7, and Domain 7 refers to
preventative measures. For simplicity, we are using preventive in
this chapter, except when quoting the CISSP objectives.
Basic Preventive Measures
While there is no single step you can take to protect against all attacks,
there are some basic steps you can take that go a long way to protect
against many types of attacks. Many of these steps are described in
more depth in other areas of the book but are listed here as an
introduction to this section.
Keep systems and applications up-to-date. Vendors regularly
release patches to correct bugs and security flaws, but these only help
when they’re applied. Patch management (covered in Chapter 16,
“Managing Security Operations”) ensures that systems and
applications are kept up-to-date with relevant patches.
