In this video you will learn about configuration management as it relates to diagrams, baseline configurations, standard naming conventions, & Internet protocol schemas. You will also learn about data sovereignty & data protection such as: data loss prevention, data masking, data encryption, and digital rights management.
Configuration Management
Configuration management is the practice of handling changes systematically so that a system maintains its integrity over time. Configuration management implements the policies, procedures, techniques, and tools that manage, evaluate proposed changes, track the status of changes, and maintain an inventory of system and support documents as the system changes. Configuration management programs and plans provide technical and administrative direction to the development and implementation of the procedures, functions, services, tools, processes, and resources required to successfully develop and support a complex system. During system development, configuration management allows program management to track requirements throughout the lifecycle through acceptance and operations and maintenance. As changes inevitably occur in the requirements and design, they must be approved and documented, creating an accurate record of the system status. Ideally the configuration management process is applied throughout the system life cycle.
Several factors pertaining to configuration management that you need to be concerned about for the CompTIA Security+ SY0-601 certification exam are the following:
Data Sovereignty
Data sovereignty is the idea that data is subject to the laws and governance structures within the nation it is collected. The concept of data sovereignty is closely linked with data security, cloud computing, network sovereignty and technological sovereignty. Unlike technological sovereignty, data sovereignty is specifically concerned with questions surrounding the data itself.[2] With the rise of cloud computing, many countries have passed various laws around control and storage of data, which all reflects measures of data sovereignty.[2] More than 100 countries have some sort of data sovereignty laws in place.
Data protection is the process of safeguarding important data from corruption, compromise or loss and providing the capability to restore the data to a functional state should something happen to render the data inaccessible or unusable.[3] Aspects about data protection that you need to be concerned with for the CompTIA Security+ SY0-601 certification exam are the following:
Data Loss Prevention (DLP)
Data loss prevention software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring[4], detecting and blocking sensitive data while in use (endpoint actions), in motion (network traffic), and at rest (data storage).[5] Most DLP policies focus on the use of content-level scanning and deep content inspection to identify sensitive data and protect it. The following actions should be considered when designing a DLP policy:[6]
Data Masking
Data masking is the process of modifying sensitive data in such a way that it is of no or little value to unauthorized intruders while still being usable by software or authorized personnel. The main reason for applying masking to a data field is to protect data that is classified as personally identifiable information (PII), sensitive personal data, or commercially sensitive data.
Data Encryption
Data encryption is a way of translating data from plaintext (unencrypted) to ciphertext (encrypted). Users can access encrypted data with an encryption key and decrypted data with a decryption key.[7] When it comes to data encryption, you need to know about the following types of data:
Digital Rights Management (DRM)
Digital rights management is the management of legal access to digital content. Various tools or technological protection measures such as access control technologies can restrict the use of proprietary hardware and copyrighted works.[10] DRM technologies are the use, modification, and distribution of copyrighted works (such as software and multimedia content), as well as system that enforce these policies within devices.[11] In layman’s terms, DRM limits the end user’s rights to copy, transfer, or use software or digital media. An example of DRM is the limits on the number of systems that can use an application at the same time, such as Adobe Creative Cloud or Microsoft Office 365.
References