Internal operating procedures
- Organizations have different business objectives
- Processes and procedures
- Operational procedures
- Downtime notifications
- Facilities issues
- Software upgrades
- Testing, change control
- Documentation is the key
- Everyone can review and understand the policies
Knowledge base and articles
- External sources
- Manufacturer knowledge base
- Internet communities
- Internal documentation
- Institutional knowledge
- Usually part of help desk software
- Find the solution quickly
- Searchable archive
- Automatic searches with helpdesk ticket keywords
Network topology diagrams
- Describes the network layout
- May be a logical diagram
- Can include physical rack locations
Incident response: Documentation
- Security policy
- An ongoing challenge
- Documentation must be available
- No questions
- Documentation always changes
- Constant updating
- Have a process in place
- Use the wiki model
Compliance
• Meeting the standards of laws, policies, and
regulations
- A healthy catalog of rules
- Across many aspects of business and life
- Many are industry-specific or situational
- Penalties
- Fines
- Loss of employment
- Incarceration
- Scope
- Domestic and international requirements
Regulatory
• Sarbanes-Oxley Act (SOX)
• The Public Company Accounting Reform and
Investor Protection Act of 2002
• The Health Insurance Portability and
Accountability Act (HIPAA)
• Extensive healthcare standards for storage, use, and
transmission of health care information
• The Gramm-Leach-Bliley Act of 1999 (GLBA)
• Disclosure of privacy information from
financial institutions
Acceptable use policies (AUP)
- What is acceptable use of company assets?
- Detailed documentation
- May be documented in the Rules of Behavior
• Covers many topics
• Internet use, telephones, computers,
mobile devices, etc.
• Used by an organization to limit legal liability
• If someone is dismissed, these are
the well-documented reasons why
Password policy
• Passwords should be complex, and
all passwords should expire
• Change every 30 days, 60 days, 90 days
- Critical systems might change more frequently
- Every 15 days or every week
- The recovery process should not be trivial!
- Some organizations have a very formal process
Account lockout and disablement
- Too many bad passwords will cause a lockout
- This should be normal for most users
- This can cause big issues for service accounts
- You might want this
- Disable accounts
- Part of the normal change process
- You don’t want to delete accounts
- At least not initially
Inventory managemen
- A record of every asset
- Routers, switches, cables, fiber modules, etc.
- Financial records, audits, depreciation
- Make/model, configuration, purchase date, etc.
- Tag the asset
- Barcode, RFID, visible tracking number
-
Basic Linux Commands25
-
Microsoft Command Line Tool21
-
The Windows Control Panel20
-
Linux Tools5
-
Disk Management17
-
System Configuration8
-
Windows Administrative Tools13
-
macOS Tools/Features20
-
Windows Networking13
-
File systems6
-
Task Manager7
-
Security23
-
Wireless Security10
-
Types of Malware14
-
Anti-Malware Tools7
-
Social Engineering Attacks8
-
Threats & Vulnerabilities14
-
Windows Security Settings15
-
Securing Mobile Devices14
-
Securing a SOHO Network14
-
Troubleshooting Windows26
-
Disaster Recovery9
-
Documentation Best Practices10
-
Change Management8
-
Managing Electrostatic Discharge/Safety Procedures6
-
Environmental Impacts3
-
Privacy, Licensing, and Policies8
