The operations department has responsibilities that pertain to everything that takes place to keep a network, computer system, applications and environment up and running in a secure and protected manner. After the network is setup is when operations kicks in, which includes the continual day-to-day maintenance of an environment. These activities are routine in nature and enable the environment, systems and applications to continue to run correctly and securely.
Operation security is the process of understanding these operations from a competitor's/enemy's/hacker's viewpoint and then developing and applying countermeasures to mitigate identified threats. A company cannot provide any level of protection for itself unless it is providing the necessary operation security methodologies, technologies and procedures. This domain covers:
- Operations personnel
- Configuration management
- Media access protection
- System recovery
- Facsimile security
- Vulnerability and penetration testing
- Attack types
FULL STORY
