In this topic, we discuss several management frameworks that will assist you in performing security operations.
Learning Objectives
• Explain the purpose, use and implementation of the Risk Management Framework (RMF) as a means of building a security baseline
• Explain the purpose, use and implementation of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, v3 [ITIL])
• Define IT Service Management (ITSM)
• Define the ITIL ITSM model in accordance with ITILv3
• Explain the use, purpose and implementation of key concepts in security management (e.g., Release Management, Patch Management) IAW best practice
• Explain data security, data backup, types of backups (e.g., full, incremental), and recovery concepts and tools IAW best practice
• Explain local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability