200 likes | 515 Views
Auditing IT Infrastructures for Compliance Chapter 10 Compliance Within the LAN Domain. Learning Objective. Describe information security systems compliance requirements within the LAN Domain. Key Concepts. Compliance law requirements and business drivers for the LAN Domain
E N D
Auditing IT Infrastructures for Compliance Chapter 10 Compliance Within theLAN Domain
Learning Objective • Describe information security systems compliance requirements within the LAN Domain.
Key Concepts • Compliance law requirements and business drivers for the LAN Domain • The steps to maximize availability, integrity, and confidentiality (A-I-C) for the LAN Domain • LAN Domain policies, standards, procedures, and guidelines • Vulnerability management in the LAN Domain • Best practices for LAN Domain compliance requirements
Compliance Laws and Business Drivers • Many organizations require a networking infrastructure with servers to accomplish business tasks • Compliance satisfies two main purposes: • Protects privacy • Ensures proper LAN security controls
LAN Domain Controls • Access controls • Communication controls • Anti-malware software • Recovery plans • Configuration change procedures • Monitoring tools • Software patch management
Policies, Standards, Procedures, and Guidelines • LAN Domain controls that must satisfy policies: • Preventive • Detective • Corrective
Summary • LAN Domain compliance requirements and business drivers • LAN Domain devices and controls • Process to maximize availability, integrity, and confidentiality • The role of vulnerability management in the LAN Domain