17
|
|
7.6.6
|
Remediation
|
17
|
|
7.6.7
|
Lessons learned
|
17
|
|
7.7
|
Operate and maintain detective and preventative measures
|
11, 17
|
|
7.7.1
|
Firewalls (e.g., next generation, web application, network)
|
11
|
|
7.7.2
|
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
|
17
|
|
7.7.3
|
Whitelisting/blacklisting
|
17
|
|
7.7.4
|
Third-party provided security services
|
17
|
|
7.7.5
|
Sandboxing
|
17
|
|
7.7.6
|
Honeypots/honeynets
|
17
|
|
7.7.7
|
Anti-malware
|
17
|
|
7.7.8
|
Machine learning and Artificial Intelligence (AI) based tools
|
17
|
|
7.8
|
Implement and support patch and vulnerability management
|
16
|
|
7.9
|
Understand and participate in change management processes
|
16
|
|
7.10
|
Implement recovery strategies
|
18
|
|
7.10.1
|
Backup storage strategies
|
18
|
|
7.10.2
|
Recovery site strategies
|
18
|
|
7.10.3
|
Multiple processing sites
|
18
|
|
7.10.4
|
System resilience, High Availability (HA), Quality of Service (QoS), and fault tolerance
|
18
|
|
7.11
|
Implement Disaster Recovery (DR) processes
|
18
|
|
7.11.1
|
Response
|
18
|
|
7.11.2
|
Personnel
|
18
|
|
7.11.3
|
Communications
|
18
|
|
7.11.4
|
Assessment
|
18
|
|
7.11.5
|
Restoration
|
18
|
|
7.11.6
|
Training and awareness
|
18
|
|
7.11.7
|
Lessons learned
|
18
|
|
7.12
|
Test Disaster Recovery Plans (DRP)
|
18
|
|
7.12.1
|
Read-through/tabletop
|
18
|
|
7.12.2
|
Walkthrough
|
18
|
|
7.12.3
|
Simulation
|
18
|
|
7.12.4
|
Parallel
|
18
|
|
7.12.5
|
Full interruption
|
|
