13.4. Exam Essentials

Understand that personnel management is a form of administrative control, also called administrative management.

You must clearly define personnel management practices in your security policy and subsequent formalized security structure documentation. Personnel management focuses on three main areas: hiring practices, ongoing job performance, and termination procedures.

Understand antivirus management.

Antivirus management includes the design, deployment, and maintenance of an antivirus solution for your IT environment.

Know how to prevent unrestricted installation of software.

To provide a virus-free environment, you should rigidly control the installation of software. This includes allowing users to install and execute ...

Get CISSP®: Certified Information Systems Security Professional: Study Guide, Fourth Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.