After reading this chapter and completing the exercises, you will be able to do the following:
Create useful and appropriate standard operating procedures.
Implement change control processes.
Understand the importance of patch management.
Protect information systems against malware.
Consider data backup and replication strategies.
Recognize the security requirements of email and email systems.
Appreciate the value of log data and analysis.
Evaluate service provider relationships.
Understand the importance of threat intelligence and information sharing.
Write policies and procedures to support operational and communications security.
Section 3.3 of the NIST Cybersecurity Framework, ...