1
00:00:00,330 --> 00:00:08,640
A level of management needs to be enforced in any network environment to maintain security and organization

2
00:00:10,020 --> 00:00:16,170
assets are things of value to an organization such as computers.

3
00:00:16,170 --> 00:00:24,330
Some common asset management documentation includes things like asset inventory ownership classification

4
00:00:24,660 --> 00:00:25,690
and labeling

5
00:00:28,230 --> 00:00:36,390
configuration management as a set of policies and procedures for maintaining the integrity of a configuration

6
00:00:36,420 --> 00:00:45,240
item a configuration item can be anything from a network router to an application if configurations

7
00:00:45,240 --> 00:00:52,660
need to be changed then a change control process should be followed to notify all parties of any changes.

8
00:00:53,750 --> 00:00:59,780
Then if there are issues with any systems after the documented changes it is very easy to troubleshoot

9
00:00:59,780 --> 00:01:07,070
because you can start by rolling back whatever changed in the system which is the root cause in most

10
00:01:07,070 --> 00:01:16,220
cases change control processes typically include a planning phase detailed documentation of what time

11
00:01:16,400 --> 00:01:19,860
the change will be made and an approval process

12
00:01:22,720 --> 00:01:30,700
patch management systems push out software patch updates to endpoints to fix software vulnerabilities

13
00:01:30,790 --> 00:01:38,170
and bugs if a new threat is introduced that can affect PCs than the patch management system can update

14
00:01:38,170 --> 00:01:42,900
and points to make sure that they are updated for risk reduction.

15
00:01:45,120 --> 00:01:50,870
Vulnerability management is integral to computer security and network security.

16
00:01:52,330 --> 00:02:01,500
It is the practice of identifying classifying remediating and mitigating vulnerabilities.

17
00:02:01,510 --> 00:02:10,510
This can be done with active or passive vulnerability scanners including penetration assessments pen

18
00:02:10,510 --> 00:02:18,700
tests identify vulnerabilities within an environment that need to be corrected to keep things honest.

19
00:02:18,700 --> 00:02:22,300
These are typically conducted by a third party company.