CCNA CyberOps SECFND Objective 2.7

Describe these concepts: Asset management, configuration management, mobile device management, patch management and vulnerability management

Understanding Cisco Cybersecurity Fundamentals (210-250)

Asset Management

Assets are the items of a company that need protected. To be able to protect them, they must be inventoried and managed. Policies should indicate how assets are used, who maintains them and how they are classified. Classifications help to asses the value of an asset if it were to be lost or compromised.

Configuration Management

Configuration management entails managing the configuration on assets. To ensure proper policies are enforced, changes to configurations should go through a change management policy where they are approved and documented. Backups of the configurations should also be kept to aid in recovery of assets in the event of an incident.

Mobile Device Management (MDM)

Mobile Device Management (MDM) software allows corporations to maintain control of mobile devices like cell phones and tablets. MDMs can enforce corporate policies like requiring PINs on the devices. MDMs can also push software to the devices. Finally if a device is lost or stolen, an MDM can force the device to wipe itself removing any confidential information.

Patch Management

Vulnerabilities are found in software daily. A patch management strategy is needed to mitigate known vulnerabilities. A centralized patch policy server helps to ensure that patches are applied uniformly.

Vulnerability Management

Vulnerability management is a process of identifying vulnerabilities, investigating them, prioritizing them and mitigating them. More details can be found in my CySA+ notes here.