This CISSP domain includes all aspects that concern operational security management. Think of Concepts, researches, management of incidents and repair of possible disasters.
Services that are placed under this domain are related to the following subjects:
- Investigations support and requirements
- Logging and monitoring activities
- Provisioning of resources
- Foundational security operations concepts
- Resource protection techniques
- Incident management
- Preventative measures
- Patch and vulnerability management
- Change management processes
- Recovery strategies
- Disaster recovery processes and plans
- Business continuity planning and exercises
- Physical security
- Personnel safety concerns