Page 742 - StudyBook.pdf
P. 742

726    Chapter 12 • Operational and Organizational Security: Policies and Disaster Recovery

                    4.   When the Save As dialog box appears, enter the name for this
                         text file in the File name field, and select where you want to save
                         the file. Click the Save button to save the file and continue.
                    5.   Open the text file using Notepad or another text editor, and view
                         the information about the system documented inside the file.





             Change Documentation


             Nothing stays the same and change is inevitable.These are the reasons why change
             documentation is so important. Change control documentation provides informa-
             tion of changes that have been made to a system, and often provides back out steps
             that show how to restore the system to its previous state.Without this, changes
             made to a system could go unrecorded causing issues in the future. Imagine starting
             a job as the new network administrator, and finding that the only documents about
             the network were the systems architecture documentation that your predecessor
             created seven years ago when the system was first installed.After years of adding
             new equipment, updating software, and making other changes, the current system
             would barely resemble its original configuration. If change documentation had
             been created, you would have had a history of those changes, which could have
             been used to update the systems architecture documentation.
                 Change documentation can provide valuable information, which can be used
             when troubleshooting problems and upgrading systems. First, it should state why a
             change occurred. Changes should not appear to be for the sake of change, but be
             for good reason, such as fixing security vulnerabilities, hardware no longer being
             supported by vendors, new functionality, or any number of other reasons.The doc-
             umentation should also outline how these changes were made and detail the steps
             that were performed.At times, an administrator may need to justify what was done,
             or need to undo changes and restore the system to a previous state, because of
             issues resulting from a change. In such cases, the change documentation can be
             used as a reference for backtracking the steps taken.
             Logs and Inventories


             Logs can be valuable tools when troubleshooting problems and identifying adverse
             incidents (e.g., intrusions to the system). Many systems provide logs that give auto-
             mated information on events that have occurred, including accounts that were used




          www.syngress.com
   737   738   739   740   741   742   743   744   745   746   747