3.4 Explain the importance of secure staging deployment concepts
Secure baseline
Concept: 1. A baseline is a known starting point and organizations commonly use secure baselines to provide known starting points for systems.
Environments
Concept: 1. A secure staging environment includes multiple environments, and typically includes different systems used for each stage. Secure staging environments are... 1. Development 2. Test 3. Staging 4. Production
Integrity measurement
Concept: 1. Automated tools monitor the systems for any baseline changes, which is a common security issue. 2. Vulnerability scanners
Environments: Development
Concept: 1. Software developers use a development environment to create the application 2. Typically includes version control and change management controls to track the application development
Environment: Test
Concept: 1. Testers put the application through its paces and attempt to discover any bug or errors. 2. Typically, the test environment doesn't simulate fill production environment but instead includes enough hardware and software to test software modules
Environment: Production
Concept: 1. The production environment is the final product. 2. It includes everything needed to support the application and allow customers and others to use it.
Environment: Staging
Concept: 1. The staging environment is the final products. 2. It is used for late stage testing. 3. Copies the production environment
Sandboxing
Definition: 1. The use of an isolated area on a system, typically for testing. 2. Virtual machines are often used to test patches in an isolated sandbox. 3. Application developers sometimes use the chroot command to change the root directory creating a sandbox