3.4 Explain the importance of secure staging deployment concepts

Secure baseline

Concept: 1. A baseline is a known starting point and organizations commonly use secure baselines to provide known starting points for systems.

Environments

Concept: 1. A secure staging environment includes multiple environments, and typically includes different systems used for each stage. Secure staging environments are... 1. Development 2. Test 3. Staging 4. Production

Integrity measurement

Concept: 1. Automated tools monitor the systems for any baseline changes, which is a common security issue. 2. Vulnerability scanners

Environments: Development

Concept: 1. Software developers use a development environment to create the application 2. Typically includes version control and change management controls to track the application development

Environment: Test

Concept: 1. Testers put the application through its paces and attempt to discover any bug or errors. 2. Typically, the test environment doesn't simulate fill production environment but instead includes enough hardware and software to test software modules

Environment: Production

Concept: 1. The production environment is the final product. 2. It includes everything needed to support the application and allow customers and others to use it.

Environment: Staging

Concept: 1. The staging environment is the final products. 2. It is used for late stage testing. 3. Copies the production environment

Sandboxing

Definition: 1. The use of an isolated area on a system, typically for testing. 2. Virtual machines are often used to test patches in an isolated sandbox. 3. Application developers sometimes use the chroot command to change the root directory creating a sandbox