Deployment Phase

• Security configurations[Mandatory] - When deploying software, ensure appropriate security configurations are applied to the software and supporting systems and infrastructure including databases, servers, networks and devices.
• Access management [Mandatory] - Users should be assigned appropriate levels of access control based on their roles.
• Penetration testing [Mandatory] - Penetration testing should also be repeated in the Production environment. In addition, intrusion detection and prevention systems should be deployed to monitor and protect against attacks.

Outputs

• Approved user access matrix configured in the system
• A comprehensive document outlining secure configurations for software, databases, servers, networks, and devices.
• Configuration documentation for deployed intrusion detection and prevention systems, detailing monitoring and protection measures against attacks.
• Penetration testing report (Production environment)