Maintenance Windows
- routine maintenance windows enable administrators to perform maintenance tasks during pre-established times
- all work should comply with change management policies
- maintenance tasks typically fall into 2 categories
- patch management task occur during maintenance windows
- need to finish within the duration
- need to also accommodate patch rollbacks if necessary
- need to monitor actions and events during maintenance windows
- attackers can use this time to execute attacks
- SOC needs to be aware of actions to prepare for alerts