CISSP Cert Prep: 1 Security and Risk Management (Feb. 2018) Part 1
Posted by Superadmin on December 19 2018 15:44:24

CISSP Cert Prep: 1 Security and Risk Management (Feb. 2018)

 

Learn about information security and risk management practices needed to complete the first domain of the 2018 Certified Information Systems Security Professional (CISSP) exam. CISSP is the industry's gold standard certification, necessary for many mid- and senior-level positions. This course includes coverage of key exam topics from the Security and Risk Management domain: security governance, compliance and policy issues, personnel security, threat modeling, and vendor management. Author Mike Chapple also covers the trifecta of information confidentiality, integrity, and availability. He reviews business continuity and risk management strategies, and highlights the importance of ongoing security awareness and education in any organization.

Topics include:
Aligning security with the business
Using control frameworks
Understanding compliance ethics
Implementing effective security policies
Planning for business continuity
Ensuring the security of employees
Managing risk
Identifying threats
Managing vendors
Building security awareness
Conducting security training

0.Introduction



 
 
 
 
01. Welcome
02. What_you_need_to_know
03. The goals of information security
04. Confidentiality
 
 
05. Integrity
06. Availability



1. Security Governance



 
 
 
 
07. Aligning security with the business
08. Organizational processes
09. Security roles and responsibilities
10. Control frameworks


2. Compliance and Ethics



 
 
 
 
11. Legislative and regulatory compliance
12. Privacy compliance
13. Computer crimes
14. Software licensing
 
 
 
 
15. Intellectual property
16. Import and export controls
17. Data breaches
18. Ethics


3. Security Policy



 
 
19. Security policy framework
20. Security policies


4. Business Continuity



 
 
 
21. Business continuity planning
22. Business continuity controls
23. High availability and fault tolerance


5. Personnel Security



 
 
 
 
24. Improving personnel security
25. Security in the hiring process
26. Employee termination process
27. Employee privacy
 
28. Social networking


6. Risk Management



 
 
 
 
29. Risk assessment
30. Quantitative risk assessment
31. Five possible risk management actions
32. Security control selection and implementation
 
 
 
33. Ongoing risk management
34. Risk management frameworks
35. Risk visibility and reporting.en