CISSP Cert Prep: 1 Security and Risk Management

CISSP Cert Prep: 1 Security and Risk Management
CISSP Cert Prep: 1 Security and Risk Management
English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 2h 37m | 338 MB

Learn about information security and risk management practices needed to complete the first domain of the 2018 Certified Information Systems Security Professional (CISSP) exam. CISSP is the industry's gold standard certification, necessary for many mid- and senior-level positions. This course includes coverage of key exam topics from the Security and Risk Management domain: security governance, compliance and policy issues, personnel security, threat modeling, and vendor management. Author Mike Chapple also covers the trifecta of information confidentiality, integrity, and availability. He reviews business continuity and risk management strategies, and highlights the importance of ongoing security awareness and education in any organization.

Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.

Topics include:

  • Aligning security with the business
  • Using control frameworks
  • Understanding compliance ethics
  • Implementing effective security policies
  • Planning for business continuity
  • Ensuring the security of employees
  • Managing risk
  • Identifying threats
  • Managing vendors
  • Building security awareness
  • Conducting security training
Table of Contents

1 Welcome
2 What you need to know
3 The goals of information security
4 Confidentiality
5 Integrity
6 Availability

Security Governance
7 Aligning security with the business
8 Organizational processes
9 Security roles and responsibilities
10 Control frameworks

Compliance and Ethics
11 Legislative and regulatory compliance
12 Privacy compliance
13 Computer crimes
14 Software licensing
15 Intellectual property
16 Import and export controls
17 Data breaches
18 Ethics

Security Policy
19 Security policy framework
20 Security policies

Business Continuity
21 Business continuity planning
22 Business continuity controls
23 High availability and fault tolerance

Personnel Security
24 Improving personnel security
25 Security in the hiring process
26 Employee termination process
27 Employee privacy
28 Social networking

Risk Management
29 Risk assessment
30 Quantitative risk assessment
31 Five possible risk management actions
32 Security control selection and implementation
33 Ongoing risk management
34 Risk management frameworks
35 Risk visibility and reporting

Threat Modeling
36 Identifying threats
37 Understanding attacks
38 Technology and process remediation

Vendor Management
39 Managing vendor relationships
40 Vendor agreements
41 Vendor information management
42 Third-party security services

Awareness and Training
43 Security policy training and procedures
44 Compliance training
45 User habits
46 User-based threats
47 Measuring compliance and security posture
48 Awareness program reviews

49 Next steps