CISSP® - Security and Risk Management

Pluralsight

Course Summary

ISC(2)'s CISSP examination is one of the most highly valued certifications in the information security profession. Take the first step towards gaining the knowledge needed to tackle the first domain of the CISSP.

+
Course Description

If you are looking to begin your journey towards the highly respected CISSP credential, then you have come to the right place! This course covers a broad range of topics listed in ISC2's Certified Information System Security Professional (CISSP) Common Body of Knowledge (CBK) - Security and Risk Management domain. In this course, you will learn the foundations of security and risk management, including topics such as cyber crime, legal and regulatory concerns, threat modeling, and much, much more. When you are finished with this course, you will have a good security and risk management foundation that will provide you with the context and knowledge needed to be successful in the information security profession.

Course Description

If you are looking to begin your journey towards the highly respected CISSP credential, then you have come to the right place! This course covers a broad range of topics listed in ISC2's Certified Information System Security Professional (CISSP) Common Body of Knowledge (CBK) - Security and Risk Management domain. In this course, you will learn the foundations of security and risk management, including topics such as cyber crime, legal and regulatory concerns, threat modeling, and much, much more. When you are finished with this course, you will have a good security and risk management foundation that will provide you with the context and knowledge needed to be successful in the information security profession.

+
Course Syllabus

Course Overview
- 1m 44s

—Course Overview 1m 44s

Introduction
- 5m 24s

—Introduction 5m 24s

Fundamental Security Principles
- 35m 32s

—Introduction 2m 8s
—Security and Risk Management Fundamentals 3m 28s
—Balancing Business and Security 2m 7s
—The CIA Triad 9m 19s
—Accountability and Assurance 4m 40s
—Control Types 2m 42s
—Delaying, Preventing, or Detecting Attacks 4m 45s
—Due Care and Due Diligence 2m 10s
—Ethics 3m 6s
—Conclusion 1m 3s

Legal and Regulatory
- 13m 4s

—Introduction 1m 11s
—Legal Systems 1m 4s
—Criminal and Civil Law 3m 0s
—Administrative Law 2m 35s
—Important Laws 4m 39s
—Summary 0m 32s

Computer Crime
- 20m 13s

—Introduction 0m 57s
—Computers Can Be Used for EVIL 1m 35s
—Some Hack Just Because They Can 2m 52s
—It's All About the Money 2m 40s
—Spies Are Real 2m 5s
—Payback and Government Hackers 3m 8s
—Theft, Vandalism, and Trespass 2m 17s
—Fraud, Spam, and Slander 2m 53s
—Conclusion 1m 43s

Intellectual Property
- 6m 3s

—Introduction 0m 47s
—Patents 2m 6s
—Trademarks and Trade Secrets 1m 26s
—Copyrights 1m 17s
—Summary 0m 26s

Privacy
- 16m 4s

—Introduction 1m 24s
—Privacy Matters 4m 47s
—Privacy Law Examples 8m 57s
—Conclusion 0m 56s

Licensing
- 15m 1s

—Introduction 0m 43s
—Reasons for Licensing 1m 59s
—License Types 0m 32s
—Open Versus Closed Source Licensing 2m 23s
—Commercial Versus Non-commercial Licensing 3m 20s
—End User License Agreements 0m 34s
—Free Software 1m 48s
—Demo and Trial Licenses 1m 17s
—Shareware 0m 54s
—Academic Software Licensing 0m 46s
—Summary 0m 41s

Trans-border Data Flow
- 8m 17s

—Introduction 1m 1s
—Trans-border Data Flow 4m 6s
—Import and Export Controls 2m 12s
—Summary 0m 56s

Security Awareness
- 15m 39s

—Introduction 1m 12s
—Develop a Culture of Security Awareness 4m 34s
—Types of Security Awareness 2m 1s
—Expected Impact of Training 2m 25s
—Awareness Validation 4m 27s
—Summary 0m 57s

Aligning Security to the Organization
- 16m 30s

—Introduction 1m 15s
—Governance 0m 57s
—Roles and Responsibilities 7m 11s
—Organizational Objectives 1m 33s
—Security Goals 2m 57s
—Security Mission 1m 37s
—Conclusion 0m 58s

Creating Policies, Procedures, Guidelines, and Baselines
- 19m 6s

—Introduction 0m 58s
—Security Frameworks Introduction 3m 46s
—Effective Policies and Procedures 3m 16s
—Policy Sections 2m 51s
—Procedures 3m 1s
—Guidelines 1m 17s
—Baselines 2m 29s
—Summary 1m 25s

Continuity Planning and Disaster Recovery
- 11m 4s

—Introduction 1m 9s
—Business Continuity Process 1m 15s
—Conducting a Business Impact Analysis 1m 0s
—Disaster Recovery Planning vs. Business Continuity Planning 1m 42s
—Testing Your Plans 1m 32s
—Disaster Events 0m 40s
—Recovering from Disaster 1m 6s
—Disaster Recovery Controls 2m 1s
—Conclusion 0m 34s

Threat Modeling
- 14m 10s

—Introduction 1m 8s
—Threat Modeling Overview 2m 9s
—Threat Modeling Focus 2m 26s
—Threat Model - Scoping 1m 27s
—Reviewing the Architecture 1m 16s
—Decomposing 0m 50s
—Threat Identification using STRIDE 2m 26s
—Defining and Documenting Countermeasures 0m 40s
—Prioritization 0m 42s
—Summary 1m 1s

Risk Assessment Concepts
- 16m 52s

—Introduction 1m 22s
—Threats 2m 6s
—Threat Source 1m 43s
—Vulnerabilities 1m 15s
—Risk 0m 27s
—Risk Assessments 1m 38s
—Risk Assessment Methodologies 1m 41s
—Real World Threats and Vulnerabilities 1m 32s
—Assessment Approach 0m 51s
—Analysis Approach 0m 58s
—Risk Acceptance and Assignment 1m 24s
—Common Calculations 1m 3s
—Conclusion 0m 47s

Countermeasure Selection Process
- 15m 8s

—Introduction 1m 37s
—What Is a Countermeasure? 1m 30s
—Control Variations 1m 23s
—Control Types 2m 34s
—Control Considerations 1m 50s
—Assessing Control Strength 1m 42s
—Countermeasure Assurance 0m 35s
—Example Countermeasures 2m 48s
—Conclusion 1m 4s

Frameworks
- 13m 4s

—Introduction 1m 43s
—Risk Management Framework 0m 46s
—Leveraging Frameworks 1m 8s
—NIST Risk Management Framework RMF 4m 43s
—FAIR 2m 23s
—OCTAVE Allegro 1m 25s
—Summary 0m 52s

Course Fee:

USD 29

Course Type:	Self-Study
Course Status:	Active
Workload:	1 - 4 hours / week

This course is listed under Development & Implementations , Industry Specific Applications , IT Security & Architecture and Quality Assurance & Testing Community

Attended this course? Write a Review

Course Fee:

USD 29

Course Type:	Self-Study
Course Status:	Active
Workload:	1 - 4 hours / week

IT Career Development Platform

CISSP® - Security and Risk Management

Pluralsight

Course Summary

Course Description

Course Description

Course Syllabus

Course Type:

Course Status:

Workload:

Threat Modeling

Disaster Recovery

Information security

CISSP (Certified Information Systems Security Professional)

Testing

Information System

Impact Analysis

Allegro

Attended this course? Write a Review

Course Type:

Course Status:

Workload: