| MP9003: Network and Database (General) - Security Management and Practices > CISSP Security Professional  | Security Management and Practices | This course covers Domain 3 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about identifying an organization's information assets, as well as the development, documentation, and implementation of appropriate policies, standards, procedures, and guidelines. It also covers how data classification, risk assessment, and risk analysis are used to identify the threats, classify assets, and to rate their vulnerabilities so that effective security controls can be implemented. | Topics:
Defining security principles
Identification and authentication
Accountability and auditing
Security management planning
Risk management and analysis
Risk analysis step by step
Policies, standards, guidelines, and procedures
Examining roles and responsibility
Understanding protection mechanisms
Classifying data
Employment policies and practices
Managing change control
Security awareness training
Objectives:
Understand the principles of security management
Understand risk management and how to use risk analysis to make information security management decisions
Set information security roles and responsibilities throughout your organization
Understand the considerations and criteria for classifying data
Determine how employment policies and practices are used to enhance information security in your organization
Use change control to maintain security
Duration:
2 Hours
|
|
|
