Risk Management for CompTIA Security+
Ever organization needs IT security to maintain a strong cybersecurity posture. This course will teach you the equally important concepts around managing risk and ensuring a companies critical assets are secure and available.
What you'll learn
Managing risk is a critical component of an organizations security posture. In this course, Risk Management for CompTIA Security+, you'll learn how to assess a company's risk across each area within IT. First, you'll explore the various methods used to assess risk like SLE, ALE, and ARO. Next, you'll learn the fundamentals of computer forensics, including maintaining chain of custody, legal holds, and data acquisition techniques. Finally, you'll discover the principals of disaster recovery, maintaining highly available infrastructure, and business continuity basics. By the end of the course, you'll understand what's required to assess an organization's operational risk, the methods used to conduct a forensic investigation, and how to keep a business operational leveraging disaster recovery and business continuity concepts.
Table of contents
- Introduction 1m
- The Security Cycle and Standard Operating Procedures 2m
- Interoperability Agreements and SLAs 2m
- Business Partner Agreement (BPA) 1m
- Memorandum of Understanding (MOU) 2m
- Interconnection Security Agreement (ISA) 1m
- Importance of Policies in Reducing Risk 2m
- Mandatory Vacations 2m
- Separation of Duties 1m
- Job Rotation 1m
- Clean Desk, Background Checks, Exit Interviews 4m
- Data Ownership and User Types 2m
- Executive Users 3m
- Social Media Networks / Applications 2m
- Personal Email 2m
- Introduction 1m
- Who Should Watch and Why Should You Care? 3m
- Incident Types and Category Definitions 4m
- Team Models 1m
- Staffing Model 1m
- Outsourcing Considerations 2m
- Incident Notification and Escalation 2m
- Notifying Outside Agencies and Communication 2m
- Exercises 2m
- Incident Response Process 2m
- Preparation 2m
- Detection and Analysis 3m
- Stopping the Spread, Eradication, and Recovery 3m
- Module Review 1m
- Introduction 1m
- Computer Forensics 3m
- Order of Volatility 5m
- Chain of Custody 3m
- Legal Hold 1m
- First Responder Best Practices 5m
- Capture a System Image 4m
- Network Traffic and Logs 4m
- Capture Video 1m
- Record Time Offset 3m
- Take Hashes 2m
- Screenshots 1m
- Witnesses 2m
- Preservation 2m
- Recovery 1m
- Strategic Intelligence/Counterintelligence Gathering 1m
- Track Man House and Expense 3m
- Module Review 1m
- Introduction 1m
- Backup Plans / Policies 1m
- Backup Execution / Frequency 1m
- Cold Site, Hot Site, and Warm Site 3m
- Order or Restoration 2m
- Backup Types and Incremental vs. Differential 3m
- Geographic Considerations 3m
- Business Continuity Planning and Testing 3m
- Risk Assessment and Continuity of Operations 2m
- Disaster Recovery 3m
- IT Contingency Planning 3m
- Succession Planning 1m
- Tabletop Exercises 2m
- Module Overview 1m
- Introduction 1m
- Why Should You Care? 2m
- Non-digital Data Destruction and Burning 2m
- Shredding 1m
- Pulping 1m
- Pulverizing 1m
- Degaussing 2m
- Purging 1m
- Wiping vs. Deleting 3m
- Data Classification, PII, and PHI 3m
- Data Owner 1m
- Data Steward/Custodian 1m
- Privacy Officer 1m
- Data Retention 2m
- Legal and Compliance 3m
About the author
Chris is a professional information technologist, trainer, manager and lifelong learner. He is married with 3 beautiful children and interested in martial arts, working out, spending time with family and friends and being creative whenever possible. He has created a number of IT Certification training courses over the past 10 years and really enjoys helping people advance their careers through training and personal development.