Share Description
In this course, you will :
- This course covers the following Security and Risk Management domain exam topics: security governance, compliance and policy issues, personnel security, threat modelling, and vendor management.
- Discusses the trifecta of information confidentiality, integrity, and availability.
- Discusses business continuity and risk management strategies, emphasising the significance of ongoing security awareness and education in any organisation.
Syllabus :
1. Security Fundamentals
- The goals of information security
- Confidentiality
- Integrity
- Availability
2. Security Governance
- Aligning security with the business
- Organizational processes
- Security roles and responsibilities
- Control frameworks
3. Compliance and Ethics
- Legal and compliance risks
- Data privacy
- Computer crimes
- Software licensing
- Intellectual property
- Import and export controls
- Data breaches
- Ethics
4. Security Policy
- Security policy framework
- Security policies
5. Business Continuity
- Business continuity planning
- Business continuity controls
- High availability and fault tolerance
6. Personnel Security
- Personnel security
- Security in the hiring process
- Employee termination process
- Employee privacy
- Social networking
- Conducting investigations
7. Risk Management
- Risk assessment
- Quantitative risk assessment
- Risk management
- Security control selection and implementation
- Ongoing risk management
- Risk management frameworks
- Risk visibility and reporting
8. Threat Modeling
- Threat intelligence
- Intelligence sharing
- Identifying threats
- Threat hunting
9. Supply Chain Risk Management
- Managing vendor relationships
- Vendor agreements
- Vendor information management
- Vendor audits and assessments
- Cloud audits
- Security service providers
10. Awareness and Training
- Security awareness training
- Compliance training
- User habits
- Measuring compliance and security posture
