YoVDO

CASP+ Cert Prep: 1 Risk Management

Offered By: LinkedIn Learning

Tags

CompTIA CASP+ (Plus) Courses Risk Management Courses Information Security Certifications Courses

Course Description

Overview

Prepare for domain 1 of the CompTIA Advanced Security Practitioner (CASP+) exam. Review topics to better understand risk management and its impact on leaders' decision-making.

Syllabus

Introduction
  • Welcome
  • What you should know
  • About the exam
  • Risk management fundamentals
1. Risk Mitigation Strategies and Controls (Obj. 1.3)
  • The CIA triad
  • Data security classification
  • Stakeholders input into CIA decision making
  • Access control categories
  • Access control types
  • The aggregate CIA score
  • Extreme scenario and worst-case scenario planning
  • Extreme scenario and worst-case scenario example
  • System-specific risk analysis
  • Risk determination
  • Magnitude of impact
  • Likelihood of threat
  • Return on investment
  • Total cost of ownership
  • Risk management strategies
  • Risk management process
  • Continuous improvement and monitoring
  • Business continuity planning (BCP)
  • IT governance
2. Business and Industry Influences and Associated Security Risks (Obj. 1.1)
  • Risk management of new products, technologies, and user behaviors
  • Business models and strategies
  • Partnerships
  • Outsourcing
  • Third-party outsourcing and security
  • Cloud
  • Acquisition or mergers and divestiture or demerger
  • Integrating diverse industries
  • Internal and external influences
  • De-perimeterization
3. Security, Privacy Policies, and Procedures in Risk Management (Obj. 1.2)
  • Changes and policy development
  • Changes and process or procedure development
  • Legal and regulatory compliance
  • Risk assessment or Statement of Applicability
  • Business Impact Analysis
  • Interoperability Agreement and Interconnection Security Agreement
  • Memorandum of Understanding
  • Service Level Agreement and Operating Level agreement
  • Non-Disclosure Agreement
  • Business Partnership Agreement
  • Master service agreement
  • Privacy considerations
  • Separation of duties
  • Job rotation and mandatory vacations
  • Least privilege
  • Incident response
  • Digital forensics
  • Employment and termination procedures
  • Continuous monitoring
  • User training and awareness
  • Auditing requirements and frequency
4. Measurements and Metrics in Risk Management (Obj. 1.4)
  • Benchmarks and baselines
  • Prototyping and multiple test solutions
  • Cost benefit analysis
  • Metrics collection and analysis
  • Analyzing and interpreting trend data
  • Reviewing security controls
  • Reverse engineering and deconstructing security solutions
  • Analyzing security solutions to meet your business' needs
  • videos learned and after-action reports
  • Solving difficult problems that have no right answer
Conclusion
  • Next steps

Taught by

Jason Dion

Related Courses

Introduction to Finance
University of Michigan via Coursera
Information Security and Risk Management in Context
University of Washington via Coursera
Financial Engineering and Risk Management
Columbia University via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Caries Management by Risk Assessment (CAMBRA)
University of California, San Francisco via Coursera