YoVDO

CASP+ Cert Prep: 1 Risk Management

Offered By: LinkedIn Learning

Tags

CompTIA CASP+ (Plus) Courses Risk Management Courses Information Security Certifications Courses

Course Description

Overview

Prepare for domain 1 of the CompTIA Advanced Security Practitioner (CASP+) exam. Review topics to better understand risk management and its impact on leaders' decision-making.

Syllabus

Introduction
  • Welcome
  • What you should know
  • About the exam
  • Risk management fundamentals
1. Risk Mitigation Strategies and Controls (Obj. 1.3)
  • The CIA triad
  • Data security classification
  • Stakeholders input into CIA decision making
  • Access control categories
  • Access control types
  • The aggregate CIA score
  • Extreme scenario and worst-case scenario planning
  • Extreme scenario and worst-case scenario example
  • System-specific risk analysis
  • Risk determination
  • Magnitude of impact
  • Likelihood of threat
  • Return on investment
  • Total cost of ownership
  • Risk management strategies
  • Risk management process
  • Continuous improvement and monitoring
  • Business continuity planning (BCP)
  • IT governance
2. Business and Industry Influences and Associated Security Risks (Obj. 1.1)
  • Risk management of new products, technologies, and user behaviors
  • Business models and strategies
  • Partnerships
  • Outsourcing
  • Third-party outsourcing and security
  • Cloud
  • Acquisition or mergers and divestiture or demerger
  • Integrating diverse industries
  • Internal and external influences
  • De-perimeterization
3. Security, Privacy Policies, and Procedures in Risk Management (Obj. 1.2)
  • Changes and policy development
  • Changes and process or procedure development
  • Legal and regulatory compliance
  • Risk assessment or Statement of Applicability
  • Business Impact Analysis
  • Interoperability Agreement and Interconnection Security Agreement
  • Memorandum of Understanding
  • Service Level Agreement and Operating Level agreement
  • Non-Disclosure Agreement
  • Business Partnership Agreement
  • Master service agreement
  • Privacy considerations
  • Separation of duties
  • Job rotation and mandatory vacations
  • Least privilege
  • Incident response
  • Digital forensics
  • Employment and termination procedures
  • Continuous monitoring
  • User training and awareness
  • Auditing requirements and frequency
4. Measurements and Metrics in Risk Management (Obj. 1.4)
  • Benchmarks and baselines
  • Prototyping and multiple test solutions
  • Cost benefit analysis
  • Metrics collection and analysis
  • Analyzing and interpreting trend data
  • Reviewing security controls
  • Reverse engineering and deconstructing security solutions
  • Analyzing security solutions to meet your business' needs
  • videos learned and after-action reports
  • Solving difficult problems that have no right answer
Conclusion
  • Next steps

Taught by

Jason Dion

Related Courses

Become a CompTIA Advanced Security Practitioner (CASP+)
LinkedIn Learning CASP+ Cert Prep: 2 Enterprise Security Architecture
LinkedIn Learning CASP+ Cert Prep: 3 Enterprise Security Operations
LinkedIn Learning CASP+ Cert Prep: 4 Technical Integration of Enterprise Security
LinkedIn Learning CASP+ Cert Prep: 5 Research, Development and Collaboration
LinkedIn Learning