CASP+ Cert Prep: 1 Risk Management
Offered By: LinkedIn Learning
Course Description
Overview
Prepare for domain 1 of the CompTIA Advanced Security Practitioner (CASP+) exam. Review topics to better understand risk management and its impact on leaders' decision-making.
Syllabus
Introduction
- Welcome
- What you should know
- About the exam
- Risk management fundamentals
- The CIA triad
- Data security classification
- Stakeholders input into CIA decision making
- Access control categories
- Access control types
- The aggregate CIA score
- Extreme scenario and worst-case scenario planning
- Extreme scenario and worst-case scenario example
- System-specific risk analysis
- Risk determination
- Magnitude of impact
- Likelihood of threat
- Return on investment
- Total cost of ownership
- Risk management strategies
- Risk management process
- Continuous improvement and monitoring
- Business continuity planning (BCP)
- IT governance
- Risk management of new products, technologies, and user behaviors
- Business models and strategies
- Partnerships
- Outsourcing
- Third-party outsourcing and security
- Cloud
- Acquisition or mergers and divestiture or demerger
- Integrating diverse industries
- Internal and external influences
- De-perimeterization
- Changes and policy development
- Changes and process or procedure development
- Legal and regulatory compliance
- Risk assessment or Statement of Applicability
- Business Impact Analysis
- Interoperability Agreement and Interconnection Security Agreement
- Memorandum of Understanding
- Service Level Agreement and Operating Level agreement
- Non-Disclosure Agreement
- Business Partnership Agreement
- Master service agreement
- Privacy considerations
- Separation of duties
- Job rotation and mandatory vacations
- Least privilege
- Incident response
- Digital forensics
- Employment and termination procedures
- Continuous monitoring
- User training and awareness
- Auditing requirements and frequency
- Benchmarks and baselines
- Prototyping and multiple test solutions
- Cost benefit analysis
- Metrics collection and analysis
- Analyzing and interpreting trend data
- Reviewing security controls
- Reverse engineering and deconstructing security solutions
- Analyzing security solutions to meet your business' needs
- videos learned and after-action reports
- Solving difficult problems that have no right answer
- Next steps
Taught by
Jason Dion
Related Courses
Introduction to FinanceUniversity of Michigan via Coursera Information Security and Risk Management in Context
University of Washington via Coursera Financial Engineering and Risk Management
Columbia University via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Caries Management by Risk Assessment (CAMBRA)
University of California, San Francisco via Coursera