CISSP Cert Prep (2021): 7 Security Operations

Use this course to help you prepare for the Security Operations domain of the 2021 CISSP exam.

Introduction

• Security operations
• What you need to know
• Study resources

1. Investigations and Forensics

• Conducting investigations
• Evidence types
• Introduction to forensics
• System and file forensics
• Network forensics
• Software forensics
• Mobile device forensics
• Embedded device forensics
• Chain of custody
• Reporting and documenting incidents
• Electronic discovery (ediscovery)

2. Logging and Monitoring

• Security information and event management
• Continuous security monitoring
• Endpoint monitoring

3. Resource Security

• Physical asset management
• Change and configuration management

4. Security Principles

• Need to know and least privilege
• Separation of duties and responsibilities
• Privileged account management

5. Incident Management

• Build an incident response program
• Creating an incident response team
• Incident communications plan
• Incident identification
• Escalation and notification
• Mitigation
• Containment techniques
• Incident eradication and recovery
• Validation
• Post-incident activities
• Incident response exercises

6. Personnel Safety

• Personnel safety
• Emergency management

7. Physical Security

• Site and facility design
• Data center environmental controls
• Data center environmental protection
• Physical access control
• Visitor management
• Physical security personnel

Conclusion

• Continuing your studies