What you'll learn

Your controls have been selected and implemented, users have been educated, and everything seems to be in order. Even if this is the case, odds are that there are still unidentified risks in your environment. If you want to be certain that your controls are working as intended, you will need to perform risk assessments and penetration testing. The 6th domain of the CISSP CBK addresses this concern with topics such as information assurance, testing strategies including penetration testing, log reviews, and third party assessment. In this course, CISSP®: Security Assessment and Testing, you build upon the skills learned in previous CISSP domain and learn to put them all to use when validating the effectiveness of your controls. First, you'll learn about security assessment and test strategies. Next, you'll learn about security controls validation, security and related data collection, as well as analyzing test results. Finally, the course will wrap up by covering third-party risk assessments. By the end this course, you should be familiar with a broad spectrum of topics that are covered within the sixth domain of the CISSP.