Risk Management for CompTIA Security+
Course info
Course info
Description
Managing risk is a critical component of an organizations security posture. In this course, Risk Management for CompTIA Security+, you'll learn how to assess a company's risk across each area within IT. First, you'll explore the various methods used to assess risk like SLE, ALE, and ARO. Next, you'll learn the fundamentals of computer forensics, including maintaining chain of custody, legal holds, and data acquisition techniques. Finally, you'll discover the principals of disaster recovery, maintaining highly available infrastructure, and business continuity basics. By the end of the course, you'll understand what's required to assess an organization's operational risk, the methods used to conduct a forensic investigation, and how to keep a business operational leveraging disaster recovery and business continuity concepts.
About the author
Chris is a lifelong learner and professional information technologist, trainer and IT Manager. Married with 3 children, Chris is interested in martial arts, working out, spending time with family and friends and being creative whenever possible.
More from the author
Section Introduction Transcripts
Course Overview
Hey everyone, my name is Christopher Rees, and welcome to my course on Risk Management for CompTIA Security+. In addition to being a trainer here at Pluralsight, I'm also a former law enforcement officer who specialized in computer crimes, and I have over 20 years of Enterprise IT experience. I've also been training students from all over the world since 1998. In this course, we'll cover the various concepts associated with risk management, which at first might not sound like the most glamorous topic when it comes to security, but trust me, if you embrace these concepts, you'll look like a rock star to your peers and to executive management. After all, at the end of the day, it's about minimizing risk and maximizing profits. So some of the major topics that we'll cover will include various operating agreements between companies, third parties, contractors, and so forth. We'll talk about personnel management as it pertains to security and risk. We'll talk about threat assessment and risk assessment concepts. We'll also cover the basics of forensics, maintaining chain of custody, legal holds, and so forth. We'll talk about business impact analysis and business continuity concepts, also data security including proper data classification, handling, and secure disposal or sanitization techniques. By the end of this course, you'll know the key concepts and technologies required to properly assess and manage risk, as well as maintain continuity of operations for your company, no matter how big or small or what industry. Before beginning the course, having some exposure to CompTIA's A+ and/or Network+ concepts is helpful, but it's not a requirement. So from here, you should feel comfortable diving into more advanced security topics with courses on CompTIA's Advanced Security Practitioner and also Malware Analysis: The Big Picture. So I hope you'll join me on this journey to learn risk management with the Risk Management for CompTIA Security+ course here at Pluralsight.
Understanding Organizational Policies, Plans, and Procedures
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this course, Risk Management, we'll be covering specifically in this module policies, plans, and procedures related to organizational security. So a lot of good information in this module, just like every module, but this one deals specifically with organizational security. So a lot of good stuff dealing with interoperability agreements and so forth. So we'll start off with standard operating procedure, agreement types like BPAs, SLAs, ISAs, and MOUs and MOAs, we'll cover each of these in more detail. We'll talk about personnel management, something that everyone of course loves to deal with, personnel issues, but things like mandatory vacations, job rotation, separation of duties, clean desk initiatives or clean desk polices, background checks, exit interviews, something that's so often missed, and then role-based awareness training. Then we'll talk about data ownership, we'll talk about system administrators, system owners, users, and privileged users, and what the differentiation is between these different types of roles, and then we'll talk about executive users, such things as NDAs, onboarding executive users, continuing education, acceptable use policies and rules of behavior, and then adverse actions. And then lastly we'll wrap up with general security policies around social media networks and applications, and also something that's very relevant in the last few years, especially in last year's election in the US was the use of personal email. So let's go ahead and get started.
Business Impact Analysis Concepts
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module, we'll be covering Business Impact Analysis Concepts. So a lot of good information around keeping the business up, and running, and obviously secure. So, in this module, we're going to cover a few BIA concepts, or business impact analysis concepts, such as RTO and RPO, our recovery time objective and the recovery point objective. We'll talk about MTBF and MTTR, the mean time between failures and the mean time to repair. Also something we refer to as a WRT or the work recovery time, and the MTD, or the maximum tolerable downtime. We'll talk about mission-essential functions, we'll talk about the identification of critical systems, and often times you may find that there are critical systems that you didn't even know about, or critical systems that tie in or have interdependencies with other systems that you didn't know existed. So also single points of failure, we'll talk about the impact itself to such things as life, property, and safety, also to finance and reputation, we'll talk about the PIA and the PTA, the privacy impact assessment and the privacy threshold assessment, both of which how they impact the security and the overall security posture of your business. So let's go ahead and get started.
Understanding Risk Management Processes and Concepts
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module we'll be covering Risk Management Process and Concepts. So in this module, we have three main categories, and as typical, there is more information that meets the eye. So three high-level categories, threat assessment, risk assessment, and also change management, but if we dig under the hood a little bit more, we'll see that we have quite a bit of information to cover. Threat assessments covering environmental, manmade, internal and external. And then with risk assessment, we have such things as single loss event, the annual loss expectancy, and the annual rate of occurrence, also talking about asset risk, the risk register, the likelihood of occurrence, supply chain assessment and impact, also quantitative and qualitative analysis, testing with regards to pen testing authorization and vulnerability testing authorization. We'll also talk about various risk response techniques including acceptance, transference, avoidance, and mitigation. And then lastly we'll talk about change management. So what's the overall goal of this module, or what's in it for you? Well there's four main areas, basically understanding the threat types or the various types of the threats you're likely to encounter in your daily travels as an IT security professional, we'll talk about planning appropriate responses to those threats, identifying and assessing risk, so you can understand how to plan and how to respond appropriately, how to direct your resources appropriately, and then implement proper change management, which is critical, especially as the environment starts to grow or as things scale, change management becomes more and more critical.
Following Incident Response Procedures
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module, we'll be covering Incident Response Procedures. So in this module, some good information. We have incident response plan. We have documented incident types and also category definitions, we'll talk about the roles and responsibilities that make up the teams that are responsible for incident response, also reporting requirements and escalation procedures, when we need to contact outside agencies and so forth, and then we'll talk about exercises and making sure that what we have on paper actually works when it comes time to execute. Next we'll talk about the incident response process, and that revolves around six main areas, preparation, identification, containment, eradication, recovery, and then lessons learned.
Reviewing the Fundamentals of Digital Forensics
Hey, welcome back to Pluralsight. I'm your instructor Christopher Rees and in this module, we'll be covering Reviewing the Fundamentals of Digital Forensics. So, a lot of good information to cover around forensic investigations. We'll talk about the order of volatility, we'll talk about chain of custody, legal holds, data acquisition. We'll talk about preserving data or preservation, recovery of that data. Strategic intelligence and counter intelligence gathering, and then tracking man hours to make sure we have the budget necessary both this year and subsequent years to do our work. So let's go ahead and get started.
Defining Disaster Recovery and Continuity of Operation
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module, we're going to be talking about Defining Disaster Recovery and Continuity of Operation. So a lot of good information in this module around keeping your business up and running. So, let's talk about recovery sites. We'll talk about the order of restoration. We'll talk about backup concepts. We'll talk about geographic considerations, and then we'll talk about continuity of operation planning. So, as usual, there's always more than meets than eye, so under the covers we have a number of things here. Each of these high-level topics we'll cover in and of themselves. You can go ahead and pause this for a second and read through if you want to get an idea of what we're covering before we dive into it, so no need for me to go through here line by line and read through these. So let's go ahead and jump right in and get started.
Comparing and Contrasting Various Types of Controls
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module we'll be covering Comparing and Contrasting Various Types of Controls. So in this module, we're going to cover a few things around control types, basically the types of access control, which means technical, administrative, and then physical. And then we'll also talk about the categories of control, and there are five main categories. We have deterrent, preventive, detective, corrective or recovery, and then compensating. So let's go ahead and get started.
Performing Data Security and Privacy Practices
Hey, welcome back to Pluralsight. I'm your instructor, Christopher Rees, and in this module we'll be covering Performing Data Security and Privacy Practices. So in this module, we have four main areas. We're going to cover data destruction and media sanitation. We'll cover data sensitivity labeling and handling. We'll talk about the various data roles and also the concept of data retention. And, as always, there's more under the covers than just the high-level topics. So in each of these roles, of course, we have some additional subtopics. So you can go ahead and pause this for a moment and review as long as you need to get an idea of what it is we're covering, but let's go ahead and get started.