Pluralsight is not an official partner or accredited training center of EC-Council. In this course you'll develop an understanding of proper functions and how to design your own security policies within business and regulatory requirements.
Pluralsight is not an official partner or accredited training center of EC-Council. Without IT security policies, organizations have no framework that defines the proper and safe use of IT systems and data. In this course, Designing and Implementing Security Policies, you'll be exposed to security standards bodies, and how to create security policies based on recommendations from these standards bodies. First, you'll learn examples of implementing security settings based on security policy documentation. Next, you'll learn how to determine the finer details of security policies, including the use of specific security controls and the consequences of policy non-compliance. Finally, you'll gain insight on how technical controls can be interpreted and then implemented for policy compliance. By the end of this course, you'll have an understanding of how policy documents are laid out, and how to design and implement security policies within business and regulatory requirements.
Daniel Lachance, CompTIA Security+™, CompTIA A+®, CompTIA Network+®, CompTIA Server+, CompTIA Cloud Essentials, MCITP, MCTS, MCSA, is the owner of Lachance IT Consulting Inc. He is the author of the CompTIA Server+ Certification All-in-One Exam Guide, CompTIA Cloud Essentials Certification Study Guide, and co-author of CompTIA Security+ Certification Practice Exams.
Course Overview Hi there, my name is Dan Lachance and welcome to my course, Designing and Implementing Security Policies. Protection of personal and digital assets consists of a variety of security controls, even including user behavior, and all of this is driven by organizational security policies and these policies in turn are documents that are laid out in a specific format. The documents are influenced by factors like best security practices, past lessons learned, and regulatory compliance. There needs to be an awareness of how laws, regulations, and security standards apply to organizational security policies. Enterprises can centrally enforce compliance on managed devices and then monitor any deviations over time from the policies. The policies themselves would need to be revisited periodically to ensure that they remain effective. So some of the major things that we will cover in this course include identifying security standards bodies, designing security policies, and then from those designs implementing security policies. By the end of this course you will understand how security policy documents are laid out and how to determine what the documents finer details will include, such as the use of specific security controls and consequences of policy noncompliance. You'll also gain insight as to how technical controls can be interpreted and then implemented for policy compliance. So I hope that you will join me to learn about the creation and implementation of security policies within the designing and implementing security policies course here at Pluralsight.