BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

CASP+ Cert Prep: 1 Risk Management

via LinkedIn Learning

Go to class Write review

Overview

Prepare for domain 1 of the CompTIA Advanced Security Practitioner (CASP+) exam. Review topics to better understand risk management and its impact on leaders' decision-making.

Syllabus

Introduction
  • Welcome
  • What you should know
  • About the exam
  • Risk management fundamentals
1. Risk Mitigation Strategies and Controls (Obj. 1.3)
  • The CIA triad
  • Data security classification
  • Stakeholders input into CIA decision making
  • Access control categories
  • Access control types
  • The aggregate CIA score
  • Extreme scenario and worst-case scenario planning
  • Extreme scenario and worst-case scenario example
  • System-specific risk analysis
  • Risk determination
  • Magnitude of impact
  • Likelihood of threat
  • Return on investment
  • Total cost of ownership
  • Risk management strategies
  • Risk management process
  • Continuous improvement and monitoring
  • Business continuity planning (BCP)
  • IT governance
2. Business and Industry Influences and Associated Security Risks (Obj. 1.1)
  • Risk management of new products, technologies, and user behaviors
  • Business models and strategies
  • Partnerships
  • Outsourcing
  • Third-party outsourcing and security
  • Cloud
  • Acquisition or mergers and divestiture or demerger
  • Integrating diverse industries
  • Internal and external influences
  • De-perimeterization
3. Security, Privacy Policies, and Procedures in Risk Management (Obj. 1.2)
  • Changes and policy development
  • Changes and process or procedure development
  • Legal and regulatory compliance
  • Risk assessment or Statement of Applicability
  • Business Impact Analysis
  • Interoperability Agreement and Interconnection Security Agreement
  • Memorandum of Understanding
  • Service Level Agreement and Operating Level agreement
  • Non-Disclosure Agreement
  • Business Partnership Agreement
  • Master service agreement
  • Privacy considerations
  • Separation of duties
  • Job rotation and mandatory vacations
  • Least privilege
  • Incident response
  • Digital forensics
  • Employment and termination procedures
  • Continuous monitoring
  • User training and awareness
  • Auditing requirements and frequency
4. Measurements and Metrics in Risk Management (Obj. 1.4)
  • Benchmarks and baselines
  • Prototyping and multiple test solutions
  • Cost benefit analysis
  • Metrics collection and analysis
  • Analyzing and interpreting trend data
  • Reviewing security controls
  • Reverse engineering and deconstructing security solutions
  • Analyzing security solutions to meet your business' needs
  • videos learned and after-action reports
  • Solving difficult problems that have no right answer
Conclusion
  • Next steps

Taught by

Jason Dion

Reviews

4.8 rating at LinkedIn Learning based on 156 ratings

Start your review of CASP+ Cert Prep: 1 Risk Management

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.