O'Reilly logo

CASP+ CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide, Second Edition (Exam CAS-003) by Dwayne Williams, Gregory B. White, Wm. Arthur Conklin, Nicholas Lane

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 3

Risk Mitigation, Strategies, and Controls

This chapter presents the following topics:

•   Determine security controls based on CIA requirements and organizational policies

•   Extreme scenario planning/worst-case scenario

•   Conduct system-specific risk analysis

•   Translate technical risks in business terms

•   Risk management processes

•   Continuous improvement and monitoring

•   Business continuity planning

•   IT governance

•   Enterprise resilience

One of the early themes in this book so far has been risk management, but we haven’t quite gotten into risk management mitigations, strategies, and controls—until now. Information security has become an exercise in risk management. Using the tools and techniques of risk management ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required