2 Compliance, Regulation, and Investigations

Having a Certified Information Systems Security Professional (CISSP) certification carries the responsibility of complying with laws and regulations and understanding the different types of investigations. Organizations that comply with regulated standards do a better job of securing customer data. Standards also help organizations consistently compare results.

In the exam, you are tested on your understanding of contracts that allow merchants to accept credit cards, security regulations that protect hospital patient records, and other private data. You must also understand which investigatory process to follow when an organization’s information systems are compromised.

By the end of this chapter, ...

Get Certified Information Systems Security Professional (CISSP) Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Certified Information Systems Security Professional (CISSP) Exam Guide by Ted Jordan, Ric Daza, Hinne Hettema

2

Compliance, Regulation, and Investigations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly