Chapter 1

Security and Risk Management

This chapter covers the following topics:

  • Security Terms: Concepts discussed include confidentiality, integrity, and availability (CIA); auditing and accounting; non-repudiation; default security posture; defense in depth; abstraction; data hiding; and encryption.

  • Security Governance Principles: Concepts discussed include security function alignment, organizational processes, organizational roles and responsibilities, security control frameworks, and due care and due diligence.

  • Compliance: Concepts discussed include contractual, legal, industry standards, and regulatory compliance and privacy requirements compliance.

  • Legal and Regulatory Issues: Concepts discussed include computer crime concepts, major ...

Get CISSP Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.