Quick Tips

  • Facilities that house systems that process sensitive information should have physical access controls to limit access to authorized personnel only.

  • Data should be classified, and the necessary technical controls should be put into place to protect its integrity, confidentiality, and availability.

  • Hacker tools are becoming increasingly more sophisticated while requiring increasingly less knowledge by the attacker about how they work.

  • Quality assurance involves the verification that supporting documentation requirements are met.

  • Quality control ensures that an asset is operating within accepted standards.

  • System and audit logs should be monitored and protected from unauthorized modification.

  • Repetitive errors can indicate lack of training ...

Get CISSP Certification All-in-One Exam Guide, Fourth Edition, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.