Chapter 5

Security Management Concepts and Principles

THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE:

  • Information Security Governance and Risk Management
    • Understand and apply security governance
      • Organizational processes; define security roles and responsibilities; legislative and regulatory compliance; privacy requirements compliance; control frameworks; due care; due diligence
    • Understand and apply concepts of confidentiality, availability, and integrity
    • Define and implement information classification and ownership
    • Understand and apply risk management concepts
      • Identify threats and vulnerabilities; risk assessment/analysis; risk assignment/acceptance; countermeasure selection
    • Evaluate personnel security; Background checks and employment ...

Get CISSP®: Certified Information Systems Security Professional Study Guide, Fifth Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.