Chapter 3. Security-Management Practices

Terms you'll need to understand:

Confidentiality
Integrity
Availability
Threat
Vulnerability
Public/private data classification
Government data classification
Risk
SLE
Residual risk
ALE

Techniques you'll need to master:

Risk management
Qualitative analysis
Quantitative analysis
Data-classification criteria
Security roles
Risk calculations

Introduction

This chapter helps the reader prepare for the security-management domain. Security management addresses the identification of the organization's information assets. The security-management domain also introduces some critical documents, such as policies, procedures, and guidelines. These documents are of great importance because they spell out how the organization manages its ...

Get CISSP Exam Cram™ 2 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISSP Exam Cram™ 2 by Michael Gregg

Chapter 3. Security-Management Practices

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly