Presented here is a revision of some of the important concepts from all the domains of CISSP CBK. They are provided in bullet points as snippets that are easy to revise. These snippets are for quick revision and reinforcement of the knowledge learned:
- Risk is defined as an exposure of the asset to loss, injury, or damage due to threats, vulnerabilities, and attacks.
- Asset protection requirements are identified through a structured method of risk analysis, evaluation, and assessment.
- Risk analysis, risk evaluation, risk assessment, and risk mitigation strategies are the components of risk management.
- Identifying threats and vulnerabilities, attacks, estimating potential impact, and establishing and implementing suitable controls to treat ...