Chapter 9. Information Security, Governance, and Risk Management
The Information Security Governance and Risk Management domain tests your knowledge of the items related to the triad of security: confidentiality, integrity, and availability (CIA). A large portion of this domain deals with risk management. There are many ways to manage risk; test candidates must be aware that risk assessment can be performed by quantitative, qualitative, or hybrid techniques. The CISSP also must understand security plans and procedures, implementing service-level agreements, and performing security assessments. Each of these items plays a role in managing the security of the organization’s employees and assets. The following list gives you some key areas from ...
Get CISSP Practice Questions Exam Cram, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.