Chapter One. Security and Risk Management

This chapter contains questions that address the key areas of knowledge for Domain 1, Security and Risk Management, of the Certified Information System Security Professional (CISSP) Candidate Information Bulletin. A large portion of this domain deals with risk management. There are many ways to manage risk; test candidates must be aware that risk assessments can be performed by quantitative, qualitative, or hybrid techniques. The CISSP also must understand developing security plans and procedures, implementing service-level agreements, and performing security assessments. Each of these items plays a role in managing the security of the organization’s employees and assets. The following list gives you ...

Get CISSP Practice Questions Exam Cram, Fourth Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.