CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition

Chapter 3. Risk Mitigation Strategies and Controls

This chapter covers the following topics:

Categorize Data Types by Impact Levels Based on CIA: This section includes a discussion of CIA and FIPS 199 levels.
Incorporate Stakeholder Input into CIA Impact-Level Decisions: This section covers why stakeholder input should be obtained and factored into the decisions made.
Determine the Aggregate CIA Score: This section discusses using the FIPS 199 nomenclature to calculate the aggregate score.
Determine Minimum Required Security Controls Based on Aggregate Score: This section discusses using the aggregate score to help select security controls.
Select and Implement Controls Based on CIA Requirements and Organizational Policies: This section discusses ...

Get CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.