Introduction to the eight CISSP security domains - part 1

 


The CISSP (Certified Information Systems Security Professional) certification defines eight domains to organize the work of security professionals. These domains are interrelated, and understanding them is crucial for effectively protecting organizations from security threats. Let's review the first four security domains introduced in the video:

  1. Security and Risk Management: This domain focuses on defining security goals and objectives, risk mitigation, compliance, business continuity, and legal aspects related to security. Security analysts may update company policies based on changes in regulations such as HIPAA.

  2. Asset Security: Asset security involves securing both digital and physical assets, including data storage, maintenance, retention, and destruction. Security analysts ensure that old equipment containing confidential information is properly disposed of.

  3. Security Architecture and Engineering: This domain is about optimizing data security by implementing effective tools, systems, and processes. Security analysts may configure firewalls to monitor and filter network traffic, thus preventing potential attacks.

  4. Communication and Network Security: This domain focuses on managing and securing physical networks and wireless communications. Security analysts analyze user behavior to identify vulnerabilities, such as connecting to unsecured wireless hotspots, and create network policies to mitigate risks.

there are eight domains defined by CISSP (Certified Information Systems Security Professional) to organize the work of security professionals. These domains cover various aspects of cybersecurity and provide a structured framework for understanding and addressing security challenges. Here are the eight domains:

  1. Security and Risk Management
  2. Asset Security
  3. Security Architecture and Engineering
  4. Communication and Network Security
  5. Identity and Access Management (IAM)
  6. Security Assessment and Testing
  7. Security Operations
  8. Software Development Security

Each domain encompasses specific knowledge areas and skills relevant to the cybersecurity profession. Understanding these domains is essential for security professionals to effectively manage risks, protect assets, and implement security measures in organizations.

Understanding these domains provides a foundation for security professionals to effectively mitigate risks and protect organizations and their data.

Comments

Post a Comment

Popular posts from this blog

Common cybersecurity terminology

  As you’ve learned, cybersecurity (also known as security) is the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation. In this reading, you’ll be introduced to some key terms used in the cybersecurity profession. Then, you’ll be provided with a resource that’s useful for staying informed about changes to cybersecurity terminology. Key cybersecurity terms and concepts There are many terms and concepts that are important for security professionals to know. Being familiar with them can help you better identify the threats that can harm organizations and people alike. A security analyst or cybersecurity analyst focuses on monitoring networks for breaches. They also help develop strategies to secure an organization and research information technology (IT) security trends to remain alert and informed about potential threats. Additionally, an analyst work...
Read more

Cheat Sheet: Plotting with Matplotlib using Pandas

Image
  Cheat Sheet : Plotting with Matplotlib using Pandas Plot Type Description Pandas Function Example Visual Line Plot Shows trends and changes over time DataFrame.plot.line() DataFrame.plot(kind = ‘line’) df.plot(x=’year’, y=’sales’, kind=’line’) Area Plot Displays data series as filled areas, showing the relationship between them DataFrame.plot.area() DataFrame.plot(kind = ‘area’) df.plot(kind='area') Histogram Displays bars representing the data count in each interval/bin Series.plot.hist() Series.plot(kind = ‘hist’, bins = n) s.plot(kind='hist', bins=10) df[‘age’].plot(kind='hist', bins=10) Bar Chart Displays data using rectangular bars DataFrame.plot.bar() DataFrame.plot(kind = ‘bar’) df.plot(kind='bar') Pie Chart Displays data as a circular plot divided into slices, representing proportions or percentages of a whole Series.plot.pie() Series.plot(kind = ‘pie’) DataFrame.plot.pie(y, labels) DataFrame.plot(kind = ‘pie’) s.plot(kind='pie’,autopct=...
Read more

Introduction to security frameworks and controls

  Imagine you're working as a security analyst and receive  multiple alerts about suspicious activity on the network.  You realize that you'll need to implement  additional security measures to keep  these alerts from becoming  serious incidents. But where do you start? Play video starting at ::17 and follow transcript 0:17 As an analyst, you'll start by identifying  your organization's critical assets and risks.  Then you'll implement  the necessary frameworks and controls. Play video starting at ::27 and follow transcript 0:27 In this video, we'll discuss how security professionals  use frameworks to continuously identify and manage risk.  We'll also cover how to use  security controls to manage or reduce specific risks. Play video starting at ::40 and follow transcript 0:40 Security frameworks are guidelines  used for building plans  to help mitigate risks and threats to data and privacy.  Security frameworks ...
Read more