CISSP: Security Operations Part 2


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
One of the primary activities within security operations is detecting and responding to security-related incidents. In this course, you'll learn incident management techniques including incident detection, response, mitigation, reporting, and recovery best practices. This course also covers how to use preventative measures such as firewalls, whitelisting and blacklisting, sandboxing, and anti-malware. In addition, you'll be introduced to patch and vulnerability management activities such as patch testing, installation, and deployment. Finally, this course covers change management processes that security professionals regularly take part in as part of security operations, including versioning, baselining, and security impact analyses. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Information Systems Security Professional (CISSP) exam.

Target Audience
Individuals interested in information systems security concepts, methodologies and best practices; candidates for the Certified Information Systems Security Professional (CISSP) exam

Prerequisites
None

Expected Duration (hours)
2.0

Lesson Objectives

CISSP: Security Operations Part 2

  • to start the course
  • use media management as a resource protection technique
  • use hardware and software asset management as a resource protection technique
  • identify best practices for incident detection
  • identify best practices for incident response and mitigation
  • Identify the best practices of incident reporting
  • identify best practices for incident recovery
  • identify best practices for incident remediation
  • describe best practices for operating and maintaining firewalls as a preventative measure
  • distinguish between different intrusion detection and prevention systems
  • identify best practices for using whitelisting and blacklisting as a preventative measure
  • identify best practices for using third-party security services as a preventative measure
  • identify best practices for using sandboxing as a preventative measure
  • identify best practices for using honeypots and honeynets as a preventative measure
  • identify best practices for using anti-malware as a preventative measure
  • identify the role of patch and vulnerability management in security operations
  • identify best practices for vetting information required for patch and vulnerability management activities
  • describe best practices for patch prioritization and scheduling activities
  • describe best practices for patch testing activities
  • describe best practices for patch installation and deployment
  • describe best practices for auditing and assessing patch management activities
  • describe best practices for ensuring patch management consistency and compliance
  • select appropriate vulnerability management systems
  • identify the role of change management in security operations
  • distinguish between the different phases of a change management process
  • describe the role of versioning and baselining in change management
  • describe the role of a security impact analysis in change management
  • to select appropriate responses to security incidents, and implement strategies to mitigate security vulnerabilities

    • Course Number:
    sp_cisp_a10_it_enus

    Expertise Level
    Intermediate