CISSP 2013 Domain: Operations Security

Target Audience
Expected Duration
Lesson Objectives
Course Number

In today's enterprise environment, security operations takes on many faces, but always comes back to making sure that all aspects of the operation of an enterprise environment are secured and functioning correctly. This course delves into the mechanisms used to track security threats, resource protection, and securing the enterprise environment. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC2) for its Certified Information Systems Security Professional (CISSP) certification. The CISSP credential certifies student expertise in ten different knowledge domains and covers the most recent key areas of knowledge as outlined in the Candidate Information Bulletin (CIB) effective date: January 1, 2012.

Target Audience
Mid- and senior-level managers who are working toward or have already attained positions as CISOs, CSOs, or Senior Security Engineers

Expected Duration (hours)

Lesson Objectives

CISSP 2013 Domain: Operations Security

  • recognize the activities involved in securing the operations of an enterprise
  • classify audit measures as either internal or external
  • identify the technologies used to maintain resource availability
  • match the attack type to their potential effects
  • recognize different approaches to securing operations
  • identify how audit trails can be used in operations security
  • differentiate between monitoring tools and techniques
  • define a strategy for securing and maintaining resources for a given scenario
  • secure enterprise operations against network violations for a given scenario
  • identify approaches to examining operations security
  • identify the reasons for resource protection
  • distinguish between e-mail protocols
  • recognize different types of e-mail vulnerability
  • recognize security issues associated with the web interfacing
  • identify the characteristics of technologies for transferring and sharing files over the Internet
  • match the reconnaissance methods to their descriptions
  • identify the key considerations involved in implementing administrative controls
  • specify how to secure media and media storage devices
  • specify the reasons resource and e-mail should be secure
  • propose safer file sharing practices for a given scenario
  • determine how to secure media in a given scenario
  • Course Number: