Published
Day 3 of #100DaysOfCISSP
Domain 1 - Security & Risk Management
Today's topic: Security governance principles
* Least privilege: minimum necessary access
* Need to know: Even if you have access, if you do not need to know, then you should not access the data.
* Non - repudiation: a user cannot deny having performed a certain action
* Subject & Object: subject manipulates the object
Governance vs. Management
Governance - C level executives
Management - plans, builds, runs, monitors activities in alignment with the direction (set by governance)
Governance standards
PCI - DSS
OCTAVE
COBIT
COSO
ITIL
FRAP
Control Frameworks
ISO 27000 series
Defence in depth (layered defence/onion defence):
We implement multiple overlapping security controls to protect an asset (data).
100 Days of CISSP
Day 1 - CIA Triad: https://youtu.be/j1DVvYco5JU
Day 2 - IAAA: https://youtu.be/UQvXL79maus
With ❤️,
Nalaemton Selvaraj
#cswithnalaemton
Domain 1 - Security & Risk Management
Today's topic: Security governance principles
* Least privilege: minimum necessary access
* Need to know: Even if you have access, if you do not need to know, then you should not access the data.
* Non - repudiation: a user cannot deny having performed a certain action
* Subject & Object: subject manipulates the object
Governance vs. Management
Governance - C level executives
Management - plans, builds, runs, monitors activities in alignment with the direction (set by governance)
Governance standards
PCI - DSS
OCTAVE
COBIT
COSO
ITIL
FRAP
Control Frameworks
ISO 27000 series
Defence in depth (layered defence/onion defence):
We implement multiple overlapping security controls to protect an asset (data).
100 Days of CISSP
Day 1 - CIA Triad: https://youtu.be/j1DVvYco5JU
Day 2 - IAAA: https://youtu.be/UQvXL79maus
With ❤️,
Nalaemton Selvaraj
#cswithnalaemton
- Category
- Management
Be the first to comment
-
09:23
CISSP Types of Attacks - Domain 1 Security and Risk Management | Urdu | Hindi |
-
16:43
CISSP Domain 8 Quiz | Software Development Security | Become CISSP Certified Professional | Uplatz
-
1:39:06
CISSP Domain 1 Security and Risk Management
-
44:25
How to pass the CISSP in 3 months - Lesson 1 - Security Governance through Principles and Policies
-
05:47
CISSP Security Governance & Management - Domain 01 Security and Risk Management | Urdu | Hindi |
-
1:19:36
How to Prepare for CISSP Domain 1 | Security & Risk Management | How to Pass CISSP Exam
-
09:13
CISSP Access Controls - Domain 1 Security and Risk Management | Urdu | Hindi |
-
10:54
CISSP Information Security Governance - Domain 1 Security and Risk Management | Urdu | Hindi |
-
1:53:53
CISSP Domain 3 Security Architecture and Engineering By Chandresh | InfosecTrain
-
08:50
CISSP Types of Attacks - Domain 1 Security and Risk Management | Urdu | Hindi |
-
03:29
Deca Roleplay Video - Lily Papadakis (Marshall) (Business Management)
-
00:20
motivational video for libasna ll inspiration for upsc aspirants ll #short #upse #amitabhbachchan
-
17:46
FreeStyle Libre 3 vs Dexcom G6 | Full Test & Review
-
09:59
Learn Communication Skills | English Speaking | Management Insight #7
-
1:43:58
How to Trade In Stocks By: Jesse Livermore. Complete Audiobook.
-
06:52
Three Questions to Ask Yourself To Be a Great Leader
-
07:35
find your unique style | Style Roots QUIZ + body types
