Module Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Transcription
00:00
>> Welcome back to Cybrary ISP course,
00:00
I'm your instructor, Brad Rhodes.
00:00
Well, we have made it to the end of Module 4,
00:00
which is Domain 3 of ISP and this is
00:00
our planning and design section. Let's get started.
00:00
Pretty straightforward, our video objectives or
00:00
lesson objectives here is to review Module 4.
00:00
We covered a lot in this module.
00:00
We talked about stakeholders.
00:00
What I want you to remember here is
00:00
that almost anybody can be a stakeholder.
00:00
Really, anyone can be a stakeholder.
00:00
Remember that. We talked about threats and resilience.
00:00
What I want you to remember as an ISS
00:00
is that you need to be aware of and
00:00
understand where do you
00:00
find information on vulnerabilities?
00:00
The NVD, the National Vulnerability Database,
00:00
is a great place to start.
00:00
Next, we've talked about system security principles.
00:00
It should not surprise anyone that we talked about
00:00
confidentiality, integrity, and availability.
00:00
When it comes to those basic principles,
00:00
we do those as ISPs as ISS,
00:00
and we do them as CISSPs,
00:00
and many other fields subscribe
00:00
to those basic principles.
00:00
We talked about the contexts,
00:00
CONOPS, and requirements document
00:00
that an ISS needs to know.
00:00
We really highlighted there that and
00:00
environment that you operate in can derive requirements.
00:00
For example, if you're operating in space,
00:00
your requirements are probably different than if you're
00:00
operating some flying craft in the air.
00:00
You have to keep those things in
00:00
mind as you're defining your requirements.
00:00
Next, we talked about a functional analysis,
00:00
and that functional analysis takes
00:00
all of those requirements and bends them
00:00
appropriately and only ultimately
00:00
gets us to the work breakdown structure,
00:00
which pretty much frames out the type of
00:00
work that needs to be done down at the product level.
00:00
You need to remember that for the ISP content.
00:00
In requirements traceability,
00:00
we talked about verification and validation.
00:00
Again, we've talked about this several times.
00:00
It's probably important to remember.
00:00
When you verify something,
00:00
you are determining whether you met
00:00
the requirements as specified.
00:00
When you're validating something,
00:00
you're determining whether it meets the mission need.
00:00
As we've said many times,
00:00
you can verify and still not
00:00
validate and have wasted a lot of money.
00:00
Finally, we highlighted
00:00
and talked about trade-offs studies,
00:00
which is something ISPs do quite a lot of.
00:00
Really they're focused on cost, schedule,
00:00
and scope, so that triangle of things.
00:00
Then additionally the risks at
00:00
those organizational levels that
00:00
we've talked about previously,
00:00
the organization, the mission or business function area,
00:00
and then the system owner or system level.
00:00
That's what we covered here in Module 4.
00:00
[NOISE] What did we cover in this video?
00:00
We reviewed Module 4.
00:00
I'm excited to keep
00:00
going with you and jump into Module 5 next,
00:00
where we're going to talk about implementation.
00:00
Will see you next time.
Up Next