Module Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Transcription
00:00
Welcome back to Sai Breezes. Of course I'm your instructor, Brad Roads. Let's jump into our module. Summary four less than six. Domain five. The last domain in Issa.
00:12
Here's what We're gonna cover this lesson. We're going to review the module, So we're gonna look at all the secure operations disposal Decommissioning stuff that we talked about on. Then we're gonna do a real quick wrap off the entirety of the Isett domains because we're at the end of our run through the Isett domains, the five of them.
00:30
So in this module, we reviewed secure operations. We talked about what? That as people process technology, we talked about Kahneman. Continuous monitoring is where you gotta monitor all of the controls, whether they're technical, nontechnical, preventive, detective, whatever. All of that is something that we do frequently. All the time we talked about secure maintenance and the supply chain on the supply team. We realized that
00:49
if we can't see very far down the supply chain were a risk. We got to remember that
00:53
talked about incident response and how issues performed there. We talked about change management and highlighted the fact that you gotta have a baseline. No, matter what it is. Technical, nontechnical, a system, a component, Whatever. If you're gonna configuration control, it can change management. You've got to have that baseline. And then we talked about D common disposal. And remember,
01:11
Decommissioning is all about re use. Disposal is about destruction, and we're just walking away from whatever
01:15
thing that is we're not going to use anymore.
01:19
So let's wrap up theistic domains. We covered ah lot in the last five lessons. Ah, lot. We talked about security, engineering foundations, right? We looked at the basics. What it is for what? A systems engineering, what a system Security, engineering. How does that fit? We talked about risk management and the levels we talked about the organization level.
01:38
We talked about the mission business process level.
01:40
We talked about the system owner level, which drives all of this to enterprise risk.
01:45
We talked about serious security, planning and design and the absolute requirement that you've got to track things from beginning to end. You have to do requirements traceability from the component of all the way up through to the top level systems that is being engineered.
01:59
We talked about implementation, verification and validation. Those technical processes. And remember, with verification, right? You can say you met the requirement, but validation is Did you meet the mission of business need? And if you didn't, you might validate. You might verify, but never validate.
02:14
Then we talked about secure ops, management and disposal, and that's where we're running. The systems were doing all of that continuous monitoring and then ultimately following the fact that we should have a life cycle, uh, life cycle process in place to get rid of systems that are old and are no longer effective and potentially could cause the security vulnerabilities.
02:32
And that's theistic domains.
02:35
We're gonna now head off to module seven, which is our ISI process, where we're hopefully going to put all of that together, get you that flow all of these domains and sort of help you wrap your head around what it looks like to be an ISI and run through that entirety of the process.
02:50
All right, so in this lesson, we wrapped up all of module six. That's domain five and DISIP. We reviewed the Isett domains because we have reached the end of our our tour through the gossip domains were about to jump into module seven Theis E. Process to help you understand the flow and the work that s C s do on a regular basis.
03:09
We'll see you next time.
Up Next
Information Systems Security Engineering Professional (ISSEP)

This ISSEP course provides students with the foundational knowledge of the concentration area of the CISSP certification that includes a focus on the processes used to develop secure systems. Students will learn key concepts and skills of the five ISSEP domains.

Instructed By