Video Description

This discussion opens identifying key senior management roles within the organization and what those relationships are to corporate security and interactions with you as a CISSP. We'll discuss at length the responsibilities of steering committees, how to identify the Data Owner and distinguish its role from the Data Custodian, and review the role and responsibility of Network Administrators (availability) relative to the Security Administrator (security). We look in detail at the role of Data Classification, how it's classified, who classifies it, how its value is determined and those relationships to data control, and asset valuation. Then we'll examine the best way to implement a Delphi analysis and what the weakest links are in your security process, and why it's important to "thoroughly" train your team for effective Knowledge Transfer. We'll explain it critical to help end-users understand the "why" behind security policies, and give an example of what happens when they don't the the purpose of a given restriction. And finally, you'll learn the reasoning behind question that focus on "purpose" and what is means to encourage desired behavior.

Course Modules

CISSP Archive (10 Domain - 2014)

CISSP 2015 Domain Restructuring