Objectives and Introduction to Operations

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Transcription
00:00
>> Welcome back to Cybrary course,
00:00
I'm your instructor, Brad Rhodes.
00:00
Well, we've made it up to Module
00:00
6 of 10 over the halfway point,
00:00
we're now at the last domain for SFS Domain 5 secure ops,
00:00
change management, and disposal.
00:00
Here's where we are on
00:00
our journey plus the halfway point on
00:00
our downhill slide into Module 7,8,9,
00:00
and 10 after we complete this module.
00:00
Really what we're looking to do here is talk about
00:00
the operations process in Module 6, Domain 5.
00:00
Then we're going to put all of those pieces
00:00
together in Module 7 and Module 8
00:00
and hopefully get you understanding
00:00
and ensconced and what it means to be an SE.
00:00
Let's jump in. In this module or in this video,
00:00
we're going to talk about module objectives.
00:00
We're going to review a quick introduction
00:00
to operations and talk about those areas,
00:00
and get you ready to go for
00:00
what is going to be a bit of a lengthy module.
00:00
We've got seven areas we're
00:00
going to cover in this module,
00:00
Sec Ops, Con Mon.
00:00
We've talked previously, Con Mon is not just
00:00
about monitoring security systems and Sims and IDS,
00:00
IPS and all that kind of stuff.
00:00
Con Mon is the holistic look that an SE
00:00
has to do across all security controls.
00:00
We are going to talk about secure maintenance
00:00
into supply chain again,
00:00
because this is super important for SEs.
00:00
We're going to talk about incident response.
00:00
Why? Because SEs will
00:00
get pulled into incident response from time to time,
00:00
not only from an engineering perspective,
00:00
but especially if their controls are
00:00
involved in the thing that caused the incident.
00:00
We're going to review change management and then we're
00:00
going to talk about decom and disposal.
00:00
Two very different things
00:00
that you've got to understand as an SE
00:00
because I'm telling you folks dumpster diving is
00:00
a real thing and if you just throw
00:00
stuff out and you haven't disposed it properly,
00:00
somebody's going to use that against you.
00:00
Let's talk about operations.
00:00
Operations is about three things.
00:00
People, process, technology,
00:00
and you've probably seen the triangle on
00:00
the left side of the screen here before.
00:00
People. That's where we talk about,
00:00
do you have the skills?
00:00
Are you ready to go to support and environment and
00:00
do that security work? Feel what it comes down to.
00:00
Processes is consistent execution,
00:00
it is standardized execution.
00:00
It sees you write a lot of processes.
00:00
If you especially create
00:00
your own security controls
00:00
and you're not buying something.
00:00
Even if you do buy something, you are going to be
00:00
the person that probably creates
00:00
the training and creates the processes
00:00
that are used in your environment.
00:00
Last is technology itself,
00:00
and that's the implementation and integration.
00:00
We've talked about that in the previous module.
00:00
That's where we take all of
00:00
those pieces and we put them together in the puzzle,
00:00
and we make that product or project or system
00:00
or whatever it is we're doing from
00:00
a control's perspective to mitigate risks.
00:00
We're making the technology work,
00:00
and that's what we see when we think about operations.
00:00
In this lesson, we reviewed and jump
00:00
started our module objectives, talked about those,
00:00
what we're going to cover in this particular module,
00:00
and then we did a brief introduction to operations.
00:00
Let's jump in. We'll see you next time.
Up Next