5 hours 58 minutes
Welcome back to CyberRays. This, of course. I'm your instructor, Brad Roads. Well, we've made it up to module six of 10 over the halfway point. We're now at the last domain for except that's domain five. Secure ops, change management and disposal.
So here's where we are on our journey. Plus the halfway point on our downhill slide into module +789 and 10 after we complete this module.
Really? What we're looking to do here is talk about the operations process in module six, domain five. And then we're gonna put all of those pieces together in module seven, module eight and hopefully get you understanding and ensconced in what it means to be an ISI.
So let's jump in
in this module or and this video, we're gonna talk about module objectives. We're going to review a quick introduction to operations and talk about those areas and get you ready to go for what is going to be a bit of a lengthy module.
So we've got seven areas we're going to cover in this module SEC ops, conman, and we've talked previously. Conman is not just about monitoring security systems, and Sims and I d s I P s is all that kind of stuff. Conman is the holistic Look, that is he has to do across all security controls.
We're gonna talk about secure maintenance in the supply chain again because this is super important for issues. We're gonna talk about incident response. Why? Because it sees will get pulled into incident response from time to time, not only from an engineering perspective, but especially if they're controls were involved in the thing that caused the incident.
We're gonna review change management, and then we're gonna talk about D common disposal. Two different things. Two very, very different things that you've got to understand is an easy Because I'm telling you, folks, Dumpster diving is a real thing. And if you just throw stuff out and you haven't dispose of it properly, somebody's gonna use that against you.
So let's talk about operations operations. About three things.
People process, technology. You've probably seen the triangle on the left side of the screen here before,
people, that's where we talk about. Do you have the skills? Are you ready to go to support an environment and do that security work? Really? What? It comes down to
processes is consistent execution. It iss standardized execution. It sees you write a lot of processes if you especially if you create your own security controls and you're not buying something. Even if you do buy something, you're gonna be the person that probably creates the training and creates the processes that are used in your environment
and last this technology itself. And that's the implementation and integration. We've talked about that in the previous module. That's where we take all of those pieces and we put them together in the puzzle. And we make that product or project or system or whatever it is we're doing from a controls perspective to mitigate risk. We're making it saying we're making the technology work
and that's what we see when we think about operations.
So in this lesson, we reviewed and jump started our module objectives, talked about those what we're gonna cover in this particular module. And then we did a brief introduction. Tow operations.
Let's jump in. We'll see you next time
Certified Information Systems Security Professional (CISSP) 2021
CISSP is the basis of advanced information assurance knowledge for information security professionals. Often referred ...
16 CEU/CPE Hours Available
Certificate of Completion Offered
ISC2 CISSP Practice Test: Certified Information Systems Security Professional
There is a growing need for information security leaders who possess the depth of expertise ...