Certified Information Systems Security Professional CISSP

By /
Certified Information Systems Security Professional CISSP

Certified Information Systems Security Professional CISSP

Security and Risk Management (CIA)

Confidentiality:

1: Encryption.

Integrity:

1: Protected from unauthorised or accidental changes.

Availability:

1: DDoS, DoS attacks.

2: Loss of service due to a disaster (Man-made or Natural).

Security governance framework

1: NIST.

2: ITIL.

3: ISO 27000

4: COSO.

5: COBIT

Information Security and Law

What is Intellectual Property Law?

Answer: Copying or using someone else’s ideas.

World Intellectual Property Organisation (WIPO).

Industrial property:

Patent: 20 years you cannot use my invention, a WIPO international Patent.

Trademark: protects the goodwill of an organisation (word, name, symbol, colour, sound, product shape, and device).

Copyright protection is weaker than patent protection, but its duration is longer.

A minimum of 50 years after the creator’s death or 70 years under U.S. copyright protection.

Security and Risk Management

Recovery Point Objective (RPO):

1: How much data is it acceptable to lose?

Penetration Test Methodology

1: Reconnaissance/Discovery

2: Enumeration: Gain more information with intrusive methods.

3: Vulnerability Analysis: Map the environment profile to known vulnerabilities.

4: Execution: Attempt to gain user and privileged access.

5: Document Findings: Document the results of the test.

Cisco

Must Read

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top