O'Reilly logo

CISSP Exam Cram™ 2 by Michael Gregg

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3. Security-Management Practices

Terms you'll need to understand:

  • Confidentiality

  • Integrity

  • Availability

  • Threat

  • Vulnerability

  • Public/private data classification

  • Government data classification

  • Risk

  • SLE

  • Residual risk

  • ALE

Techniques you'll need to master:

  • Risk management

  • Qualitative analysis

  • Quantitative analysis

  • Data-classification criteria

  • Security roles

  • Risk calculations

Introduction

This chapter helps the reader prepare for the security-management domain. Security management addresses the identification of the organization's information assets. The security-management domain also introduces some critical documents, such as policies, procedures, and guidelines. These documents are of great importance because they spell out how the organization manages its ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required