CHAPTER 11
Security Operations

In this chapter, you will learn about

• Data classifications such as Confidential, Sensitive, Private, and Public

• The difference between data at rest and data in motion

• Different elements of data management policies

• Components of a database such as tuples, rows, primary keys, and foreign keys

• Risks related to data inference

• Regulatory requirements related to PII, PHI, and publicly held companies

• Asset management components

• The differences between certification and accreditation

• The Common Criteria and its evaluation levels

• Using a risk management framework with a certification and accreditation process

• Different phases of a system development life cycle