CISSP®: Certified Information Systems Security Professional Study Guide, Fifth Edition > Chapter 6: Asset Value, Policies, and Roles

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

This Book

CISSP®: Certified Information Systems Security Professional Study Guide, Fifth Edition

Search

Table of Contents

Chapter 1: Accountability and Access Control

Chapter 2: Attacks and Monitoring

Chapter 3: ISO Model, Protocols, Network Security, and Network Infrastructure

Chapter 4: Communications Security and Countermeasures

Chapter 5: Security Management Concepts and Principles

Chapter 6: Asset Value, Policies, and Roles

Employment Policies and Practices

Security Roles

Security Management Planning

Policies, Standards, Baselines, Guidelines, and Procedures

Risk Management

Security Awareness Training

Summary

Exam Essentials

Written Lab

Answers to Written Lab

Review Questions

Answers to Review Questions

Chapter 7: Data and Application Security Issues

Chapter 8: Malicious Code and Application Attacks

Chapter 9: Cryptography and Symmetric Key Algorithms

Chapter 10: PKI and Cryptographic Applications

Chapter 11: Principles of Computer Design

Chapter 12: Principles of Security Models

Chapter 13: Administrative Management

Chapter 14: Auditing and Monitoring

Chapter 15: Business Continuity Planning

Chapter 16: Disaster Recovery Planning

Chapter 17: Law and Investigations

Chapter 18: Incidents and Ethics

Chapter 19: Physical Security Requirements

Appendix: About the Companion CD

Index

Glossary

Chapter 6

Asset Value, Policies, and Roles

THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE:

Information Security Governance and Risk Management
- Understand and align security function to goals, mission, and objectives of the organization
- Understand and apply security governance
  - Organizational processes; define security roles and responsibilities; legislative and regulatory compliance; privacy requirements compliance; control frameworks; due care; due diligence
- Develop and implement security policy
  - Security policies; standards/baselines; procedures; guidelines; documentation
- Define and implement information classification and ownership
- Ensure security in contractual agreements and procurement processes
- Understand and apply risk management concepts
  - Identify threats and vulnerabilities; risk assessment/analysis; risk assignment/acceptance; countermeasure selection

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial