Governance, Risk, and Compliance for CompTIA Security+

Focused View

Christopher Rees

2:37:46

150 View

1. Course Overview

1. Course Overview.mp4

01:51

2. Comparing and Contrasting Various Types of Controls

1. Module Overview.mp4

01:00

2. Goals of the Module.mp4

01:21

3. Threat Types.mp4

00:58

4. Types of Access Control (Managerial, Operational, and Physical).mp4

01:02

5. Deterrent.mp4

00:26

6. Preventive.mp4

00:35

7. Detective.mp4

00:32

8. Corrective Recovery and Compensating.mp4

01:27

9. Module Review.mp4

00:29

03. Applicable Regulations, Standards, or Frameworks that Impact a Security Organization

01. Module Overview.mp4

00:35

02. Privacy and Compliance Challenges.mp4

05:23

03. GDPR and Key Terminology.mp4

01:49

04. GDPR Key Terms and Data Processing Princ.mp4

02:10

05. Six Legal Grounds for Processing Persona.mp4

01:17

06. GDPR Compliance and Penalties.mp4

00:43

07. Compliance Frameworks.mp4

02:31

08. NIST and the Cyber-security Framework (C.mp4

01:05

09. PCI-DSS.mp4

01:04

10. Enterprise Security Framework (ESF).mp4

01:14

11. NIST SP 800-53 and ISO 27001.mp4

03:10

12. Cloud Security Alliance (CSA).mp4

00:49

13. SSAE 18, SOC 1, 2, and 3.mp4

02:48

14. Benchmarks and Secure Configuration Guid.mp4

01:55

15. Systems Hardening.mp4

02:38

16. Vendor and Control Diversity.mp4

01:34

17. Module Review.mp4

00:24

04. Implementing Policies within Organizational Security

01. Module Overview.mp4

00:42

02. Importance of Policies in Reducing Risk.mp4

00:29

03. Job Rotation.mp4

01:36

04. Mandatory Vacations.mp4

00:36

05. Separation of Duties.mp4

00:30

06. Least Privilege.mp4

00:42

07. Clean Desk Policies.mp4

01:14

08. Background Checks, NDAs, and Role-based Awareness Training.mp4

01:49

09. Use Cases for Monitoring.mp4

02:01

10. Things Typically Monitored.mp4

01:36

11. Balancing Whats Reasonable.mp4

00:51

12. New Tools Are Constantly Developed.mp4

00:53

13. Monitoring Social Media.mp4

00:37

14. Employee Protections.mp4

00:41

15. Onboarding Offboarding.mp4

00:43

16. Culture and Creating a Culture of Security.mp4

01:44

17. Setting the Stage.mp4

01:06

18. Awareness Training.mp4

00:44

19. Skills Training.mp4

01:34

20. Funding and Executive Buy-in.mp4

01:01

21. Continuous Improvement.mp4

00:43

22. Wired Brain Coffees Approach to Training.mp4

01:52

23. Technology Diversity.mp4

00:47

24. Vendor Diversity.mp4

00:39

25. Service-level Agreement (SLA).mp4

00:33

26. Memorandum of Understanding (MOU) and Master Services Agreement (MSA).mp4

01:45

27. Business Partner Agreement (BPA).mp4

00:33

28. EOL EOS.mp4

01:44

29. Data Retention.mp4

00:36

30. User Account.mp4

00:39

31. Shared, Generic, Guest, and Service Accounts.mp4

01:40

32. Privileged Accounts.mp4

00:56

33. Change Management.mp4

01:52

34. Asset Management.mp4

01:44

05. Review the Risk Management Process and Concepts

01. Module Overview.mp4

00:34

02. Risk Types.mp4

03:26

03. Managing Risk.mp4

00:42

04. Risk Management Defined.mp4

01:06

05. Risk Management Concepts.mp4

02:35

06. Strategic Options.mp4

01:56

07. Risk Register, Risk Matrix, and Heat Map.mp4

01:06

08. Risk Control Self-assessment (RCSA).mp4

02:32

09. Risk Awareness (Inherent, Residual, Control, and Risk Appetite).mp4

01:23

10. Regulatory Examples.mp4

00:41

11. Gramm-Leach-Bliley Act (GLBA).mp4

01:25

12. HIPAA.mp4

01:14

13. HITECH Act.mp4

02:00

14. Sarbanes-Oxley Act (SOX).mp4

03:11

15. GDPR.mp4

00:56

16. Qualitative and Quantitative Analysis.mp4

02:40

17. Risk Calculation.mp4

01:25

18. Likelihood of Threat.mp4

00:44

19. Impact of Threat.mp4

00:36

20. Loss Calculation Terms (ALE, SLE, and ARO).mp4

02:42

21. Threat Assessment (Disaster).mp4

01:54

22. Additional Risk Calculation Terms (MTBF, MTTF, and MTTR).mp4

01:16

23. Business Impact Analysis - Key Terminology.mp4

05:13

24. Mission Essential Functions.mp4

02:01

25. Identification of Critical Systems.mp4

02:26

26. Single Point of Failure (SPOF).mp4

02:15

27. Order of Restoration.mp4

01:39

28. Phased Approach.mp4

01:20

29. Identifying Most Critical Systems First.mp4

02:27

30. Risk Assessment.mp4

01:03

31. Continuity of Operations.mp4

01:03

32. IT Contingency Planning.mp4

03:04

06. Privacy and Sensitive Data Concepts and Considerations

01. Module Overview.mp4

00:42

02. Company Obligations to Protect Security.mp4

01:49

03. Potential Damages from Mishandled Data.mp4

01:23

04. Incident Notification and Escalation.mp4

01:54

05. Notifying Outside Agencies.mp4

01:28

06. Data Classification.mp4

02:45

07. Privacy-enhancing Technologies, Data Masking, and Tokenization.mp4

01:47

08. Anonymization and Pseudo-anonymization.mp4

00:51

09. Data Owner.mp4

00:37

10. Data Controller and Processor.mp4

00:24

11. Data Steward Custodian.mp4

01:23

12. Privacy Officer.mp4

00:31

13. Information Lifecycle.mp4

01:58

14. Privacy Impact Assessment.mp4

01:42

15. Terms of Agreement and Privacy Notice.mp4

01:55

Description

Proper governance, compliance, and risk assessment are an important part of any organization’s overall success. This course will teach you how to implement proper controls, assess risk, and limit your company’s exposure.

What You'll Learn?

Regulations, privacy, compliance, and ensuring your customer’s data is secure are becoming increasingly important while at the same time becoming increasingly complex. As new regulations are introduced, a company’s responsibilities continue to increase. In this course, Governance, Risk, and Compliance for CompTIA Security+, you’ll learn to properly assess your company’s risk across all facets of the organization. First, you’ll explore the various types of controls that can be put in place to limit exposure. Next, you’ll discover several methodologies, frameworks, and best practices needed to develop policy and ensure compliance. Finally, you’ll learn how to create a business impact analysis and properly classify data, along with the technologies required to safeguard that data. When you’re finished with this course, you’ll have the skills and knowledge of risk management and compliance needed to ensure your organization is properly governing employee and customer data, complying with local, state, and federal regulations, and properly assessing risk.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Risk Management

CompTIA Security+

Christopher Rees

Instructor's Courses

Chris is a professional information technologist, trainer, manager and lifelong learner. He is married with 3 beautiful children and interested in martial arts, working out, spending time with family and friends and being creative whenever possible. He has created a number of IT Certification training courses over the past 10 years and really enjoys helping people advance their careers through training and personal development.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.