Security Program Management and Oversight for CompTIA Security+
This course will teach you the essential foundations of effective security governance concepts along with the reasons why they’re important, both for real world implementation and the Security+ exam.
What you'll learn
A successful career in cyber security is built upon a strong foundation in not only security architecture, operations, and threat mitigation, but also effective governance. Keeping an organization’s data secure, while maintaining compliance with regulations and local laws safeguards a company from potential financial and legal penalties. In this course, Security Program Management and Oversight for CompTIA Security+, you'll learn the key elements to managing an effective program and setting up policies, standards, and procedures. Next, you’ll explore how to manage external considerations like local, regional, national, and global regulatory and legal constraints. Finally, you’ll discover the concepts required to understand the various types of governance structures, including the roles and responsibilities of each. When you’re finished with this course, you’ll have the concepts and knowledge necessary for the Security+ exam.
Table of contents
- Module Intro, Key Takeaways, and General Guidelines 3m
- Policies and Plans (AUP, Information Security, DR/BC, and Incident Response Plans) 4m
- Software Development Lifecycle (SDLC) 4m
- Standards 1m
- Change Management 2m
- Onboarding/Offboard, External Considerations, and Use Cases for Monitoring 3m
- Types of Governance Structures 1m
- Data Owner, Controller, Processor, and Steward/Custodian 2m
- Module Intro and Key Takeaways 3m
- Risk Identification and Risk Assessment 3m
- Qualitative and Quantitative Analysis 3m
- Risk Calculation and Loss Calculation (ALE, SLE, and ARO) 3m
- Risk Register and Heat Maps 1m
- Risk Awareness and Risk Management Conpcepts 6m
- Risk Appetite (Expansionary, Conservative, and Neutral) 1m
- Business Impact Analysis and Key Terminology 3m
- Module Intro and Key Takeaways 1m
- Compliance Reporting and Consequences of Non-compliance 2m
- Non-compliance: Real World Example 2m
- Compliance Monitoring 1m
- Privacy Compliance and Privacy Challenges 2m
- Data Security and Compliance Challenges 1m
- Regulatory Examples and GDPR 1m
- GDPR Key Terminology and Data Processing Principles 2m
- Grounds for Legal Processing 2m
- Right to Be Forgotten 2m
- Module Overview and Key Takeaways 2m
- Phishing, Campaigns, and Recognizing a Phishing Attempt 4m
- Responding to Reported Suspicious Emails 3m
- Anomalous Behavior Recognition 1m
- User Guidance and Training Topics 4m
- Creating Culture and Awareness Training 1m
- Devising the Plan, Skills Training, Delivery, and Execution 4m