Explore best practices and procedures for managing risk and assessing security processes as you study for the Compliance and Assessment domain of the CySA+ (CS0-002) exam.
Overview
Syllabus
Introduction
- Compliance and assessment
- What you should know
- Study resources
- Privacy and security
- Limiting data collection
- Privacy compliance
- Privacy assessments
- Aligning security with the business
- Organizational processes
- Security roles and responsibilities
- Security control selection
- Control frameworks
- Information classification
- Data security policies
- Data security roles
- Data sovereignty
- Data anonymization
- Data obfuscation
- Don't use the last four digits of SSNs
- Data loss prevention
- Information rights management
- Risk assessment
- Quantitative risk assessment
- Risk treatment options
- Risk management frameworks
- Risk visibility and reporting
- Management review
- Metrics and measurements
- Audits and assessments
- Control management
- Certification and accreditation
- Maturity models
- Managing vendor relationships
- Vendor agreements
- Vendor information management
- Security policy framework
- Security policies
- What's next
Taught by
Mike Chapple