Learn to distinguish risk capacity, risk appetite, and risk tolerance, with examples and guidance on aligning these concepts with business objectives and ownership for risk management.

Identify, analyze, and evaluate risks to determine the current state and justify a risk mitigation strategy, comparing risk levels to risk appetite and referencing the risk register.

Explore risk analysis methodologies by comparing qualitative and quantitative approaches, measuring probability and impact, and weighing data availability and cost-benefit analysis for informed risk treatment.

Explore risk assessment techniques to identify and evaluate risk, justify risk mitigation plans, and measure risk by probability and impact on business operations, while tracking trends for effective controls.

Assess third-party outsourcing risks by enforcing security requirements, right to audit, and clear subcontracting controls within a robust service level agreement, while addressing privacy law impacts and data ownership responsibilities.

Summarizes patch management for timely vulnerability mitigation, stressing change management with testing, scheduling, and approvals, and the critical role of security patches and rollback procedures.

Define security baseline as the minimum information security requirements with consistent controls across assets by classification. Enforce two-factor authentication for critical apps and at least one factor for non-critical apps.

Explore the concept of security baseline control, defining minimum requirements, ensuring uniform system hardening, and meeting multinational regulatory needs through location-based supplement standards.

Explore information security framework components by analyzing risk assessment, centralized vs decentralized security structures, data owners, and alignment with business objectives to guide security investment.

Learn security program management essentials: daily antivirus updates, virus definition files, data encryption on mobile devices, and establishing a multi-department steering committee with risk assessment.

Explore privacy principles, consent, and cross-border data transfer, and learn how privacy impact assessments and privacy by design safeguard compliant handling of personal information.

Examine access control fundamentals, including mandatory, discretionary, and role-based controls, and learn to create a work function matrix to enforce segregation of duties and use physical destruction for data erasure.

Explore identity and access management fundamentals, including access control, password policy, two-factor authentication, single sign-on, and data protection to safeguard confidentiality and integrity.

Explore wireless network risks and controls, including encryption, mac filtering, ssid management, dhcp, and rogue access points, plus common attack methods like war driving and war walking.

explain the concepts of free, open, and fail close for control failures and their impact on confidentiality, integrity, and availability, with an automatic door example.

Examine security program metrics and monitoring to guide actions and measure effectiveness, focusing on incident trends, SDLC design phase metrics, and unauthorized intrusion investigations.

Learn how a proxy server acts as a middleman between internal and external networks, exposing only the proxy IP. Compare circuit-level and application-level proxies, noting application-level proxies are more secure.

Explore how intrusion detection systems and intrusion prevention systems monitor security events, using signature-based, statistical-based, and neural network techniques across network-based and host-based IDs, honeypots, and honey nets.

Learn to minimize the duration and impact of outages and security incidents through a defined incident response plan and clear roles. Emphasize evidence collection and simulator testing.

Develop and validate an incident response plan by detailing immediate validation after reports, escalation guidelines, and the information security manager’s role in forming the incident response team to mitigate impact.

Develop an incident response plan by confirming incidents, containing them through containment and quarantine, deploying an intrusion detection system, and using metrics to justify incident management for business benefits.

Document a comprehensive business continuity plan with clear responsibilities and disaster declarations. Align offsite locations, backup procedures, and information security with the organization’s risk assessment.

Explore testing incident response, business continuity, and disaster recovery plans through checklist reviews, simulation tests, and full interruption tests, with full interruption offering the strongest assurance of readiness.

Describe executing the response and recovery plan, including daily automated anti-malware signature updates, reporting breach impact to senior management, and isolating compromised segments for forensic analysis.

Explore post-incident activities and investigations, emphasizing independent, objective root-cause reviews and lessons learned to improve processes. Master forensic best practices, including chain of custody and preserving admissible evidence.