IT Security/Operational/Risk

< IT Security < Operational

This lesson covers risk concepts.

Objectives and Skills

Objectives and skills for the risk concepts portion of Security+ certification include:[1]

Explain the importance of risk related concepts.
  • Control types
    • Technical
    • Management
    • Operational
  • False positives
  • False negatives
  • Importance of policies in reducing risk
    • Privacy policy
    • Acceptable use
    • Security policy
    • Mandatory vacations
    • Job rotation
    • Separation of duties
    • Least privilege
  • Risk calculation
    • Likelihood
    • ALE
    • Impact
    • SLE
    • ARO
    • MTTR
    • MTTF
    • MTBF
  • Quantitative vs. qualitative
  • Vulnerabilities
  • Threat vectors
  • Probability / threat likelihood
  • Risk-avoidance, transference, acceptance, mitigation, deterrence
  • Risks associated with Cloud Computing and Virtualization
  • Recovery time objective and recovery point objective

Multimedia

  1. Watch YouTube: Control Types - CompTIA Security+ SY0-401: 2.1.
  2. Watch YouTube: False Positives and False Negatives - CompTIA Security+ SY0-401: 2.1.
  3. Watch YouTube: Reducing Risk with Security Policies - CompTIA Security+ SY0-401: 2.1.
  4. Watch YouTube: Calculating Risk - CompTIA Security+ SY0-401: 2.1.
  5. Watch YouTube: Quantitative and Qualitative Risk Assessment - CompTIA Security+ SY0-401: 2.1.
  6. Watch YouTube: Vulnerabilities, Threat Vectors, and Probability - CompTIA Security+ SY0-401: 2.1.
  7. Watch YouTube: Risk Avoidance - CompTIA Security+ SY0-401: 2.1.
  8. Watch YouTube: Risks with Cloud Computing and Virtualization - CompTIA Security+ SY0-401: 2.1.
  9. Watch YouTube: Recovery Time Objectives - CompTIA Security+ SY0-401: 2.1.

References

  1. CompTIA: Security+ Certification Exam Objectives - Exam SY0-401
This article is issued from Wikiversity - version of the Sunday, December 13, 2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.