Foundation of Cyber Security
Introduction to eight CISSP Security Domains
In the field of cyber security , professionals need to master 2 to 3 domains from these fields. No organization works without lack of any of these 8 domains.
Security and Risk Management:
Security and risk managements focuses on:
- Security Goals and Objectives
- Risk Mitigation(Strategy to prepare for and lessen the effects of threats in business)
- Compliance( Meeting the Standards e.g., Authorization or other International Standards policies That 3rd party set for the best practice or legal requirements)
- Business Continuity
Asset Security:
It secures:
1.Digital and Physical Assets.
2.Storage , Maintenance, Retention and Destruction of Data.
e.g.,
task to check the disposal information is destroyed or not.
Security Architecture and Engineering:
To make Data Security effective by using effective tools, Systems and processes
e.g.,
task to config the firewall
Communication and Network management:
Manage and Secure:
Physical Networks
Wireless Communication
e.g.,
Users may Connected to Unsecured Wireless Hotspots
To ensure communication will be secured we will introduced secure network Policies to reduce and mitigate risk.
Identity and Access management:
This is used by mostly organization to ensure that the person or the PII he/she is providing is authorized or not
e.g,
as a Security Analyst we may given task to setup Keycard access to building.
Security Assessment and testing:
Conducting Security control testing
collecting and analyzing data
Conducting security Audits
e.g.,
Access to Payload info is limited to certain people in an organization.
Security Operations:
Conducting Investigations
implementing preventative measures
e.g.,
As a Computer Analyst receive a message alert we need company policies to quickly stop it.
Software Development Security:
Secure Coding