Security and Risk Management

Fundamental Principles of Security
    1.     Availability
    2.     Integrity
    3.     Confidentiality
    4.     Balanced Security
      Security Definitions
      Control Types
      Security Frameworks
        1.     ISO/IEC 27000 Series
        2.     Enterprise Architecture Development
        3.     Security Controls Development
        4.     Process Management Development
        5.     Functionality vs. Security
          The Crux of Computer Crime Laws
          Complexities in Cybercrime
            1.     Electronic Assets
            2.     The Evolution of Attacks
            3.     International Issues
            4.     Types of Legal Systems
              Intellectual Property Laws
                1.     Trade Secret
                2.     Copyright
                3.     Trademark
                4.     Patent
                5.     Internal Protection of Intellectual Property
                6.     Software Piracy
                  Privacy
                    1.     The Increasing Need for Privacy Laws
                    2.     Laws, Directives and Regulations
                    3.     Employee Privacy Issues
                      Data Breaches
                        1.     U.S. Laws Pertaining to Data Breaches
                        2.     Other Nations' Laws Pertaining to Data Breaches
                          Policies, Standards, Baselines, Guidelines, and Procedures
                            1.     Security Policy
                            2.     Standards
                            3.     Guidelines
                            4.     Procedures
                            5.     Implementation
                              Risk Management
                                1.     Holistic Risk Management
                                2.     Information Systems Risk Management Policy
                                3.     The Risk Management Team
                                4.     The Risk Management Process
                                  Threat Modeling
                                    1.     Vulnerabilities
                                    2.     Threats
                                    3.     Attacks
                                    4.     Reduction Analysis
                                      Risk Assessment and Analysis
                                        1.     Risk Analysis Team
                                        2.     The Value of Information and Assets
                                        3.     Costs That Make Up the Value
                                        4.     Identifying Vulnerabilities and Threats
                                        5.     Methodologies for Risk Assessment
                                        6.     Risk Analysis Approaches
                                        7.     Risk Analysis Approaches
                                        8.     Qualitative Risk Analysis
                                        9.     Protection Mechanisms
                                        10.     Putting it Together
                                        11.     Total Risk vs. Residual Risk
                                        12.     Handling Risk
                                        13.     Outsourcing
                                          Business Continuity and Disaster Recovery
                                            1.     Standards and Best Practices
                                            2.     Making BCM Part of the Enterprise Security Program
                                            3.     BCP Project Components
                                              Personnel Security
                                                1.     Hiring Practices
                                                2.     Termination
                                                3.     Security-Awareness Training
                                                4.     Degree or Certification
                                                  Security Governance
                                                    1.     Metrics
                                                      Ethics
                                                        1.     The Computer Ethics Institute
                                                        2.     The Internet Architecture Board
                                                        3.     Corporate Ethics Programs

                                                        Comments

                                                        Popular posts from this blog

                                                        OIM 11g R2 PS2 : SOA Approval Workflow Sample

                                                        OHS 12c (12.1.3) webgate deployment and configuration

                                                        Oracle Identity Manager (OIM) Interview Questions