Description

Explore best practices and procedures for managing risk and assessing security processes as you study for the Compliance and Assessment domain of the CySA+ (CS0-002) exam.

Tags

Syllabus

Syllabus IntroductionCompliance and assessmentWhat you should knowStudy resources1. PrivacyPrivacy and securityLimiting data collectionPrivacy compliancePrivacy assessments2. Security GovernanceAligning security with the businessOrganizational processesSecurity roles and responsibilitiesSecurity control selectionControl frameworks3. Nontechnical ControlsInformation classificationData security policiesData security rolesData sovereignty4. Data ControlsData anonymizationData obfuscationDon't use the last four digits of SSNsData loss preventionInformation rights management5. Risk ManagementRisk assessmentQuantitative risk assessmentRisk treatment optionsRisk management frameworksRisk visibility and reporting6. Assessing Security ProcessesManagement reviewMetrics and measurementsAudits and assessmentsControl managementCertification and accreditationMaturity models7. Supply Chain AssessmentManaging vendor relationshipsVendor agreementsVendor information management8. Security PoliciesSecurity policy frameworkSecurity policiesConclusionWhat's next Read more