CySA+
  • CySA+ CS0-002 Exam Objectives
  • Threat Intelligence Cycle
  • Intelligence Sources
  • Security Intelligence Sharing
  • Threat Classification and Threat Actors
  • Threat Research and Indicators of Compromise
  • Attack Frameworks and The Cyber Kill Chain
  • Defining Threat Modeling and Threat Hunting
  • Vulnerability Identification and Validation
  • Vulnerability Scan Results and CVSS Scores
  • Nmap and Enumeration
  • Security Controls
  • Defense in Depth Security Baselines
  • Security Trend Analysis
  • Remediation Issues
  • Asset, Change, and Configuration Management
  • Software Development Lifecycle & Development Models
  • Software Assessment and Code Review
  • Mitigating Attack Types Part 1
  • Mitigating Attack Types Part 2
  • Mitigating Attack Types Part 3
  • Password Cracking and Hashing
  • Privilege Escalation & Man-in-the-Middle
  • Network Based IoCs
  • Host Based IoCs
  • Network Architecture and Segmentation
  • Network Traffic, Packet, and Protocol Analysis
  • Pentesting and Active Defense
  • Firewalls
  • URL Analysis & DNS in Malware
  • Network Access Control and Port Security
  • Identity and Access Management (IAM)
  • Web Application Scanners
  • SSL/TLS Digital Certificate Management
  • Mobile Threats
  • Email Threats and Mitigation
  • Data Loss Prevention (DLP)
  • Endpoint Security and Behavior Analysis
  • Hardware Assurance
  • Blackholes and Sinkholes
  • IoT, Embedded Systems & ICS/SCADA Threats
  • Log Analysis & Continuous Security Monitoring
  • SIEM and Event Correlation
  • Malware Analysis
  • Cloud Models and Service Threats
  • Cloud Automation and Other Cloud Threats
  • VDI, Containers, and Microservices
  • CI/CD, IaC, DevOps
  • AI and Machine Learning
  • Digital Forensics
  • Technical Controls for Securing Data
  • Non-Technical Controls for Securing Data
  • Security Policies and Procedures
  • Continuity Planning and Risk Assessment
  • Incident Response Phases and Communication
Powered by GitBook
On this page

Security Policies and Procedures

  • Security frameworks

    • NIST

    • ISO

    • TOGAF

    • SABSA

    • COBIT

    • ITIL

  • Prescriptive Frameworks – Backed by regulations or compliance requirements.

    • COBIT

    • ITIL

    • ISO

    • PCI DSS

    • Level of implementation:

      • First: risk assessments

      • Second: policies and procedures

      • Third: continuous monitoring

  • Risk Based Frameworks

    • There is no universal framework that applies to everyone

    • NIST is made up of:

      • Framework core: identify, protect, detect, respond, recover

      • Implementation tiers (maturity): partial, risk informed, repeatable, adaptive

      • Framework profiles (what do we need?)

  • Framework Contents

    • Acceptable Use Policy

      • How you can use resources

      • Must be enforced

    • Code of Conduct

      • Authorized job functions

      • Protect data

      • Follow requirements

      • Respect privacy

    • Privacy

      • Expected but needs balance

      • Must be enforced

      • Surveillance for security assurance, monitoring data, or physical monitoring

    • Ownership

      • You create the data, you own it

      • Data classification

      • Privileged users

    • Backup Policy

      • Short term

      • Long term

      • Destruction

    • Job related security.

      • Separation of duties

      • Job rotation

      • Mandatory vacation

      • Dual control

      • Least privilege

  • Corporate Policies

    • Upper management

    • Legal standpoint

    • Department-based

  • Procedures – list of steps

    • Examples

      • Compensating control

      • Continuous monitoring

      • Documentation

      • Control testing before implementation

      • Change management

      • Patching, updating

      • Retiring technology

  • Procedure Exceptions

    • How do you handle procedure exceptions?

      • Document them

      • Who, what, reasons, risk assessment, duration, review

PreviousNon-Technical Controls for Securing DataNextContinuity Planning and Risk Assessment

Last updated 2 years ago