• Online, Self-Paced
Course Description

Identifying, evaluating, and prioritizing potential threats to the organization's network and systems are critical for proper IT systems security. This course introduces the risk management process, including risk assessment, treatment, and assessment activities. It also details best practices for operating and maintaining monitoring systems, and analyzing monitoring results using security analytics, metrics, and trends. This course is one of a series in the Skillsoft learning path that covers the objectives for the (ISC)2 Systems Security Certified Practitioner Exam.

Learning Objectives

Understanding the Risk Management Process

  • start the course
  • describe characteristics of risk visibility and reporting activities
  • describe characteristics of risk management concepts
  • identify risk assessment characteristics and options
  • describe options for risk treatment
  • identify how to use audit findings as part of the risk management process

Performing Security Assessment Activities

  • describe security testing and evaluation activities
  • describe how to interpret and report scanning and testing results

Operate and Maintain Monitoring Systems

  • describe characteristics of events of interest as part of continuous monitoring activities
  • describe logging activities as part of operating and maintaining monitoring systems
  • describe characteristics and purpose of source systems used in continuous monitoring activities

Analyzing Monitoring Results

  • use security analytics metrics and trends for analyzing monitoring results
  • use visualization to analyze monitoring results
  • describe characteristics and purpose of event data analysis activities
  • identify best practices for communicating and reporting monitoring analysis results

Practice: Managing Risk

  • identify best practices for identifying, monitoring, and analyzing risk

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cybersecurity Management
  • Risk Management
  • Systems Analysis
  • Systems Architecture