The day-to-day operation of enterprise computer systems and the data they host requires a solid understanding of appropriate security practices. This course covers fundamental security concepts including complying with codes of ethics, confidentiality, integrity, and availability. The course also covers the concepts of privacy, accountability, and non-repudiation, as well as security controls documentation and operation best practices. This course is one of a series in the Skillsoft learning path that covers the objectives for the (ISC)2 Systems Security Certified Practitioner Exam.
Learning Objectives
Complying with Codes of Ethics
- start the course
- identify characteristics of the (ISC)2 Code of Ethics and best practices for compliance
- identify best practices for compliance with organizational code of ethics
Understanding Security Concepts
- describe characteristics of the concept of confidentiality
- identify characteristics of the concept of integrity
- identify characteristics of the concept of availability
- identify characteristics of the concept of accountability
- identify characteristics of the concept of privacy
- identify characteristics of the concept of non-repudiation
- identify characteristics of the concept of least privilege
- identify characteristics of the concept of separation of duties
Documenting and Operating Security Controls
- describe best practices for deterrent security controls
- describe best practices for preventative security controls
- describe best practices for detective security controls
- describe best practices for corrective security controls
- describe best practices for compensating security controls
Practice: Operational Security Controls
- identify appropriate best practices when implementing different types of operational security controls