(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide - Mike Chapple

Скачать книгу

6.5.2 External 15 6.5.3 Third-party 15 Domain 7 Security Operations 7.1 Understand and comply with investigations 19 7.1.1 Evidence collection and handling 19 7.1.2 Reporting and documentation 19 7.1.3 Investigative techniques 19 7.1.4 Digital forensics tools, tactics, and procedures 19 7.1.5 Artifacts (e.g., computer, network, mobile device) 19 7.2 Conduct logging and monitoring activities 17, 21 7.2.1 Intrusion detection and prevention 17 7.2.2 Security Information and Event Management (SIEM) 17 7.2.3 Continuous monitoring 17 7.2.4 Egress monitoring 17 7.2.5 Log management 17 7.2.6 Threat intelligence (e.g., threat feeds, threat hunting) 17 7.2.7 User and Entity Behavior Analytics (UEBA) 21 7.3 Perform Configuration Management (CM) (e.g., provisioning, baselining, automation) 16 7.4 Apply foundational security operations concepts 16 7.4.1 Need-to-know/least privilege 16 7.4.2 Separation of Duties (SoD) and responsibilities 16 7.4.3 Privileged account management 16 7.4.4 Job rotation 16 7.4.5 Service Level Agreements (SLA) 16 7.5 Apply resource protection 16 7.5.1 Media management 16 7.5.2 Media protection techniques 16 7.6 Conduct incident management 17 7.6.1 Detection 17 7.6.2 Response 17 7.6.3 Mitigation 17 7.6.4 Reporting 17 7.6.5 Recovery

Скачать книгу