Scribd
Upload
29 views2 pages

15EC29L - Syllabus and Reference

Uploaded by

GokulCj Grove
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
29 views2 pages

15EC29L - Syllabus and Reference

Uploaded by

GokulCj Grove
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

15EC29L - Cyber Security: Governance,

Risk and Compliance (One credit course)


Conducted by TCS

Book:

ALL IN ONE CISSP EXAM GUIDE

Sixth Edition

Shon Harris

Chapter 2 - Information Security Governance and Risk Management . . . . . . . . 21

Fundamental Principles of Security . . . . . . . . . . . . . . . . . . . . . . . . . 22

Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Confidentiality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Balanced Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Security Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Control Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Security Frameworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

ISO/IEC 27000 Series . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Enterprise Architecture Development . . . . . . . . . . . . . . . . . . . 41

Security Controls Development . . . . . . . . . . . . . . . . . . . . . . . 55

COSO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Process Management Development . . . . . . . . . . . . . . . . . . . . 60

Functionality vs. Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Security Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Risk Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Who Really Understands Risk Management? . . . . . . . . . . . . . 71

Information Risk Management Policy . . . . . . . . . . . . . . . . . . 72

The Risk Management Team . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Quick Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Descriptive Questions: Page No. 21 to 73

MCQs: Page No. 138 to 158

Chapter 8 Business Continuity and Disaster Recovery Planning . . . . . . . . . . . 885

Business Continuity and Disaster Recovery . . . . . . . . . . . . . . . . . . . 887

Standards and Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . 890

Making BCM Part of the Enterprise Security Program . . . . . . 893

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961

Quick Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961

Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 964

Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 972

Descriptive Questions: Page No. 885 to 893

MCQs: Page No. 961 to 977

Chapter 9 Legal, Regulations, Investigations, and Compliance . . . . . . . . . . . . . 979

The Many Facets of Cyberlaw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 980

The Crux of Computer Crime Laws . . . . . . . . . . . . . . . . . . . . . . . . . 981

Complexities in Cybercrime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 983

Electronic Assets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 985

The Evolution of Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 986

International Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 990

Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1030

Investigations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1032

Incident Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1033

Incident Response Procedures . . . . . . . . . . . . . . . . . . . . . . . . 1037

Computer Forensics and Proper Collection of Evidence . . . . 1042

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1065

Quick Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1065

Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1069

Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1076

Descriptive Questions: Page No. 979 to 989 & 1030 to 1040

MCQs: Page No. 1065 to 1079

You might also like