From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Collect security process data
From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Collect security process data
- [Instructor] Security systems and processes generate large amounts of information. Buried in these massive piles of data are key pieces of information about the health of your security program. Security assessment requires collecting and analyzing that data on a regular basis. When we design security programs, we often focus primarily on the technical controls that protect the confidentiality, integrity, and availability of information. After all, these controls are usually the ones that require the greatest investment of time and resources. However, security programs can't function effectively if they don't also have solid management and operational controls such as undergoing regular and continuous evaluations. This requires access to both technical and process data. Technical data includes the logs generated by servers, network devices, firewalls, intrusion prevention systems, access control systems, and other security…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.