We may earn an affiliate commission when you visit our partners.
Kevin Henry
This course will teach you the foundational concepts of security and risk management that are essential elements of an information security program..
Read more
This course will teach you the foundational concepts of security and risk management that are essential elements of an information security program..
Read more
This course will teach you the foundational concepts of security and risk management that are essential elements of an information security program..
Information security programs are based on a foundation of risk management. It is essential to be familiar with the concepts of risk management. In this course, Security and Risk Management: Concepts and Principles for CISSP®, you’ll learn to build a core understanding of risk and security. First, you’ll explore information security governance and regulations. Next, you’ll discover information security principles. Finally, you’ll learn how to perform risk management and threat modelling. When you’re finished with this course, you’ll have the skills and knowledge of information security needed for the CISSP® examination.
Register for this course and see more details by visiting:
OpenCourser.com/course/qskspi/security
Here's a deal for you
We found an offer that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
What's inside
Syllabus
Course Overview
Foundational Information Security Concepts
Foundational Information Security Concepts Continued
Security Governance Principles
Read more
Syllabus
Course Overview
Foundational Information Security Concepts
Foundational Information Security Concepts Continued
Security Governance Principles
Read more
Information Security Legal and Regulatory Issues
Legal and Investigation Types
Risk and Threat Modeling
Risk Management
Risk Treatment/Response
Supply Chain Risk Management
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Provides a solid foundation in security and risk management concepts for the CISSP® exam
Led by an experienced instructor, Kevin Henry, recognized for their expertise in information security
Covers the foundational concepts of information security, risk management, and threat modeling
Provides a comprehensive overview of information security governance and regulations
Emphasizes the importance of legal considerations in information security
Save this course
Save Security and Risk Management: Concepts and Principles for CISSP® to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Security and Risk Management: Concepts and Principles for CISSP® with these
activities:
Attend a local security meetup or conference
Show steps
This activity will help you to connect with other security professionals.
Browse courses on
Networking
Show steps
-
Find a local security meetup or conference.
-
Attend the event.
-
Network with other attendees.
Practice answering CISSP exam questions
Show steps
This activity will help you to prepare for the CISSP exam.
Browse courses on
CISSP
Show steps
-
Find a practice exam or question bank.
-
Answer the questions under timed conditions.
-
Review your answers and identify areas where you need to improve.
Complete the SANS Institute's Information Security Essentials course
Show steps
Enhance your foundational understanding of information security and risk management concepts, which can provide a solid base for further learning in the course.
Browse courses on
Security Essentials
Show steps
-
Enroll in the SANS Institute's Information Security Essentials course.
-
Complete the course modules and engage with the discussion forums.
-
Apply the knowledge gained to strengthen your understanding of the course concepts.
Seven other activities
Expand to see all activities and additional details
Show all ten activities
Follow a tutorial on how to use a security tool
Show steps
This activity will help you to learn how to use a new security tool.
Browse courses on
Security Tools
Show steps
-
Find a tutorial on how to use a security tool.
-
Follow the steps in the tutorial.
-
Practice using the tool.
Review NIST SP 800-53 Revision 5
Show steps
Reviewing this document will solidify your understanding of the security controls that are essential for protecting federal information systems.
View
Enhancing the Resilience of the Nation's...
on Amazon
Show steps
-
Read the document thoroughly.
-
Identify the key security controls for each of the 18 control families.
-
Understand the implementation guidance for each control.
Participate in a cybersecurity hackathon
Show steps
Practice applying the principles of risk and security management in a simulated real-world environment, which can help you better understand and retain the concepts taught in the course.
Browse courses on
Hacking
Show steps
-
Identify and register for a relevant cybersecurity hackathon.
-
Form a team or work independently to address the challenges presented in the hackathon.
-
Apply risk and security management principles to assess vulnerabilities and develop mitigation strategies.
Conduct a risk assessment for a small-scale network
Show steps
This activity will give you hands-on experience in conducting a risk assessment and developing a plan to mitigate risks.
Browse courses on
Risk Assessment
Show steps
-
Choose a small-scale network to assess.
-
Identify the assets on the network.
-
Identify the threats to the network.
-
Assess the risks to the network.
-
Develop a plan to mitigate the risks.
Build a small-scale cybersecurity system
Show steps
This project will give you hands-on experience in designing and implementing a cybersecurity system.
Browse courses on
network security
Show steps
-
Choose a small-scale network to protect, such as a home network or a small business network.
-
Research and select the appropriate security tools and technologies.
-
Design and implement the cybersecurity system.
-
Test the cybersecurity system to ensure that it is working properly.
Create a blog post or article about a security risk you have identified
Show steps
This activity will help you to develop your critical thinking skills and your ability to communicate complex technical information.
Browse courses on
Risk Assessment
Show steps
-
Identify a security risk that you have identified.
-
Research the risk and its potential impact.
-
Develop recommendations for mitigating the risk.
-
Write a blog post or article about the risk and your recommendations.
Attend a cybersecurity workshop
Show steps
This activity will help you to learn about a specific cybersecurity topic.
Browse courses on
Cybersecurity
Show steps
-
Find a cybersecurity workshop that is relevant to your interests.
-
Attend the workshop.
-
participer in the activities and discussions.
Attend a local security meetup or conference
Show steps
This activity will help you to connect with other security professionals.
Browse courses on
Networking
Show steps
Show steps
Show steps
- Find a local security meetup or conference.
- Attend the event.
- Network with other attendees.
Practice answering CISSP exam questions
Show steps
This activity will help you to prepare for the CISSP exam.
Browse courses on
CISSP
Show steps
Show steps
Show steps
- Find a practice exam or question bank.
- Answer the questions under timed conditions.
- Review your answers and identify areas where you need to improve.
Complete the SANS Institute's Information Security Essentials course
Show steps
Enhance your foundational understanding of information security and risk management concepts, which can provide a solid base for further learning in the course.
Browse courses on
Security Essentials
Show steps
Show steps
Show steps
- Enroll in the SANS Institute's Information Security Essentials course.
- Complete the course modules and engage with the discussion forums.
- Apply the knowledge gained to strengthen your understanding of the course concepts.
Seven other activities
Expand to see all activities and additional details
Show all ten activities
Follow a tutorial on how to use a security tool
Show steps
This activity will help you to learn how to use a new security tool.
Browse courses on
Security Tools
Show steps
Show steps
Show steps
- Find a tutorial on how to use a security tool.
- Follow the steps in the tutorial.
- Practice using the tool.
Review NIST SP 800-53 Revision 5
Show steps
Reviewing this document will solidify your understanding of the security controls that are essential for protecting federal information systems.
View
Enhancing the Resilience of the Nation's...
on Amazon
Show steps
Show steps
Show steps
- Read the document thoroughly.
- Identify the key security controls for each of the 18 control families.
- Understand the implementation guidance for each control.
Participate in a cybersecurity hackathon
Show steps
Practice applying the principles of risk and security management in a simulated real-world environment, which can help you better understand and retain the concepts taught in the course.
Browse courses on
Hacking
Show steps
Show steps
Show steps
- Identify and register for a relevant cybersecurity hackathon.
- Form a team or work independently to address the challenges presented in the hackathon.
- Apply risk and security management principles to assess vulnerabilities and develop mitigation strategies.
Conduct a risk assessment for a small-scale network
Show steps
This activity will give you hands-on experience in conducting a risk assessment and developing a plan to mitigate risks.
Browse courses on
Risk Assessment
Show steps
Show steps
Show steps
- Choose a small-scale network to assess.
- Identify the assets on the network.
- Identify the threats to the network.
- Assess the risks to the network.
- Develop a plan to mitigate the risks.
Build a small-scale cybersecurity system
Show steps
This project will give you hands-on experience in designing and implementing a cybersecurity system.
Browse courses on
network security
Show steps
Show steps
Show steps
- Choose a small-scale network to protect, such as a home network or a small business network.
- Research and select the appropriate security tools and technologies.
- Design and implement the cybersecurity system.
- Test the cybersecurity system to ensure that it is working properly.
Create a blog post or article about a security risk you have identified
Show steps
This activity will help you to develop your critical thinking skills and your ability to communicate complex technical information.
Browse courses on
Risk Assessment
Show steps
Show steps
Show steps
- Identify a security risk that you have identified.
- Research the risk and its potential impact.
- Develop recommendations for mitigating the risk.
- Write a blog post or article about the risk and your recommendations.
Attend a cybersecurity workshop
Show steps
This activity will help you to learn about a specific cybersecurity topic.
Browse courses on
Cybersecurity
Show steps
Show steps
Show steps
- Find a cybersecurity workshop that is relevant to your interests.
- Attend the workshop.
- participer in the activities and discussions.
Career center
Learners who complete Security and Risk Management: Concepts and Principles for CISSP® will develop knowledge and skills
that may be useful to these careers:
Information Security Analyst
Information Security Analyst
Information Security Analysts design, implement, and maintain security measures to protect an organization's computer networks and systems. They implement Security Governance Principles and tailor them to meet their organization's needs. They also use their knowledge of Investigation Types, Risk Assessment, and Threat Modeling to keep their organization's information secure. This course, Security and Risk Management: Concepts and Principles for CISSP®, would be highly valuable for someone in this role as it provides a strong foundation in all of these areas.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for the overall security of an organization's information systems. They develop and implement security policies and procedures, and oversee the implementation of security measures. They also work with other departments to ensure that security is integrated into all aspects of the organization's operations. Someone in this role would find this course, Security and Risk Management: Concepts and Principles for CISSP®, to be very helpful. It can help them develop the skills and knowledge they need to be successful in their role, such as how to conduct Risk Management and Threat Modelling.
IT Auditor
IT Auditor
IT Auditors evaluate the security of an organization's information systems and make recommendations for improvements. They also conduct risk assessments and compliance audits. Being able to demonstrate knowledge of auditing and risk management is important for an IT Auditor, which makes this course, Security and Risk Management: Concepts and Principles for CISSP®, a good choice.
Security Consultant
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. They also help organizations to develop and implement security plans and procedures. Security Consultants may also provide expert testimony in court cases involving computer security.
Network Security Engineer
Network Security Engineer
Network Security Engineers design, implement, and maintain the security of an organization's computer networks. They also monitor network traffic for suspicious activity and respond to security incidents. This course may be useful for Network Security Engineers as it provides a good overview of security concepts and principles.
Security Architect
Security Architect
Security Architects design and implement the security architecture for an organization's information systems. They also work with other departments to ensure that security is integrated into all aspects of the organization's operations. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Security Architects as it provides a good overview of security concepts and principles.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
The Chief Information Security Officer (CISO) is responsible for the overall security of an organization's information systems. They develop and implement security policies and procedures, and oversee the implementation of security measures. They also work with other departments to ensure that security is integrated into all aspects of the organization's operations. A CISO would greatly benefit from this course, Security and Risk Management: Concepts and Principles for CISSP®, as it provides a strong foundation in all of the areas they are responsible for.
Security Analyst
Security Analyst
Security Analysts monitor and analyze security data to identify and respond to security threats. They also conduct vulnerability assessments and penetration tests. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be beneficial for Security Analysts as it can provide them a good overview of security concepts and principles.
Compliance Analyst
Compliance Analyst
Compliance Analysts ensure that an organization's information systems are in compliance with applicable laws and regulations. They also conduct risk assessments and compliance audits. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for a Compliance Analyst as it gives a deep dive into Legal and Investigation Types and Risk Management. This course will give you a strong foundation in the skills and knowledge you need to be successful in this role.
Incident Responder
Incident Responder
Incident Responders are responsible for responding to security incidents. They also develop and implement incident response plans. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Incident Responders as it provides a good overview of security concepts and principles.
Penetration Tester
Penetration Tester
Penetration Testers identify and exploit vulnerabilities in an organization's computer systems. They also provide recommendations for how to fix the vulnerabilities. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Penetration Testers as it provides a good overview of security concepts and principles.
Cybersecurity Engineer
Cybersecurity Engineer
Cybersecurity Engineers design and implement security measures to protect an organization's computer networks and systems. They also monitor network traffic for suspicious activity and respond to security incidents. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Cybersecurity Engineers as it provides a good overview of security concepts and principles.
Privacy Analyst
Privacy Analyst
Privacy Analysts develop and implement privacy policies and procedures. They also conduct privacy impact assessments. A Privacy Analyst may find this course, Security and Risk Management: Concepts and Principles for CISSP®, to be beneficial to them as it gives a strong foundation in Information Security Legal and Regulatory Issues.
Risk Manager
Risk Manager
Risk Managers identify and assess risks to an organization's information systems. They also develop and implement risk management plans. This course, Security and Risk Management: Concepts and Principles for CISSP®, will teach the foundational elements of risk management that are essential for a Risk Manager. It will also provide you with the skills and knowledge you need to be successful in your role.
Compliance Manager
Compliance Manager
Compliance Managers ensure that an organization's information systems are in compliance with applicable laws and regulations. They also conduct risk assessments and compliance audits. This course, Security and Risk Management: Concepts and Principles for CISSP®, is a good choice for Compliance Managers because it provides a strong foundation in the skills and knowledge they need to be successful in their role, such as how to conduct Risk Management and how to understand Legal and Investigation Types.
For more career information including salaries, visit:
OpenCourser.com/course/qskspi/security
Reading list
We've selected 14 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Security and Risk Management: Concepts and Principles for CISSP®.
Is considered the canonical text for the CISSP certification. Essential for learners who plan on taking the CISSP exam, it provides a comprehensive overview of security and risk management principles.
Is an essential reference for anyone involved in information security. It provides a comprehensive framework for understanding and managing cybersecurity risks.
Comprehensive reference on cryptography. It covers a wide range of topics, from the basics of cryptography to the latest advances in the field. It valuable resource for learners who want to understand the mathematical foundations of security and risk management.
Is highly recommended for learners who want to develop their skills in security risk assessment. It provides a comprehensive overview of the process and how to conduct effective assessments.
Save
Practical guide to threat modeling. It provides a step-by-step process for identifying and mitigating threats to information systems. It valuable resource for learners who want to learn how to build more secure systems.
Is an extensive handbook on information security. It can be a useful reference tool for learners who want more depth on information security management beyond what is introduced in this course.
Save
Classic in the field of information security. It provides a broad overview of hacking techniques and how to defend against them. It valuable resource for learners who want to understand the threats to information security and how to protect against them.
Save
Fascinating look at the human side of security. It provides insights into how attackers think and operate, and how to protect against social engineering attacks. It valuable resource for learners who want to understand the importance of human factors in information security.
Save
Provides a step-by-step guide to conducting security risk assessments.
Provides a practical guide to managing information security risk.
Provides a comprehensive study guide for the CISSP exam, including a section on risk management.
Provides a practical guide to risk management for information systems and technology.
Provides a comprehensive overview of security risk management in an easy-to-understand format.
Provides a comprehensive overview of the risk management process.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/qskspi/security
Share
Similar courses
Here are nine courses similar to
Security and Risk Management: Concepts and Principles for CISSP®.
Security and Risk Management: Principles of Risk for CISSP®
OpenCourser.com/course/bf7138/security
Security and Risk Management: Principles of Risk for...
Most relevant
Identity and Access Management (IAM) for CISSP®
OpenCourser.com/course/50frjt/identity
Identity and Access Management (IAM) for CISSP®
Most relevant
Security Architecture and Engineering: Security Controls and Vulnerabilities for CISSP®
OpenCourser.com/course/jd2yaa/security
Security Architecture and Engineering: Security Controls...
Most relevant
Communication and Network Security for CISSP®
OpenCourser.com/course/0daue2/communication
Communication and Network Security for CISSP®
Most relevant
Asset Security for CISSP®
OpenCourser.com/course/4z7sxd/asset
Asset Security for CISSP®
Most relevant
Security Architecture and Engineering: Cryptography for CISSP®
OpenCourser.com/course/jdxe34/security
Security Architecture and Engineering: Cryptography for...
Most relevant
Information Technology and Security ISACA® CRISC™
OpenCourser.com/course/senjb2/information
Information Technology and Security ISACA® CRISC™
Most relevant
Security Operations: Operations Management for CISSP®
OpenCourser.com/course/44lrxc/security
Security Operations: Operations Management for CISSP®
Most relevant
Exam Review Tips and Tricks for CISSP®
OpenCourser.com/course/iw3vv4/exam
Exam Review Tips and Tricks for CISSP®
Most relevant
Time
255 hours
Level
Intermediate
Via
Pluralsight
Instructor
Kevin Henry
Language
English
Good to know
Provides a solid foundation in security and risk management concepts for the CISSP® exam
Led by an experienced instructor, Kevin Henry, recognized for their expertise in information security
Covers the foundational concepts of information security, risk management, and threat modeling
Provides a comprehensive overview of information security governance and regulations
Emphasizes the importance of legal considerations in information security
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser