We may earn an affiliate commission when you visit our partners.
Kevin Henry

This course will teach you the foundational concepts of security and risk management that are essential elements of an information security program..

Read more

This course will teach you the foundational concepts of security and risk management that are essential elements of an information security program..

Information security programs are based on a foundation of risk management. It is essential to be familiar with the concepts of risk management. In this course, Security and Risk Management: Concepts and Principles for CISSP®, you’ll learn to build a core understanding of risk and security. First, you’ll explore information security governance and regulations. Next, you’ll discover information security principles. Finally, you’ll learn how to perform risk management and threat modelling. When you’re finished with this course, you’ll have the skills and knowledge of information security needed for the CISSP® examination.

Enroll now

What's inside

Syllabus

Course Overview
Foundational Information Security Concepts
Foundational Information Security Concepts Continued
Security Governance Principles
Read more
Information Security Legal and Regulatory Issues
Legal and Investigation Types
Risk and Threat Modeling
Risk Management
Risk Treatment/Response
Supply Chain Risk Management

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Provides a solid foundation in security and risk management concepts for the CISSP® exam
Led by an experienced instructor, Kevin Henry, recognized for their expertise in information security
Covers the foundational concepts of information security, risk management, and threat modeling
Provides a comprehensive overview of information security governance and regulations
Emphasizes the importance of legal considerations in information security

Save this course

Save Security and Risk Management: Concepts and Principles for CISSP® to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Security and Risk Management: Concepts and Principles for CISSP® with these activities:
Attend a local security meetup or conference
This activity will help you to connect with other security professionals.
Browse courses on Networking
Show steps
  • Find a local security meetup or conference.
  • Attend the event.
  • Network with other attendees.
Practice answering CISSP exam questions
This activity will help you to prepare for the CISSP exam.
Browse courses on CISSP
Show steps
  • Find a practice exam or question bank.
  • Answer the questions under timed conditions.
  • Review your answers and identify areas where you need to improve.
Complete the SANS Institute's Information Security Essentials course
Enhance your foundational understanding of information security and risk management concepts, which can provide a solid base for further learning in the course.
Browse courses on Security Essentials
Show steps
  • Enroll in the SANS Institute's Information Security Essentials course.
  • Complete the course modules and engage with the discussion forums.
  • Apply the knowledge gained to strengthen your understanding of the course concepts.
Seven other activities
Expand to see all activities and additional details
Show all ten activities
Follow a tutorial on how to use a security tool
This activity will help you to learn how to use a new security tool.
Browse courses on Security Tools
Show steps
  • Find a tutorial on how to use a security tool.
  • Follow the steps in the tutorial.
  • Practice using the tool.
Review NIST SP 800-53 Revision 5
Reviewing this document will solidify your understanding of the security controls that are essential for protecting federal information systems.
Show steps
  • Read the document thoroughly.
  • Identify the key security controls for each of the 18 control families.
  • Understand the implementation guidance for each control.
Participate in a cybersecurity hackathon
Practice applying the principles of risk and security management in a simulated real-world environment, which can help you better understand and retain the concepts taught in the course.
Browse courses on Hacking
Show steps
  • Identify and register for a relevant cybersecurity hackathon.
  • Form a team or work independently to address the challenges presented in the hackathon.
  • Apply risk and security management principles to assess vulnerabilities and develop mitigation strategies.
Conduct a risk assessment for a small-scale network
This activity will give you hands-on experience in conducting a risk assessment and developing a plan to mitigate risks.
Browse courses on Risk Assessment
Show steps
  • Choose a small-scale network to assess.
  • Identify the assets on the network.
  • Identify the threats to the network.
  • Assess the risks to the network.
  • Develop a plan to mitigate the risks.
Build a small-scale cybersecurity system
This project will give you hands-on experience in designing and implementing a cybersecurity system.
Browse courses on network security
Show steps
  • Choose a small-scale network to protect, such as a home network or a small business network.
  • Research and select the appropriate security tools and technologies.
  • Design and implement the cybersecurity system.
  • Test the cybersecurity system to ensure that it is working properly.
Create a blog post or article about a security risk you have identified
This activity will help you to develop your critical thinking skills and your ability to communicate complex technical information.
Browse courses on Risk Assessment
Show steps
  • Identify a security risk that you have identified.
  • Research the risk and its potential impact.
  • Develop recommendations for mitigating the risk.
  • Write a blog post or article about the risk and your recommendations.
Attend a cybersecurity workshop
This activity will help you to learn about a specific cybersecurity topic.
Browse courses on Cybersecurity
Show steps
  • Find a cybersecurity workshop that is relevant to your interests.
  • Attend the workshop.
  • participer in the activities and discussions.

Career center

Learners who complete Security and Risk Management: Concepts and Principles for CISSP® will develop knowledge and skills that may be useful to these careers:
Information Security Analyst
Information Security Analysts design, implement, and maintain security measures to protect an organization's computer networks and systems. They implement Security Governance Principles and tailor them to meet their organization's needs. They also use their knowledge of Investigation Types, Risk Assessment, and Threat Modeling to keep their organization's information secure. This course, Security and Risk Management: Concepts and Principles for CISSP®, would be highly valuable for someone in this role as it provides a strong foundation in all of these areas.
Information Security Manager
Information Security Managers are responsible for the overall security of an organization's information systems. They develop and implement security policies and procedures, and oversee the implementation of security measures. They also work with other departments to ensure that security is integrated into all aspects of the organization's operations. Someone in this role would find this course, Security and Risk Management: Concepts and Principles for CISSP®, to be very helpful. It can help them develop the skills and knowledge they need to be successful in their role, such as how to conduct Risk Management and Threat Modelling.
IT Auditor
IT Auditors evaluate the security of an organization's information systems and make recommendations for improvements. They also conduct risk assessments and compliance audits. Being able to demonstrate knowledge of auditing and risk management is important for an IT Auditor, which makes this course, Security and Risk Management: Concepts and Principles for CISSP®, a good choice.
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. They also help organizations to develop and implement security plans and procedures. Security Consultants may also provide expert testimony in court cases involving computer security.
Network Security Engineer
Network Security Engineers design, implement, and maintain the security of an organization's computer networks. They also monitor network traffic for suspicious activity and respond to security incidents. This course may be useful for Network Security Engineers as it provides a good overview of security concepts and principles.
Security Architect
Security Architects design and implement the security architecture for an organization's information systems. They also work with other departments to ensure that security is integrated into all aspects of the organization's operations. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Security Architects as it provides a good overview of security concepts and principles.
Chief Information Security Officer (CISO)
The Chief Information Security Officer (CISO) is responsible for the overall security of an organization's information systems. They develop and implement security policies and procedures, and oversee the implementation of security measures. They also work with other departments to ensure that security is integrated into all aspects of the organization's operations. A CISO would greatly benefit from this course, Security and Risk Management: Concepts and Principles for CISSP®, as it provides a strong foundation in all of the areas they are responsible for.
Security Analyst
Security Analysts monitor and analyze security data to identify and respond to security threats. They also conduct vulnerability assessments and penetration tests. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be beneficial for Security Analysts as it can provide them a good overview of security concepts and principles.
Compliance Analyst
Compliance Analysts ensure that an organization's information systems are in compliance with applicable laws and regulations. They also conduct risk assessments and compliance audits. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for a Compliance Analyst as it gives a deep dive into Legal and Investigation Types and Risk Management. This course will give you a strong foundation in the skills and knowledge you need to be successful in this role.
Incident Responder
Incident Responders are responsible for responding to security incidents. They also develop and implement incident response plans. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Incident Responders as it provides a good overview of security concepts and principles.
Penetration Tester
Penetration Testers identify and exploit vulnerabilities in an organization's computer systems. They also provide recommendations for how to fix the vulnerabilities. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Penetration Testers as it provides a good overview of security concepts and principles.
Cybersecurity Engineer
Cybersecurity Engineers design and implement security measures to protect an organization's computer networks and systems. They also monitor network traffic for suspicious activity and respond to security incidents. This course, Security and Risk Management: Concepts and Principles for CISSP®, may be helpful for Cybersecurity Engineers as it provides a good overview of security concepts and principles.
Privacy Analyst
Privacy Analysts develop and implement privacy policies and procedures. They also conduct privacy impact assessments. A Privacy Analyst may find this course, Security and Risk Management: Concepts and Principles for CISSP®, to be beneficial to them as it gives a strong foundation in Information Security Legal and Regulatory Issues.
Risk Manager
Risk Managers identify and assess risks to an organization's information systems. They also develop and implement risk management plans. This course, Security and Risk Management: Concepts and Principles for CISSP®, will teach the foundational elements of risk management that are essential for a Risk Manager. It will also provide you with the skills and knowledge you need to be successful in your role.
Compliance Manager
Compliance Managers ensure that an organization's information systems are in compliance with applicable laws and regulations. They also conduct risk assessments and compliance audits. This course, Security and Risk Management: Concepts and Principles for CISSP®, is a good choice for Compliance Managers because it provides a strong foundation in the skills and knowledge they need to be successful in their role, such as how to conduct Risk Management and how to understand Legal and Investigation Types.

Reading list

We've selected 14 books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Security and Risk Management: Concepts and Principles for CISSP®.
Is considered the canonical text for the CISSP certification. Essential for learners who plan on taking the CISSP exam, it provides a comprehensive overview of security and risk management principles.
Comprehensive reference on cryptography. It covers a wide range of topics, from the basics of cryptography to the latest advances in the field. It valuable resource for learners who want to understand the mathematical foundations of security and risk management.
Practical guide to threat modeling. It provides a step-by-step process for identifying and mitigating threats to information systems. It valuable resource for learners who want to learn how to build more secure systems.
Classic in the field of information security. It provides a broad overview of hacking techniques and how to defend against them. It valuable resource for learners who want to understand the threats to information security and how to protect against them.
Fascinating look at the human side of security. It provides insights into how attackers think and operate, and how to protect against social engineering attacks. It valuable resource for learners who want to understand the importance of human factors in information security.
Provides a comprehensive overview of security risk management in an easy-to-understand format.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Security and Risk Management: Concepts and Principles for CISSP®.
Security and Risk Management: Principles of Risk for...
Most relevant
Identity and Access Management (IAM) for CISSP®
Most relevant
Security Architecture and Engineering: Security Controls...
Most relevant
Communication and Network Security for CISSP®
Most relevant
Asset Security for CISSP®
Most relevant
Security Architecture and Engineering: Cryptography for...
Most relevant
Information Technology and Security ISACA® CRISC™
Most relevant
Security Operations: Operations Management for CISSP®
Most relevant
Exam Review Tips and Tricks for CISSP®
Most relevant
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser