Chapter 09 - Secure Design Principles & Risk Management

Chapter 09 - Secure Design Principles & Risk Management

Course content

Chapter Kick-off

Chapter Kick-off

Section 1

1

lesson

Secure Design Principles & Risk Management Chapter Kick-off

Trend Analysis

Foundations of Trend Analysis

Section 1

12

lessons

What is Trend Analysis?

Emerging Cybersecurity Trends

Introduction to Gartner’s Reports

XDR Capabilities Improve Accuracy and Productivity

Security Process Automation Eliminates Repetitive Tasks

Artificial Intelligence and Machine Learning

CSOs and Security-oriented Silos

Privacy is Becoming Its Own Discipline

Digital Trust and Safety Teams

Network Security Transforms from LAN to SASE

Cloud Workload Protection Controls

Zero-Trust Replaces VPNs

Secure Design Principles

Foundations of Secure Design

Section 1

3

lessons

Introduction Secure Design

Creating Secure Systems

Secure Design Categories

Mapping the Network

Section 2

3

lessons

Understanding What the Network is for

Threat Model

The End-to-End Approach

Making Compromise Difficult

Section 3

4

lessons

Zero-Trust' of External Inputs

Reduce Attack Surfaces

Security Controls Trust

Protecting Management and Operation Environments

Better Detection Systems

Section 4

2

lessons

Collect All Relevant Security Events and Logs

Communication Flows Between Components

Reducing Compromise Impact

Section 5

4

lessons

Segmenting Assets on a Network

Easy Compromise Recovery

Disallow Arbitrary Queries Against Your Data

Ready, Set, Lab! - Drawing a Secure Topology

Risk Management

What Is Risk Management?

Section 1

5

lessons

Case Study

Risk and Cyber Risk

What Is Risk Management?

Risk Management Primary Objectives

Sorting Risks

The CIA Triad Implementation

Section 2

4

lessons

Valuable Assets

The CIA Triad

CIA Triad Implementation

Assets' Threats

Risk Management Phases

Section 3

8

lessons

Risk Management Goals

The NIST Risk Management Framework

Categorize

Select & Implement Controls

Assess Controls

Authorize Systems

Monitor

Risk Management - Practice

Security Governance

Foundations of Governance

Section 1

4

lessons

What Is Governance?

The Organizational Structure

The Governance Framework

Security Program

Policies, Standards, Procedures, and Guidelines

Section 2

8

lessons

The Need in Rules and Regulations

PII, PCI, and PHI Compliances

Securing Sensitive Information

Personally Identifiable Information (PII)

Payment Card Industry (PCI)

Personal Health Information (PHI)

Security Models

Intellectual Property

Employees Education

Employees Education

Section 1

8

lessons

The Goal of Employees Education

Patch Management

Release Management

Backup Management

Human Firewall

Employees Awareness Training

Lucy Awareness - Tool Introduction

Lucy Awareness Program - Practice

Chapter Closure

Chapter Closure

Section 1

1

exam

Secure Design Principles & Risk Management Quiz

10Questions

TechDX