CompTIA CySA+ (CS0-002) Cert Prep: 7 Compliance and Assessment
2h 11mAdvanced2020-11-23
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
Explore best practices and procedures for managing privacy, security, and risk and assessing security processes as you study for the CompTIA Cybersecurity Analyst (CySA+) (CS0-002) exam. In this installment of the CySA+ (CS0-002) Cert Prep series, instructor Mike Chapple provides coverage of data privacy and protection practices, risk management, and security frameworks. Mike delves into the differences between privacy and security, how to align security with the business needs of your organization, and how to assess risk likelihood and impact through qualitative and quantitative risk assessment. He also shows how to assess key security processes, including how to best leverage audits and assessments; how to mitigate risk when working with vendors; and more. After completing this course, you'll be prepared to tackle the Compliance and Assessment domain of the CySA+ (CS0-002) exam.
Skills covered
PrivacyIncident ResponseCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Compliance and assessment
- 02 - What you should know
- 03 - Study resources
1. Privacy
- 04 - Privacy and security
- 05 - Limiting data collection
- 06 - Privacy compliance
- 07 - Privacy assessments
2. Security Governance
- 08 - Aligning security with the business
- 09 - Organizational processes
- 10 - Security roles and responsibilities
- 11 - Security control selection
- 12 - Control frameworks
3. Nontechnical Controls
- 13 - Information classification
- 14 - Data security policies
- 15 - Data security roles
- 16 - Data sovereignty
4. Data Controls
- 17 - Data anonymization
- 18 - Data obfuscation
- 19 - Don't use the last four digits of SSNs
- 20 - Data loss prevention
- 21 - Information rights management
5. Risk Management
- 22 - Risk assessment
- 23 - Quantitative risk assessment
- 24 - Risk treatment options
- 25 - Risk management frameworks
- 26 - Risk visibility and reporting
6. Assessing Security Processes
- 27 - Management review
- 28 - Metrics and measurements
- 29 - Audits and assessments
- 30 - Control management
- 31 - Certification and accreditation
- 32 - Maturity models
7. Supply Chain Assessment
- 33 - Managing vendor relationships
- 34 - Vendor agreements
- 35 - Vendor information management
8. Security Policies
- 36 - Security policy framework
- 37 - Security policies
Conclusion
- 38 - What's next
Related courses
- CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management
- CompTIA CySA+ (CS0-002) Cert Prep: 4 Software and Systems Security
- CompTIA CySA+ (CS0-002) Cert Prep: 6 Incident Response
- CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management (2020)
- CompTIA CySA+ (CS0-002) Cert Prep: 3 Identity and Access Management
- CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
- Exam Tips: CompTIA CySA+ (CS0-002)
- CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003): 4 Reporting and Communication
Related learn paths
- Prepare for the CompTIA Cybersecurity Analyst + (CySA+) (CS0-002) Certification Exam
- Prepare for the CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Certification
- Prepare for the CompTIA Data+ (DA0-001) Exam
- Prepare for the CompTIA IT Fundamentals+ (ITF+) (FC0-U61) Exam
- Prepare for the CompTIA Cloud+ (CV0-002) Exam
- Prepare for the CompTIA A+ (220-1001 and 220-1002) Exams
- Prepare for the CompTIA Network+ (N10-007) Exam
- Prepare for the CompTIA Security+ (SY0-601) Certification Exam