- CISSP in 21 Days Second Edition
- CISSP in 21 Days Second Edition
- Credits
- About the Author
- About the Reviewer
- www.PacktPub.com
- Preface
- 1. Day 1 – Security and Risk Management - Security, Compliance, and Policies
- 2. Day 2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education
- 3. Day 3 – Asset Security - Information and Asset Classification
- 4. Day 4 – Asset Security - Data Security Controls and Handling
- 5. Day 5 – Exam Cram and Practice Questions
- 6. Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation
- 7. Day 7 – Security Engineering - Cryptography
- 8. Day 8 – Communication and Network Security - Network Security
- An overview of communication and network security
- Network architecture, protocols, and technologies
- Open System Interconnect (OSI) model
- OSI layers and security
- Application layer protocols and security
- Presentation layer protocols and security
- Summary
- Sample questions
- 9. Day 9 – Communication and Network Security - Communication Security
- An overview of communication security
- Security in communication channels
- Attacks on communication networks
- Preventing or mitigating communication network attacks
- Summary
- Sample questions
- 10. Day 10 – Exam Cram and Practice Questions
- 11. Day 11 – Identity and Access Management - Identity Management
- 12. Day 12 – Identity and Access Management - Access Management, Provisioning, and Attacks
- 13. Day 13 – Security Assessment and Testing - Designing, Performing Security Assessment, and Tests
- An overview of security assessment and testing
- Security assessment and test strategies
- Security controls
- Summary
- Sample questions
- 14. Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting
- 15. Day 15 – Exam Cram and Practice Questions
- 16. Day 16 – Security Operations - Foundational Concepts
- An overview of operations security
- The physical security design
- Physical and operations security controls
- Operations/facility security
- Protecting and securing equipment
- Computer investigations
- Summary
- Sample questions
- 17. Day 17 – Security Operations - Incident Management and Disaster Recovery
- 18. Day 18 – Software Development Security - Security in Software Development Life Cycle
- 19. Day 19 – Software Development Security - Assessing effectiveness of Software Security
- 20. Day 20 – Exam Cram and Practice Questions
- 21. Day 21 – Exam Cram and Mock Test
Data analysis is one of the core activities used to establish a security violation as well as control effectiveness. Two parameters are used in this industry to indicate the effectiveness of control from the perspective of identified security violations. One parameter is called the false positive rate and the other is the false negative rate. False positive flags an event as a security violation when it is not. On the other hand, false negative fails to flag a security violation.
A security process or tool may flag an event as a security violation while the event is not. For example, a fingerprint scanner used in identity and access management may reject a legitimate entity after scanning. This may be due to incorrect or insufficient samples of the entity's finger prints. Such a control action is called false positive action.
When a security process or a tool allows an illegitimate event to pass through without raising a security violation, then it is called false negative. For example, an unauthorized entity is allowed to access a resource that requires authorization.
The effectiveness of a security control or a process can also be determined by false positive and false negative rates. Generally, such data will provide inputs to adjust the sensitivity settings of a security control.
A security control is considered to be effective when the false positive and false negative rates are minimum. This implies that the security control is performing as per the requirement of the security policy.
The effectiveness of a security control can be ascertained from audits. Periodical internal or third-party audits provide the verification and validation of the control implementation and performance.
-
No Comment