CISSP: Security Operations

Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

This Course specifically spends time on what the security engineer does daily.  Where this security engineer spends his/her time now is a major shift into how we think about learning Iformation Security.   Its now trending heavily towards the role of the individual and the skillset in which he/she posesses

Security Operations/Engineer will shift slightly from operations towards forensics and investigative processes.


  • Evidence collection
  • Evidence Handling
  • Evidence documentation
  • Evidence Reporting
  • Evident techniques
  • Digital Forensics

The security engineer will now focus his or her efforts This is where understanding Law comes into place

  • Operational
  • Criminal
  • Civil
  • Regulatory Perspective

Accountability will become a new trend

This is where Logging and Monitoring Mechanisms are essential.  These support the

  • Forensic Investigations
  • Logging
  • Monitoring to provide visibility

to the

  • Day to to / Operational
  • Mid Term / Tactical
  • Strategic / Visionary


This is why you will master areas of

  • Intrusion Detection Systems
  • Intrusion Prevention Systems
  • SEIM's
  • Data Leakage Protection

You will now also adddress the provisioning of resources so you can

  • Manage
  • Protect

those resources throughout all life cycls.

You will be tested on your ability to Operate and Maintain protective controls such as:

  • Firewalls
  • Intrusion Prevention Systems
  • Application white listing
  • Anti-Malware
  • Honeypots
  • Honeynets
  • Sandboxing
  • Third part security contracts / services

In addition to:

  • Patch Management
  • Vulnerability Management
  • Change Management

Additional topics may include

  • Incident Response Process
  • Disaster Recovery Processes
  • Business Continuity Processes

you will apply all of this to:

  • physical security
  • personal safety

Leave Comment

Your email address will not be published. Required fields are marked *