Final Exam: Elements of InfoSec

WHAT YOU WILL LEARN

• 

  Provide a general overview of infosec and describe how it is used to protect organizations
  

  differentiate between different types of information security, such as infrastructure, cloud, application, and incident response
  

  provide an overview of common security threats, including social media attacks, social engineering, malware, and misconfigurations
  

  differentiate between passive and active attacks
  

  provide an overview of the responsibilities of a chief information security officer, including developing sound security practices, identifying security objectives, conducting awareness and training programs, and ensuring regulatory compliance
  

  describe the role of a security operations center (soc)
  

  describe how threat intelligence can provide context and insight relating to security threats
  

  provide an overview of the confidentiality, integrity, and availability (cia) triad
  

  define availability and discuss the importance of availability when planning security goals
  

  differentiate between different types of security controls
• 

  describe how defense in depth is used to provide a layered approach to security
  

  recognize how security governance can be used to control and direct security activities
  

  discuss the importance of data classification
  

  provide an overview of the stages of information security risk management (isrm)
  

  provide an overview of the responsibilities of an it security team
  

  outline common responsibilities for junior network engineers and computer technicians
  

  recognize the responsibilities of a digital/computer forensic examiner
  

  recognize key expectations and responsibilities of employees
  

  provide an overview of the role of devsecops and list the ways it can have a positive impact on information security
  

  list common information security requirements expected from vendors