DiscoverCISSP Cyber Training Podcast - CISSP Training ProgramCCT 180: Failing Securely, Separation of Duties, and System Resilience for the CISSP (Domain 3.5-8)
CCT 180: Failing Securely, Separation of Duties, and System Resilience for the CISSP (Domain 3.5-8)

CCT 180: Failing Securely, Separation of Duties, and System Resilience for the CISSP (Domain 3.5-8)

Update: 2024-09-30
Share

Description

Send us a text

What if your organization's security posture could withstand any cyber threat? This episode of the CISSP Cyber Training Podcast promises to equip you with actionable insights from CISSP Domain 3, emphasizing the critical principle of failing securely. We tackle the intricacies of separation of duties, zero trust, and the benefits of maintaining simplicity in your systems. Plus, I share my firsthand experience with virtual CISO roles, providing a roadmap for hiring a security professional, from conducting gap assessments to understanding risk profiles and developing robust mitigation strategies.

Next, we dive deep into data security and management essentials. Discover why data classification and separation of duties are paramount in preventing fraud and protecting sensitive information. We'll cover the importance of data loss prevention measures, network segmentation, and change management to safeguard your systems from unauthorized modifications. Learn the significance of monitoring, logging, and process isolation techniques like virtualization and sandboxing to detect anomalies and limit the damage from breaches. And don't miss our discussion on capability-based security, application whitelisting, and the strategic application of these controls based on thorough gap assessments.

Lastly, we explore the facets of system resilience and security measures that ensure reliability. Understand the concept of graceful degradation and the pivotal role of error handling and logging in troubleshooting. We highlight the importance of redundancy, fault tolerance techniques, and the principle of security by design. Proper testing and auditing are emphasized to ensure systems fail securely, and we provide strategies for addressing both soft and hard failures. Additionally, the roles of job rotation, dual control, and mandatory vacations in error detection and risk management are examined, along with a comparison of on-premise versus cloud networks to help you maintain critical servers and applications. This episode is a treasure trove of practical knowledge to elevate your cybersecurity readiness.

Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!

Comments 
In Channel
loading
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

CCT 180: Failing Securely, Separation of Duties, and System Resilience for the CISSP (Domain 3.5-8)

CCT 180: Failing Securely, Separation of Duties, and System Resilience for the CISSP (Domain 3.5-8)

Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur