Part 5 Flashcards
Just as implementing a robust, secure environment is a dynamic process, creating a ____of security professionals is also a dynamic process.
highly skilled staff
Provide _____ for IT Staff—Now and Forever
Security Training
New ____ are being discovered and new attacks are being launched on a regular basis.
vulnerabilities
It is important for the IT staff to be prepared to _____and_____to new threats and vulnerabilities.
identify and respond
It is recommended that those interested in gaining a deep security understanding start with a _____ program. A _______ program is one that focuses on concepts rather than specific products.
vendor-neutral
SANS
SysAdmin, Audit, Network, Security)
The ____offers two introductory programs: Intro to Information Security (Security 301),22 a five-day class designed for peo- ple just starting out in the security field, and the SANS Security Essentials Bootcamp (Security 401),23 a six-day class designed for people with some security experience.
SANS (SysAdmin, Audit, Network, Security) Institute
Another option is start with a program that follows the ____ certification requirements, such as the Global Knowledge Essentials of Information Security.24 Some colleges offer similar programs.
CompTia Security
Arguably one of the best ways to determine whether an employee has a strong grasp of information security concepts is if she can achieve the CISSP certification.
Certified Information Systems Security Professional
Candidates for this certification are tested on their under- standing of the following 10 knowledge domains:
● Access control
● Application security
● Business continuity and disaster recovery planning
● Cryptography
● Information security and risk management
● Legal, regulations, compliance, and investigations
● Operations security
● Physical (environmental) security
● Security architecture and design
● Telecommunications and network security
