Video description

Table of Contents

Course Introduction 00:06:59

Domain 6 - Organizational Security 00:01:15

Mainframe Days 00:00:50

In the Good Old Days - Who Knew? 00:02:27

Today’s Environment 00:01:36

Security Definitions 00:01:15

Vulnerabilities 00:00:46

Examples of Some Vulnerabilities that Are Not Always Obvious 00:02:10

Risk - What Does It Really Mean? 00:02:10

Relationships 00:02:02

Who Deals with Risk? 00:01:18

Overall Business Risk 00:01:30

Who? 00:00:44

AIC Triad 00:00:48

Availability 00:00:51

Integrity 00:01:06

Confidentiality 00:00:48

Who Is Watching? 00:02:05

Social Engineering 00:04:06

What Security People Are Really Thinking 00:01:14

Security Concepts 00:01:00

Security? 00:04:57

The Bad Guys Are Motivated 00:02:20

If Not Obscurity - Then What? 00:00:32

Common Open Standards 00:01:42

Without Standards 00:01:27

Logical and Physical Controls 00:00:55

Are There Gaps? 00:03:12

Understanding Drivers 00:00:54

Not Always So Easy 00:00:40

Different Types of Backups 00:01:49

Backup Types 00:01:08

Incremental Backup 00:01:15

Incremental 00:02:35

Differential Backup 00:02:02

Backup Protection 00:01:16

Agenda 3 00:01:17

Mean Time Between Failure 00:00:59

Single Point of Failure 00:00:50

Redundant and Fault Tolerance 00:02:32

Mirroring Data 00:00:43

Disk Duplexing 00:00:43

Redundant Array of Independent Disks 00:05:37

Massive Array of Inactive Disks (MAID) 00:00:50

Redundant Array of Independent Tapes (RAIT) 00:00:34

Serial Advanced Technology Architecture 00:00:50

SAN 00:01:13

Fault Tolerance 00:02:05

Redundancy Mechanism 00:01:40

Some Threats to Computer Operations 00:00:51

Trusted Recovery of Software 00:01:10

After System Crash 00:00:51

Security Concerns 00:01:32

Needs for BCP 00:00:38

Is Your Organization Prepared? 00:02:33

Is Your Company Prepared? 00:00:38

9/11 Changed Mentalities About BCP 00:00:55

Disaster Affected Many 00:00:42

America Is Rebuilding 00:00:36

Partial FEMA Disaster List for 2005 00:01:06

DRP Focus 00:00:33

BCP Focus 00:00:43

Comparing the Two 00:00:45

What Is the Purpose of a BCP? 00:02:26

More Reasons to Have Plans in Place 00:02:02

Framework 00:00:39

BCP Is a Core Component of Every Security Program 00:01:01

Steps of BCP Process 00:01:56

Different BCP Model 00:01:15

Documentation 00:00:37

Documentation and Approval 00:00:31

BCP Policy Outlines 00:01:11

BCP Policy Sample 00:00:32

Who Is In Charge and Who Can We Blame? 00:01:52

What’s Needed In a Team? 00:00:51

BCP Development Team 00:01:31

Project Sizing 00:01:44

Properly Determining Scope Is Important 00:00:50

BCP Risk Analysis Steps 00:02:11

BIA Steps 00:01:28

Information from Different Sources 00:01:18

Analysis 00:01:09

Critical Functions 00:03:08

Interdependencies 00:00:45

Well, Of Course an Organization Knows How It Works! 00:00:54

Business Silos 00:02:37

Identifying Functions’ Resources 00:02:05

Who Connects to Who? 00:00:38

BIA Steps (Cont.) 00:02:00

MTD 00:00:31

Example 00:01:52

MTD Definitions 00:01:15

BIA Steps (Cont.) 00:02:54

Thinking Outside of the Box What If 00:00:55

Biological Threats 00:00:46

BIA Steps (Cont.) 00:00:56

Potential Disasters 00:02:26

Risk Approach 00:00:42

Ranking by Risk Level 00:01:02

Potential Losses 00:01:14

Include All RISK Components 00:00:31

What Have We Completed Up to Now? 00:02:29

BIA Steps (Cont.) 00:01:27

Alternate Business Process Procedures 00:02:36

Business Process Reconstruction 00:01:46

Recovery Strategies (Cont.) 00:00:55

Facility Backups - Hot Site 00:00:52

Facility Backups - Warm Site 00:00:58

Facility Backups - Cold Site 00:00:43

Compatibility Issues with Offsite Facility 00:02:04

Tertiary Sites 00:00:56

Subscription Costs 00:02:17

Multiple Processing Centers 00:00:51

Location, Location, Location 00:01:08

Other Offsite Approaches 00:01:51

Security Does Not Stop 00:01:12

More Options 00:02:01

Rolling Hot Site 00:00:58

Recovery Strategies (Cont.) 00:00:41

Supply and Technology Recovery 00:01:44

VoIP 00:01:07

Equipment Replacement 00:03:23

What Items Need to Be Considered? 00:01:31

Priorities 00:01:05

Executive Succession Planning 00:01:43

User Environment Recovery 00:03:01

Co-Location 00:00:51

Data Recovery 00:01:52

Backup Redundancy 00:01:52

Recovering Data 00:00:41

Automated Backup Technologies 00:02:04

Tape Vaulting 00:01:59

Data Recovery (Cont.) 00:00:41

Clustering for Fault Tolerance 00:01:30

Disk or Database Shadowing 00:01:27

Which Option to Use 00:00:31

Cost Effective Measures 00:01:14

Resources, Time, Solutions 00:00:46

Determining Recovery Solutions 00:01:31

Cost and Recovery Times 00:01:08

BIA Steps (Cont.) 00:00:56

Recovery Solutions 00:00:48

Preventative Measures 00:01:18

Reviewing Insurance 00:00:50

Results from the BIA 00:01:12

Now Ready to Develop the Plan 00:01:50

Products That Can Help 00:01:05

Plan Components 00:01:39

External Groups 00:01:29

Activation Phase 00:00:38

Damage Assessment 00:01:39

Notifying Personnel 00:01:16

Plan Activation 00:00:42

Emergency Response 00:01:22

Recovery Procedures 00:00:45

Documentation of Recovery Steps 00:01:28

Reconstitution Phase 00:02:37

Who Goes First? 00:00:56

Disaster Hit - Now What? 00:01:05

Termination of BCP 00:01:05

Life Cycle 00:01:00

Backup of the Backup Plan 00:01:12

Types of Tests to Choose From 00:03:49

Test Objectives 00:01:02

Training Requirements 00:01:22

Lessons Learned 00:00:36

What Is Success? 00:00:51

Out of Date? 00:01:01

Keeping It Current 00:00:52

Change Control 00:00:58

Resulting Plan Should Contain 00:01:24

Phases of the BCP 00:00:54

Why Incident Response? 00:02:41

Incident Response Alarms 00:01:37

Threats 00:00:45

Incident Response Framework 00:05:04

Preparation and Planning 00:02:29

IRT - Incident Response Team 00:03:55

Incident Response Team - Mission 00:02:03

Incident Response Team - Objectives 00:04:49

Incident Response Team - Priorities 00:02:14

Incident Response Team - Liaisons 00:05:28

Detection 00:01:29

Chain of Custody (2) 00:01:34

Poking Into Network Traffic 00:01:01

Snort 00:02:13

Containment 00:01:00

Containment - Some Considerations 00:02:45

Notification 00:02:18

Investigation 00:01:42

Rules of Evidence 00:02:08

Acceptable Evidence 00:02:18

Exclusionary Rules 00:00:55

Evidence Recognition 00:00:53

Evidence Discovery 00:01:46

Search and Seizure 00:02:01

Network Monitoring 00:04:48

Reviewing System Logs 00:01:52

Interviewing 00:01:16

Terminating the Investigation 00:01:21

Recovery 00:00:56

Response 00:01:18

Follow-Up 00:03:33

Electronic Forensic 00:01:57

Media Analysis Procedures 00:00:44

Media Analysis - IACIS Framework 00:02:53

Step 1 - Sterile Media 00:00:57

Step 2 - Legal Software 00:01:00

Step 3 - Physical Examination of the Evidence 00:01:51

Step 4 - Avoid Altering the Evidence 00:02:29

Step 5 - Capture Date/Time and CMOS (RTC/NVRAM) Information 00:01:56

Step 6 - Create an Exact Image 00:00:56

Step 7 - Logically Examine the Image 00:01:54

Step 8 - Examine the Boot Record Data and User-Defined Files 00:01:05

Step 9 - Recover and Examine All Deleted Files 00:01:36

Step 10 - Create a Listing of All Files 00:01:05

Step 11 - Examine Unallocated Space for Lost or Hidden Data 00:00:56

Step 12 - Examine File Slack 00:02:51

Step 13 - Examine All User Created Files 00:02:15

Step 14 - Unlock and Examine Password-Protected Files 00:01:14

Step 15 - Create Printouts of All of the Apparent Evidence 00:01:41

Step 16 - Examine Executable Files and Run Applications 00:01:32

Step 17 - Write the Forensic Analysis Report 00:01:30

Components of Security Program 00:00:49

A Layered Approach 00:01:22

In Security, You Never Want Any Surprises 00:00:52

Building Foundation 00:00:46

Security Roadmap 00:03:30

Functional and Assurance Requirements 00:00:56

Building Foundation 00:01:27

Most Organizations 00:02:47

Silo Security Structure 00:01:22

Islands of Security Needs and Tools 00:00:33

Get Out of a Silo Approach 00:00:32

Security Is a Process 00:01:06

Approach to Security Management 00:01:05

Result of Battling Management 00:00:27

Industry Best Practices Standards 00:01:29

Pieces and Parts 00:00:54

Numbering 00:01:11

New ISO Standards 00:01:27

COBIT 00:01:14

COBIT - Control Objectives 00:01:09

Measurements 00:00:29

Information Technology Infrastructure Library 00:01:54

Security Governance 00:05:28

Policy Framework 00:01:58

Policy Approved - Now What? 00:00:52

Issue-Specific Policies 00:01:05

System-Specific Policies 00:01:18

Standards 00:02:14

Baseline 00:01:18

Data Collection for Metrics 00:01:16

Guidelines 00:00:34

Procedures 00:00:36

Tying Them Together 00:01:17

Program Support 00:00:42

Senior Management’s Role 00:01:05

Security Roles 00:01:11

Custodian 00:00:33

Auditor 00:01:19

Access 00:01:04

Information Classification 00:00:55

Data Leakage 00:00:45

Do You Want to End Up In the News? 00:00:53

Types of Classification Levels 00:00:47

Data Protection Levels 00:00:53

Classification Program Steps 00:02:02

Information Classification Components 00:00:24

Procedures and Guidelines 00:00:39

Classification Levels 00:00:40

Information Classification Criteria 00:01:14

Criteria Example 00:00:34

Or Not 00:00:45

Information Owner Requirements 00:00:50

Clearly Labeled 00:01:01

Information Classification 00:00:59

Employee Management 00:01:13

Employee Position and Management 00:00:47

Hiring and Firing Issues 00:02:15

A Few More Items 00:00:20

Unfriendly Termination 00:02:13

Security Awareness and Training 00:01:52

Training Characteristics 00:00:34

Awareness 00:00:39

Security Enforcement Issues 00:00:53

PII 00:01:45

Domain 6 Review 00:01:00

Course Closure 00:04:34