Security Risk Assessments Made Easy
ฝัง
- เผยแพร่เมื่อ 4 ส.ค. 2024
- In this clip from a private coaching call, I provide real-world examples of how to understand and effectively identify and manage security risks in your information system. Visit www.beinfosec.com for upcoming live workshops or updated CISSP Training.
Risk is the MOST important thing we do in security. Without understanding security risk, all we have left is a bunch of security tools and software, with no idea how to use them effectively.
This is important information you’re likely to see on the CISSP and other certification exams.
If you want to know the secrets to passing the CISSP, be sure to check out
🔗 beinfosec.com/secrets-to-pass...
Subscribe, click the bell, and give the video a like! It’ll make sure you receive more training videos just like this one.
CONNECT WITH US:
🌐 Website: beinfosec.com
📷 Instagram: / beinfosec
🐦 Twitter: / beinfosec
👍 Facebook: / beinfosec
📺 Subscribe to our TH-cam channel for more CISSP exam tips and resources!
0:00 Introduction
0:01 CISSP Module 1 Security Management
1:07 What's The Security Risk?
6:25 Purpose of a Risk Assessment
7:46 Value of Each Asset
8:53 Possible Threats and Vulnerabilities
10:03 Analyze Possible Impacts
10:58 Put It All Together
11:28 Types of Risk Assessments
12:23 Quantitative Risk Assessments
12:30 Monetary or Numeric Values
13:18 Quantitative Values
14:55 Quantitative Formulas
15:54 Quantitative Assessment Example
22:06 Qualitative Risk Assessment
22:25 Qualitative Assessment Example
23:28 Risk Assessment Recap - วิทยาศาสตร์และเทคโนโลยี
Very well explained risk assessment session. Thanks 👍
Thank you for this excellent video.
Tks for the work!
Thank you so much!
Truly easy to understand..
Supper insightful
Informative.
Good stuff.
This was a straight up and most informative video I have ever watched on Qualitative vs Quantitative assessment analysis procedures. Thank you so much for your content!
Loved the video. I have a seminar to be given on this topic next week and I am sure of getting A+
Thank you!
Great lecture. But may I differ that much as data is the jewel we are protecting, methinks the 'container' itself - the server as an asset needs protection as well. And the threat in this case is theft. The vulnerability? Is any weakness of physical security.
Thanks a million!
You are very welcome!
Whaat do you mean by the " other ALE"
...from another web server?
gooood
Hi... I have one question. At some point in time you said "This server has no data, no attacker would care about it". However, what about those attackers whose goal is to compromise machines for crypto mining? Or to use them as bots in DDoS?
@@BEINFOSEC agree. Thanks!
Great info, without experience how do I become a risk assessor?
@@BEINFOSEC thanks
Is there any popular open source risk assessment software that can be used?
Hi! Thanks for your question.
There are many different options out there. You can actually do this with a simple spreadsheet for smaller assessments.
Or, you can could use something like SimpleRisk, PTAPro, or Eramba. The links are below. There are other options as well so be sure to research it so that it meets the needs of your organization.
www.simplerisk.com/solutions/risk-management
www.ptatechnologies.com/default.htm
www.eramba.org/
that’s right dad
His dad is very very good
Also phishing
Information personal information security information