Security standards may contain hundreds—or even thousands—of individual settings that experts recommend to improve system security. Most organizations simply don’t have the resources or expertise to develop their own standards. In this video, learn how vendors and third-party security organizations develop and create industry standards that may serve as the starting point for enterprise security efforts.
- [Instructor] Security configuration standards…may contain hundreds or even thousands…of individual settings that experts recommend…to improve system security.…While each of these settings is important,…most organizations simply don't have the resources…or expertise to develop their own standards.…Fortunately, vendors and third-party security organizations…develop and create industry standards…that may serve as an effective starting point…for enterprise security efforts.…
One of the most common sources…of security standards is the vendors…who create devices, applications,…and operating systems.…After all, they know their products better than anyone else…and they have a vested interest in…helping you operate it securely.…If you have a security breach,…it not only jeopardizes your organization,…but also reflects poorly upon the products…that you use for security.…Here's an example of the security standards offered…by Microsoft.…The Microsoft Security Compliance Manager is a tool…that assists with system configuration and management.…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Understanding data security policies and roles
- Limiting data collection
- Developing security baselines
- Leveraging industry standards
- Restricting access to data with Windows and Linux file permissions
- Encrypting data
- Securing cloud storage