From the course: Security Testing Essential Training
Join today to access over 24,200 courses taught by industry experts.
NIST and ISO
From the course: Security Testing Essential Training
NIST and ISO
- [Instructor] The International Organization for Standardization, or ISO, develops and publishes international standards for everything ranging from quality management and quality assurance to information security management. More to the point, the ISO 27000 family contains 45 separate standards and counting to help organizations select and implement information security controls. While ISO 27001 gets all the glory, it's really ISO 27002 that you should dig into. The latest version of this standard identifies 93 specific security controls grouped into 14 different domains and those domains are further divided into four themes: organizational, physical, people, and technological. As an example information security policies is one control domain and within that domain, ISO provides specific guidance around the policy documentation and the processes to support that documentation that are necessary for an effective…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
Language is important2m 16s
-
(Locked)
Risk assessments2m 9s
-
(Locked)
Calculating risk score3m
-
(Locked)
Security controls assessments1m 47s
-
(Locked)
NIST and ISO3m 42s
-
(Locked)
Compliance assessments3m 8s
-
(Locked)
Vulnerability assessments3m 14s
-
(Locked)
Penetration tests2m 8s
-
(Locked)
Goals of a pen test2m 3s
-
(Locked)
The security assessment lifecycle3m 2s
-
-
-
-
-
-
-
-