The Certified Information Systems Security Professional's (CISSP) Information Security Governance and Risk Management domain within the Common Body of Knowledge includes extensive information on enterprise architectures and their importance to a holistic approach to enterprise security.
In the second of a special three-part multimedia presentation of SearchSecurity's CISSP Essentials Security School lesson on the Information Security Governance and Risk Management domain, expert exam trainer Shon Harris, CEO and founder of Logical Security, discusses the concept of enterprise architectures.
After identifying which critical assets must be protected, competent security professionals must know how to deploy and implement a comprehensive security program in a practical, working environment. In this CISSP training video, Harris outlines what an enterprise architecture is, and why understanding its components is critical to a safe outcome.
First, Harris discusses the layers of an enterprise and explains how the enterprise architecture is the tool that gives insight into not only how an organization works internally, but also how it interacts with external elements. Harris explains the fundamental principles of a security enterprise architecture, and discusses several common security approaches that are covered in the CISSP exam. She also explains how to develop an architecture and figure out which framework is best for a given organization. Harris concludes by touching upon how an information security management system and an enterprise security architecture integrate to create governance.
Watch the video
This multimedia presentation features not only seminar-style instruction, but also interactive components students can use to reinforce the most critical topics within the domain. Throughout the video, there are sections where students must pause to explore additional domain concepts. The volume can be adjusted on the lower left-hand corner of the video screen; controls to go back to view previous slides or skip ahead can be found on the lower right-hand corner of the video screen.
Video length: 35 - 40 minutes
Bookmark this page to watch the video later.
CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as (ISC)2.
NEXT: Watch the final presentation in this domain: Security controls, process and metrics.
BACK: Watch the first video from this domain on the AIC Triad, ISMS and the ISO 27000 series.
BACK: Read the spotlight article on information security governance and risk management
START: Return to the main page of SearchSecurity’s CISSP Essentials Security School.