CISSP Essentials training: Domain 10, Operations Security

Discover everything you need to know to ace the CISSP® exam with our first series of Security School webcasts focused on CISSP training. Each lesson corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know. Security SchoolThe operations department has responsibilities pertaining to everything that takes place to keep a network, computer system, applications and environment up and running in a secure and protected manner. Operations, which include the continual day-to-day maintenance of an environment, start after the network is setup. These activities are routine in nature and enable the environment, systems and applications to continue to run correctly and securely.

In this CISSP Essentials Security School lesson, Domain 10, Operations Security, expert CISSP exam trainer Shon Harris details the process of understanding enterprise security operations from a competitor/enemy/hacker's viewpoint and then developing and applying countermeasures to mitigate identified threats. A company cannot provide any level of protection for itself unless it is providing the necessary operation security methodologies, technologies and procedures.


Discover what you need to know to ace the CISSP exam with this series of CISSP certification training lessons. Each lesson, which contains a video, domain spotlight article and a quiz with sample CISSP exam questions, corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know.

Before viewing the Domain 10, Operations Security video below, it's recommended that students first read the Domain 10 spotlight article, which provides an overview of the concepts presented in the video, including operations responsibilities, operations personnel, configuration management, media access protection, system recovery, facsimile security, vulnerability and penetration testing and, finally, attack types.


After watching the video, test your comprehension of this material with our Domain 10, Operations Security quiz. Upon completion, return to the CISSP Essentials Security School table of contents to select your next lesson.

About Shon Harris:Shon Harris
Shon Harris is a CISSP, MCSE and President of Logical Security, a firm specializing in security educational and training tools. Logical Security offers curriculum, virtual labs, instructor slides and tools for lease by training companies, security companies, military organizations, government sectors and corporations.

Shon is also a security consultant, an engineer in the Air Force's Information Warfare unit, an entrepreneur and an author. She has authored two best selling CISSP books, including CISSP All-in-One Exam Guide, and was a contributing author to the book Hacker's Challenge. Shon is currently finishing her newest book, Gray Hat Hacking: The Ethical Hacker's Handbook.

CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as ISC(2).

This was last published in June 2009

Dig Deeper on CISSP certification