Domain 5: Security Program Management and Oversight
The fifth and final domain of the CompTIA Security+ SY0-701 certification covers security program management and oversight.
You’ll get an overview of the elements of effective security governance, looking at the guidelines, policies, standards, and procedures needed for effective security governance. You will also look at the related external considerations such as regulatory bodies, the monitoring and revision of policies, and different governing structures.
This section will discuss risk identification, assessment, analysis, and tolerance along with risk management policies and reporting and conducting business impact analysis. It will also cover the security risks associated with utilizing third parties and how this impacts vendor assessment, monitoring, and agreements types.
You’ll look at monitoring and reporting security compliance, the consequences of non-compliance, and privacy considerations. Security...