2.4 NIST 800-30 | InfoSec4TC

Autoplay
Autocomplete

Previous Lesson Complete and Continue

2025 ISACA Certified Risk and Information Systems Control | CRISC

Introduction

Introduction (4:05)
Student Portal (1:47)
CRISC Introduction (4:05)
Your Instructor (0:51)
Course Outline (5:57)
CRISC Exam (2:50)
ISACA (3:00)
Risk and control monitoring and reporting (5:36)
Define key risk indicators (KRIs) and identify key performance indicators (KPIs) to enable performance measurement key risk (6:09)

Domain 1 – Risk Management

1.1 Introduction to Risk (8:23)
1.2 Identify potential vulnerabilities to people, processes and assets (7:12)
1.3 Risk Governance vs. Risk Management (3:19)
1.4 Risk management (3:47)
1.5 Risk Management Methodology (2:30)
1.6 Risk Management Documentation (4:42)
1.7 Risk Management Process (2:19)
1.8 Business Risk Vs. IT Risk (9:21)
1.9 IT Risk Basics (15:20)
1.10 Identity And Access Management (4:18)
1.11 Non-Repudiation (6:22)
1.12 Classification (4:45)
1.13 Risk Management for IT Projects (3:51)
1.14 Risk Management for IT Projects (9:22)
1.15 Identify Risks (7:12)
1.16 Perform Qualitative Risk Analysis (8:13)
1.17 Perform Quantitative Risk Analysis (2:48)
1.18 Plan Risk Responses (10:19)
1.19 Security Governance (3:37)
1.20 Security Governance
1.21 Security Awareness and Training (3:43)
1.22 Security Awareness and Training
1.23 Gap Analysis (7:30)
1.24 Gap Analysis
1.25 Security Models (2:18)
1.26 Security Models
1.27 professional Ethics (4:32)
1.28 Professional Ethics
1.29 Security Documentation (2:47)
1.30 Security Documentation
1.31 Risk Management (4:32)
1.32 Risk management
1.33 Threat Modeling (5:16)
1.34 Threat Modeling
1.35 BCP (5:48)
1.36 BCP
1.37 Acquisition Strategy and practice (5:11)
1.38 Acquisition Strategy and Practice
1.39 Information security policy (3:08)
1.40 information security policy

Domain 2 – IT Risk Assessment

2.1 Introduction to Risk Assessment (3:27)
2.2 Risk Identification : (5:00)
2.3 ISO 27005 (8:29)
2.4 NIST 800-30 (3:13)
2.5 Risk Assessment and Identification (5:43)
2.6 Risk Assessment and Identification
2.7 Risk Assessment (4:06)
2.8 Important Definition (4:07)
2.9 Risk Analysis and Evaluation (6:37)
2.10 Risk Assessment Document (6:52)
2.11 Information Asset Management (4:05)
2.12 information asset management
2.13 Risk Scenario (7:49)
2.14 Risk Scenario
2.15 Risk Appetite and Tolerance (5:41)
2.16 Risk Appetite and Tolerance
2.17 Privacy Protection (4:06)
2.18 Privacy Protection
2.19 Asset Retention (5:17)
2.20 Asset Retention
2.21 Data Security Controls (4:02)
2.22 Data Security Controls
2.23 Secure Data Handling (5:04)
2.24 Secure Data Handling
2.25 Asset Classification (4:14)
2.26 Asset Classification
2.27 Patch and Vulnerability Management (8:04)
2.28 Patch and Vulnerability Management
New Lecture

Domain 3 – Risk Response and Mitigation

3.1 Risk Treatment (7:08)
3.2 Risk Acceptance Document (3:04)
3.3 Statement of Applicability Document (1:30)
3.4 Risk Treatment Plan (0:44)
3.5 Formulating the Risk Assessment (4:30)
3.6 Risk Treatment Plan Document (7:25)
3.7 Aligning Risk Response With Business Objectives (3:03)
3.8 Information Security Program-Part1 (13:56)
3.9 Information Security Program-Part2 (11:07)
3.10 Information Security Frameworks (1:04)
3.11 Security in the Engineering Lifecycle (5:49)
3.12 Security in the Engineering Lifecycle
3.13 Cryptography Basics - Part 1 (3:05)
3.14 Cryptography Basics - Part 1
3.15 Cryptography Basics - Part 2 (0:53)
3.16 Cryptography Basics - Part 2
3.17 Cryptography Basics - Part 3 (1:55)
3.18 Cryptography Basics - Part 3
3.19 Symmetric vs. Asymmetric Cryptography (2:34)
3.20 Symmetric vs. Asymmetric Cryptography
3.21 Cryptography Applications (Digital Rights Management, Hishing)
3.22 Cryptography Applications (Digital Rights Management, Hishing) (6:55)
3.23 Cryptography Applications (PKI,Digital Certificates and Signature)
3.24 Cryptography Applications (PKI,Digital Certificates and Signature) (4:52)
3.25 System Component Security- Part 1 (5:15)
3.26 System Component Security- Part 1
3.27 System Component Security - Part 2 (3:44)
3.28 System Component Security - Part 2
3.29 System Component security - part 3 (4:18)
3.30 System Component Security - Part 3
3.31 Security Models (3:33)
3.31 Security Models
3.32 Controls and Countermeasures in Enterprise Security (8:59)
3.33 Controls and Countermeasures in Enterprise Security
3.34 Information System Security Capabilities (7:09)
3.35 Information System Security Capabilities
3.36 Risk Response and Treatment (7:40)
3.37 Risk Response and Treatment
3.38 Third-Party Risk Management (6:36)
3.39 Third-Party Risk Management
3.40 Metrics and Reporting (3:24)
3.41 Metrics and Reporting
3.42 Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems (6:52)
3.43 Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems

Domain 4 – Risk and Control Monitoring and Reporting

Determine the effectiveness of control assessments
Identify and report trends/changes to KRIs/KPIs that affect control performance or the risk profile
4.1 Fundamentals of Network- Part 1 (5:16)
4.2 Fundamentals of Network- Part 1
4.3 Fundamentals of Network- Part 2 (3:33)
4.4 Fundamentals of Network- Part 2
4.5 Fundamentals of Network-Part 3 (4:04)
4.6 Fundamentals of Network-Part 3
4.7 Post-Incident Reviews and Lessons Learned (3:53)
4.9 Post-Incident Reviews and Lessons Learned
4.10 OSI Model (5:07)
4.11 OSI Model
4.12 Communication Channel Security (5:38)
4.13 Communication Channel Security
4.15 Network Attack Mitigation-Part 1 (3:52)
4.16 Network Attack Mitigation-Part 1
4.17 Network Attack Mitigation-Part 2 (5:38)
4.18 Network Attack Mitigation-Part 2
4.19 Key Performance Indicators (KPIs) (5:16)
4.20 Key Performance Indicators (KPIs)
4.21 Control Monitoring (3:18)
4.22 Control Monitoring
4.23 Audits (4:18)
4.24 Audits
4.25 Reporting Risk (5:45)
4.26 Reporting Risk
4.26 Risk Trends, Insights, and Emerging Issues (4:37)
4.27 Risk Trends, Insights, and Emerging Issues
CRISC Sample Exam

Teach online with

2.4 NIST 800-30

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock