Security Operations – Seventh CISSP Objective

13% of CISSP exam portion will be from Security Operation domain which covers a vast range of security topics and has further ten sub objectives.

1. Ability to perform security investigations
2. Able to gather evidence, perform digital forensics etc. Knowledge of law and regulations among operational, criminal and civil and the role of digital evidence in a legal discovery process
3. Able to log and monitor digital activities, how to design, install and implement intrusion detection and preventions systems, event management, network monitoring etc.
4. Provisioning of secure computing resources including hardware/software inventory, implement a configuration management system, securing cloud and virtual resources.
5. In depth knowledge of Service Level Agreements (SLAs), Least Privilege, Separation of duties, shift rotations and the information life cycle is covered in fifth objective.
6. Able to employ resource protection techniques, able to utilize protection techniques for software/hardware assets and media management.
7. Management of incident detection, response, mitigation, reporting, recovery.
8. Operating and maintaining preventative security controls like firewalls, IPS, IDS and third-party security services etc.
9. Design and implement patch management systems, configuration management systems etc.
10. Protecting information and assets and making them available 24/7, implementation of disaster recovery plans, business and continuity processes, physical and personnel security, etc.