Abstract

Security and Risk Management, the topic of this chapter and Domain 1 of the CISSP®, presents numerous critically important terms and concepts that permeate several domains. This chapter introduces the CIA triad of Confidentiality, Integrity, and Availability, which are touched upon in virtually every domain and chapter. In addition to CIA, concepts such as the Principle of Least Privilege and Need to Know are presented. Key terms, concepts, and formulas related to risk management are presented within this chapter. Risk, threat, vulnerability are basic terms that must be understood to prove successful with this domain. Understanding how to perform calculations using Annualized Loss ...