Session 4: Business Continuity & Enforce Policy

Ready to ace the CISSP exam? Join our study group and get the ultimate guide to the Certified Information Systems Security Professional (CISSP) certification!

Session 4 continues with Domain 1: Security and Risk Management. We will cover the following exam objectives:
1.7 Identify, analyze, assess, prioritize, and implement Business Continuity (BC) requirements
1.8 Contribute to and enforce personnel security policies and procedures

More information & join Discord: cissp.brittwhite.io/

A huge thank you to Rotas Security for supporting this study group. Check them out at rotassecurity.com/ for your offensive security needs.

CISSP Resource Links:
Exam Outline: www.isc2.org/certifications/cissp/cissp-certificat…
Security and Risk Management (Summary): destcert.com/resources/domain-1-security-and-risk-…

Chapters:
02:00 CISSP Study Group
02:40 Business Continuity
04:45 Business Impact Analysis
05:45 Interdependency Mapping
06:50 Recovery Time Objective (RTO)
07:20 Recovery Point Objective (RPO)
07:45 Maximum Tolerable Downtime (MTD)
08:25 External Dependencies
09:40 Continuity Phases Overview
10:40 Leadership Buy-In
11:20 Implementation And Testing
12:10 Personnel Security Policies
13:25 Personnel Security Lifecycle
14:25 Pre-Employment Screening
14:50 Employment Agreements
15:10 Onboarding Procedures
15:55 Access Adjustments
16:25 Active Employment Monitoring
16:40 Employee Duress Situations
17:15 Termination Offboarding
18:15 Third Party Security
18:40 Personnel Security Controls
18:45 Job Rotation Benefits
19:20 Mandatory Vacation Policy
19:45 Separation Of Duties
20:10 Need To Know Principles
20:35 Policy Enforcement Methods
21:25 Attestation And Audit
22:15 Personnel Security Summary
22:50 CISSP Domain Review
24:20 YouTube Chapter Markers
24:50 StudyGRC Discord Server
25:20 Next Session Announcement