IT Security/Operational/Risk

This lesson covers risk concepts.

Objectives and Skills
Objectives and skills for the risk concepts portion of Security+ certification include:
 * Explain the importance of risk related concepts.
 * Control types
 * Technical
 * Management
 * Operational
 * False positives
 * False negatives
 * Importance of policies in reducing risk
 * Privacy policy
 * Acceptable use
 * Security policy
 * Mandatory vacations
 * Job rotation
 * Separation of duties
 * Least privilege
 * Risk calculation
 * Likelihood
 * ALE
 * Impact
 * SLE
 * ARO
 * MTTR
 * MTTF
 * MTBF
 * Quantitative vs. qualitative
 * Vulnerabilities
 * Threat vectors
 * Probability / threat likelihood
 * Risk-avoidance, transference, acceptance, mitigation, deterrence
 * Risks associated with Cloud Computing and Virtualization
 * Recovery time objective and recovery point objective

Multimedia

 * 1) YouTube: Control Types - CompTIA Security+ SY0-401: 2.1
 * 2) YouTube: False Positives and False Negatives - CompTIA Security+ SY0-401: 2.1
 * 3) YouTube: Reducing Risk with Security Policies - CompTIA Security+ SY0-401: 2.1
 * 4) YouTube: Calculating Risk - CompTIA Security+ SY0-401: 2.1
 * 5) YouTube: Quantitative and Qualitative Risk Assessment - CompTIA Security+ SY0-401: 2.1
 * 6) YouTube: Vulnerabilities, Threat Vectors, and Probability - CompTIA Security+ SY0-401: 2.1
 * 7) YouTube: Risk Avoidance - CompTIA Security+ SY0-401: 2.1
 * 8) YouTube: Risks with Cloud Computing and Virtualization - CompTIA Security+ SY0-401: 2.1
 * 9) YouTube: Recovery Time Objectives - CompTIA Security+ SY0-401: 2.1