Skip to main content

New Page

CISSP Domain 7: Security Operations

7.1 Understand and Comply with Investigations

7.2 Conduct Logging and Monitoring

7.3 Perform Configuration Management

7.4 Apply Foundational Security Operations Concepts

7.5 Apply Resource Protection

7.6 Conduct Incident Management

7.7 Operate and Maintain Detective and Preventive Measures

7.8 Implement and Support Patch and Vulnerability Management

7.9 Understand and Participate in Change Management Processes

Other Topics in Domain 7

7.10. Implement Recovery Strategies

7.11. Implement Disaster Recovery (DR) Processes

7.12. Testing DRPs

7.13. Participate in BC Planning and Exercises

7.14. Implement and Manage Physical Security

7.15. Address Personnel Safety and Security Concerns

What's New in Domain 7

  • The Old 7.4: "Securely provisioning resources" was removed.

New Technologies in Existing Sub-Domains

Threat Feeds

  • Activities an organization undertakes to educate itself about changes in the threat landscape.
  • A feed contains malicious entities ingested by cybersecurity tools.
  • A single feed may comprise multiple sources, including some open-source intelligence.

An entity can mean IP, website, threat actor, file hash, and more.

UEBA (User and Entity Behavior Analytics)

  • Entity behavior is collected and input into a threat model.
  • Establishes a baseline of normal based on historical data; could be a user or device.
  • Over time, allows analysis to uncover details around anomalous events.
  • Platforms often leverage ML and AI for automated investigation of anomalous behavior at scale.

Modern Firewalls

  • Covered with other firewall types in domain 4. For more, refer here.

The Role of AI and ML in Cybersecurity

  • Analyzing cybersecurity posture is beyond human-scale; AI-based tools have emerged.
  • AI and ML are pivotal in anti-malware, SIEM, IPS/IDS, IDaaS, etc.
  • AI enables investigation at scale.
  • ML quickly analyzes millions of events and identifies threats.
  • Histories of behavior build profiles on users, assets, networks, and enable AI to detect deviations from norms.

For a deeper understanding of AI and ML's role, revisit Domain 1.

 

Back to top