From the course: CompTIA Security+ (SY0-701) Cert Prep: 1 General Security Concepts
Join today to access over 23,200 courses taught by industry experts.
Conducting a gap analysis
From the course: CompTIA Security+ (SY0-701) Cert Prep: 1 General Security Concepts
Conducting a gap analysis
The gap analysis is one of the core strategic planning tools available to cybersecurity programs, and it's crucial knowledge for information security professionals. The basic concept behind a gap analysis isn't very complicated. You need to begin with two things. First, you need to know the desired state of your information security program. What controls would you like to have in place to meet your security objectives? This desired state can take multiple sources of requirements into account. Some of your requirements will come from your own internal information security policies. For example, you might have policy statements that sensitive information should be encrypted at rest and in transit, and that systems containing sensitive information must be protected with multifactor authentication. These internal requirements form one basis for the organization's desired security state. Other requirements might come from outside your organization. You might have regulatory requirements…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
The goals of information security2m 11s
-
(Locked)
Authentication, authorization, and accounting (AAA)3m 31s
-
(Locked)
Categorizing security controls5m 11s
-
(Locked)
Conducting a gap analysis2m 34s
-
(Locked)
Zero Trust5m 32s
-
(Locked)
Physical access control4m 40s
-
(Locked)
Physical security personnel2m 12s
-
(Locked)
Deception technologies2m 55s
-
(Locked)
Change management6m 2s
-
-
-
-
-
-
-
-