Risk Identification, Monitoring, and Analysis

This course is part of ISC2 Systems Security Certified Practitioner (SSCP)

Instructor: ISC2 Education & Training

1 module

Gain insight into a topic and learn the fundamentals.

Beginner level

Recommended experience

6 hours to complete

3 weeks at 2 hours a week

Flexible schedule

Learn at your own pace

1 module

Gain insight into a topic and learn the fundamentals.

Beginner level

Recommended experience

6 hours to complete

3 weeks at 2 hours a week

Flexible schedule

Learn at your own pace

Skills you'll gain

Details to know

Shareable certificate

Add to your LinkedIn profile

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

Build your subject-matter expertise

This course is part of the ISC2 Systems Security Certified Practitioner (SSCP)

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

There is 1 module in this course

Course 3 - Risk Identification, Monitoring and Analysis

This is the third course under the specialization SSCP In this course, we will explore how to manage the risks related to information systems. It is time to bring these ideas together in a context of continuous maturity modeling, measuring, and monitoring, which we will see is focused on the here and now. Risk alignment works best at the strategic, long-term level of planning; risk maturation, by contrast, can be most effective when considered in the day-to-day of business operations. This is sometimes called operationalizing the approach to risk management and maturation. Course 3 Learning Objectives After completing this course, the participant will be able to:  - Identify common risks and vulnerabilities. - Describe risk management concepts.  - Recognize risk management frameworks.  - Provide examples of appropriate risk tolerance.  - Provide examples of appropriate risk treatment.  - Identify risks of noncompliance with laws and regulations.  - Identify appropriate methods for risk management frameworks implementation.  - Indicate the range and scope of risk review.  - Identify the components of risk review.  - Describe vulnerability assessment activities used to examine all aspects of network and system security.  - Review the steps for monitoring, incident detection, and data loss prevention.  - Classify the use of tools that collect information about the IT environment to better examine the organization’s security posture.  - Identify events of interest to focus on those that may be part of an attack or intrusion.  - Select methods for managing log files.  - Describe tools and methods for analyzing the results of monitoring efforts.  - Identify communication requirements when documenting and reporting the results of monitoring security platforms.  Who Should Take This Course: Beginners Experience Required: No prior experience required

In management science terms, maturing a process or practice means taking positive steps over time to make it more reliable, repeatable, and efficient. In practice, this means getting better each day while being able to show the measurements that both demonstrate improvement and suggest other opportunities to improve. Risk management for organizations works best when it uses evidence-based reasoning to identify and characterize issues and take actions as necessary to deal with them. This course will explore how to manage the risks related to information systems. It is time to bring these ideas together in a context of continuous maturity modeling, measuring, and monitoring, which we will see is focused on the here and now. Risk alignment works best at the strategic, long-term level of planning; risk maturation, by contrast, can be most effective when considered in the day-to-day of business operations. This is sometimes called operationalizing the approach to risk management and maturation.

What's included

7 videos46 readings19 assignments

7 videosTotal 44 minutes

Threat Agents 4 minutesPreview module
Risk Tolerance7 minutes
Vulnerability-Testing Software Categories 6 minutes
Audits and Audit Planning 2 minutes
Software Vulnerabilities 11 minutes
Data Sources for Risk Management 7 minutes
Collecting Data for Incident Response 4 minutes

46 readingsTotal 274 minutes

Risk Visibility and Reporting 10 minutes
MITRE ATT&CK 6 minutes
Important Terms in Risk Management 8 minutes
Threat Modeling 6 minutes
Risk Management Frameworks 6 minutes
Risk Assessment Methodologies 8 minutes
Risk Treatment Options 8 minutes
Risk Treatment Considerations 8 minutes
Legal and Regulatory Compliance 8 minutes
Risk Management Frameworks Implementation 10 minutes
Security Testing 6 minutes
Developing a Security Assessment Strategy 8 minutes
Vulnerability Identification 8 minutes
Host Scanning 4 minutes
Network Traffic Types 6 minutes
Wireless Network Testing 6 minutes
Ethical Penetration Testing6 minutes
Five Phases of Ethical Penetration Testing 4 minutes
System and Organization Controls (SOC) Reports 6 minutes
Compliance and Communicating Findings 6 minutes
Risk Review Types 6 minutes
Software Supply Chain Risk Management 6 minutes
Software Supply Chain Risk Management Strategies and Considerations 6 minutes
Vulnerability Management Life Cycle 6 minutes
Source Systems 2 minutes
Risk Monitoring 2 minutes
Data Loss Prevention6 minutes
IP Flow: Data Collection and Analysis6 minutes
Monitoring: Strategic, Tactical, and Operational Layers 4 minutes
Types of Monitoring: Real-Time and Non-Real-Time 4 minutes
Continuous Monitoring 2 minutes
Evaluating the Effectiveness of Controls 6 minutes
Addressing New Threats and Vulnerabilities 6 minutes
Events of Interest 6 minutes
Incident Triage6 minutes
Monitoring Response Techniques 6 minutes
Threat Hunting and IDS/IPS 6 minutes
Log Management 6 minutes
Centralized Versus Decentralized Logging 2 minutes
Security Information and Event Management 6 minutes
Aligning Security Baselines and Anomalies 4 minutes
Visualization, Metrics and Trends 6 minutes
Event Data Analysis 4 minutes
Documentation, Communication, and Escalation 2 minutes
Key Takeaways10 minutes
Risk Identification, Monitoring, and Analysis Terms and Definitions10 minutes

19 assignmentsTotal 56 minutes

End of Course Quiz20 minutes
Risk Visibility and Reporting 2 minutes
Important Terms in Risk Management 2 minutes
Risk Management Frameworks 2 minutes
Risk Assessment Methodologies 2 minutes
Risk Treatment Options2 minutes
Legal and Regulatory Compliance 2 minutes
Risk Management Frameworks Implementation 2 minutes
Security Testing 2 minutes
Vulnerability-Testing Software Categories 2 minutes
Risk Review Types 2 minutes
Source Systems 2 minutes
Events of Interest 2 minutes
Log Management2 minutes
Security Information and Event Management 2 minutes
Aligning Security Baselines and Anomalies 2 minutes
Visualization, Metrics and Trends 2 minutes
Event Data Analysis 2 minutes
Documentation, Communication, and Escalation 2 minutes

Instructor

ISC2 Education & Training

ISC2

30 Courses92,038 learners

Offered by

ISC2

Recommended if you're interested in Security

Cisco Learning and Certifications
Threat Analysis
Course
Cisco Learning and Certifications
Threat Investigation
Course
SkillUp EdTech
Project Lifecycle, Information Sharing, and Risk Management
Course
Packt
Systems Acquisition, Development and Implementation
Course

Why people choose Coursera for their career

Felipe M.

Learner since 2018

"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."

Jennifer J.

Learner since 2020

"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."

Larry W.

Learner since 2021

"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

New to Security? Start here.

Open new doors with Coursera Plus

Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Learn more

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Explore degrees

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Learn more

Frequently asked questions

Access to lectures and assignments depends on your type of enrollment. If you take a course in audit mode, you will be able to see most course materials for free. To access graded assignments and to earn a Certificate, you will need to purchase the Certificate experience, during or after your audit. If you don't see the audit option:

The course may not offer an audit option. You can try a Free Trial instead, or apply for Financial Aid.
The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you enroll in the course, you get access to all of the courses in the Certificate, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.