In a new video lesson, Professor Erica breaks down the fundamentals of CISSP Domain 7: Security Operations. The tutorial covers the structure and staffing of Security Operations Centers (SOCs), including tiered response models. Key operational security concepts such as due care, job rotation, mandatory vacations, and the two-person integrity rule are explained.
The lesson emphasizes the importance of least privilege and need-to-know principles, as well as separation of duties in operational environments. Topics also include trusted recovery methods, fail-safe versus fail-secure configurations, and the role of configuration management baselines.
Change management processes are outlined, along with the five-step patch management lifecycle. This video is part of a comprehensive CISSP study series, with chapters covering each major topic for focused review.