Muutke küpsiste eelistusi

CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide [Pehme köide]

3.50/5 (7 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 448 pages, kaal: 541 g, 70 Illustrations
  • Ilmumisaeg: 23-Apr-2021
  • Kirjastus: McGraw-Hill Education
  • ISBN-10: 1260474828
  • ISBN-13: 9781260474824
Teised raamatud teemal:
CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam GuideSuurem pilt
  • Formaat: Paperback / softback, 448 pages, kaal: 541 g, 70 Illustrations
  • Ilmumisaeg: 23-Apr-2021
  • Kirjastus: McGraw-Hill Education
  • ISBN-10: 1260474828
  • ISBN-13: 9781260474824
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781260474824.html
Märksõnad:
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.

This study guide offers 100% coverage of every objective for the Certified Data Privacy Solutions Engineer Exam 

This resource offers complete, up-to-date coverage of all the material included on the current release of the Certified Data Privacy Solutions Engineer exam. Written by an IT security and privacy expert, CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide covers the exam domains and associated job practices developed by ISACA®. Youll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CDPSE exam, this comprehensive guide also serves as an essential on-the-job reference for new and established privacy and security professionals.

COVERS ALL EXAM TOPICS, INCLUDING:







Privacy Governance

Governance

Management

Risk Management Privacy Architecture

Infrastructure

Applications and Software

Technical Privacy Controls Data Cycle

Data Purpose

Data Persistence

Online content includes:







300 practice exam questions Test engine that provides full-length practice exams and customizable quizzes by exam topic
Acknowledgments xv
Introduction xvii
Part I Privacy Governance
Chapter 1 Governance
3(56)
Introduction to Privacy Governance
3(22)
Privacy Governance Influences
7(10)
Reasons for Privacy Governance
17(1)
Privacy and Security Governance Activities and Results
18(1)
Business Alignment
19(2)
Monitoring Privacy Responsibilities
21(1)
Privacy Governance Metrics
21(4)
Privacy Strategy Development
25(23)
Strategy Objectives
25(1)
Control Frameworks
26(6)
Risk Objectives
32(1)
Strategy Resources
32(6)
Privacy Program Strategy Development
38(8)
Strategy Constraints
46(2)
Chapter Review
48(11)
Quick Review
51(2)
Questions
53(2)
Answers
55(4)
Chapter 2 Management
59(60)
Privacy Roles and Responsibilities
59(16)
Board of Directors
62(2)
Executive Management
64(1)
Privacy and Security Steering Committees
65(1)
Business Process and Business System Owners
65(1)
Custodial Responsibilities
66(1)
Chief Privacy Officer
67(1)
Chief Information Security Officer
68(1)
Software Development
69(2)
Data Management
71(1)
Network Management
71(1)
Systems Management
72(1)
Operations
72(1)
Privacy Operations
73(1)
Security Operations
73(1)
Privacy Audit
74(1)
Security Audit
74(1)
Service Desk
74(1)
Quality Assurance
74(1)
Other Roles
75(1)
General Staff
75(1)
Building a Privacy Operation
75(10)
Identifying Privacy Requirements
76(1)
Developing Privacy Policies
77(3)
Developing and Running Data Protection Operations
80(1)
Developing and Running Data Monitoring Operations
81(1)
Working with Data Subjects
82(2)
Working with Authorities
84(1)
Privacy Training and Awareness
85(5)
Training Objectives
85(1)
Creating or Selecting Content
86(1)
Audiences
86(3)
New Hires
89(1)
Annual Training
89(1)
Communication Techniques
89(1)
Third-Party Risk Management
90(6)
Cloud Service Providers
90(2)
Privacy Regulation Requirements
92(1)
TPRM Life Cycle
92(4)
Auditing Privacy Operations
96(10)
Privacy Audit Scope
96(1)
Privacy Audit Objectives
97(1)
Types of Privacy Audits
97(1)
Privacy Audit Planning
98(2)
Privacy Audit Evidence
100(2)
Auditing Specific Privacy Practices
102(4)
Audit Standards
106(1)
Privacy Incident Management
106(4)
Phases of Incident Response
107(2)
Privacy Incident Response Plan Development
109(1)
Privacy Continuous Improvement
110(1)
Chapter Review
111(8)
Quick Review
113(1)
Questions
114(2)
Answers
116(3)
Chapter 3 Risk Management
119(56)
The Risk Management Life Cycle
120(39)
The Risk Management Process
120(3)
Risk Management Methodologies
123(9)
Asset Identification
132(1)
Asset Classification
133(2)
Asset Valuation
135(1)
Threat Identification
136(7)
Vulnerability Identification
143(2)
Risk Identification
145(1)
Risk, Likelihood, and Impact
146(3)
Risk Analysis Techniques and Considerations
149(10)
Privacy Impact Assessments
159(6)
PIA Procedure
159(1)
Engaging Data Subjects in a PIA
160(1)
The Necessity of a PIA
160(1)
Integrating into Existing Processes
161(1)
Recordkeeping and Reporting
161(1)
Risks Specific to Privacy
162(1)
Privacy Threats
163(1)
Privacy Countermeasures
164(1)
Chapter Review
165(10)
Quick Review
166(1)
Questions
167(3)
Answers
170(5)
Part II Privacy Architecture
Chapter 4 Infrastructure
175(34)
Technology Stacks
175(10)
Hardware
176(2)
Operating Systems
178(4)
Database Management Systems
182(3)
Application Servers
185(1)
Cloud Services
185(4)
Infrastructure as a Service
186(1)
Platform as a Service
187(1)
Software as a Service
187(1)
Serverless Computing
187(1)
Mobile Backend as a Service
188(1)
Shadow IT and Citizen IT
188(1)
Endpoints
189(6)
Laptop and Desktop Computers
189(2)
Virtual Desktop Infrastructure
191(1)
Mobile Devices
191(1)
Bring-Your-Own
192(1)
Zero Trust Architecture
192(1)
Connected Devices and Operational Technology
193(2)
Remote Access
195(2)
Client VPN
196(1)
Clientless (SSL) VPN
196(1)
Split Tunneling
197(1)
System Hardening
197(2)
Hardening Principles
197(1)
Hardening Standards
198(1)
Security and Privacy by Design
199(1)
Chapter Review
199(10)
Quick Review
202(1)
Questions
203(2)
Answers
205(4)
Chapter 5 Applications and Software
209(54)
Privacy and Security by Design
209(2)
Systems Development Life Cycle
211(29)
SDLC Phases
211(23)
Software Development Risks
234(1)
Alternative Software Development Approaches and Techniques
235(2)
System Development Tools
237(1)
Acquiring Cloud-based Infrastructure and Applications
238(2)
Applications and Software Hardening
240(3)
Application Hardening Principles
240(2)
Testing Applications
242(1)
APIs and Services
243(1)
Online Tracking and Behavioral Profiling
244(11)
Tracking Techniques and Technologies
245(6)
Tracking in the Workplace
251(2)
Tracking Prevention
253(2)
Chapter Review
255(8)
Quick Review
258(1)
Questions
258(3)
Answers
261(2)
Chapter 6 Technical Privacy Controls
263(48)
Controls
263(6)
Control Objectives
264(1)
Privacy Control Objectives
265(1)
Control Frameworks
265(4)
Communication and Transport Protocols
269(4)
Network Media
269(1)
Network Protocols
270(2)
Network Architecture
272(1)
Encryption, Hashing, and De-identification
273(11)
Encryption
273(9)
Key Management
282(2)
De-identification
284(1)
Monitoring and Logging
285(4)
Event Monitoring
285(4)
Identity and Access Management
289(12)
Access Controls
290(11)
Chapter Review
301(10)
Quick Review
303(1)
Questions
304(2)
Answers
306(5)
Part III Data Cycle
Chapter 7 Data Purpose
311(24)
Data Governance
311(2)
Policies and Standards
312(1)
Roles and Responsibilities
312(1)
Control Objectives and Controls
312(1)
Assessments
313(1)
Reporting
313(1)
Data Inventory
313(1)
Data Classification
314(8)
Data Classification Levels
315(1)
Data Handling Standards
316(2)
Data Loss Prevention Automation
318(3)
System and Site Classification
321(1)
Data Quality and Accuracy
322(1)
Data Flow and Usage Diagrams
323(1)
Data Use Limitation
324(4)
Data Use Governance
325(1)
External Privacy Policy
325(1)
Data Analytics
326(2)
Chapter Review
328(7)
Quick Review
329(1)
Questions
329(3)
Answers
332(3)
Chapter 8 Data Persistence
335(22)
Data Minimization
335(7)
Collecting Only Required Fields
336(1)
Collecting Only Required Records
337(1)
Discarding Data When No Longer Needed
337(1)
Minimizing Access
338(1)
Minimizing Storage
338(1)
Minimizing Availability
339(1)
Minimizing Retention
339(2)
Minimization Through De-identification
341(1)
Data Migration
342(2)
Data Storage
344(1)
Data Warehousing
345(1)
Data Retention and Archiving
345(2)
Industry Data Retention Laws
345(1)
Right to Be Forgotten
346(1)
Data Archival
346(1)
Data Destruction
347(1)
Chapter Review
347(10)
Quick Review
348(1)
Questions
349(3)
Answers
352(5)
Part IV Appendix and Glossary
Appendix: About the Online Content
357(4)
System Requirements
357(1)
Your Total Seminars Training Hub Account
357(1)
Privacy Notice
357(1)
Single User License Terms and Conditions
357(2)
TotalTester Online
359(1)
Technical Support
359(2)
Glossary 361(36)
Index 397
Peter H. Gregory is a career information technologist, security and privacy leader, and an executive advisor for Optiv Security, where he advises executives in many industries on cybersecurity and privacy strategies. He is the author of over forty books, including four editions of CISA All-In-One Exam Guide, CISA Practice Exams, Second Edition, and Solaris Security.