Ccsp Domain 6 - Legal & Compliance

Fine tune your knowledge that you need to pass the CCSP Exam for the Legal domain up to date with the Aug 22 exam.

What you'll learn
Understand what (ISC)2 expects you to know about laws and regulations for the CCSP exam under the August 2022 update.
Recognize laws and regulations and be able to divide them in to categories such as privacy or healthcare.
Comprehend what an audit entails.
Understand what industrial controls systems and programmable logic computers are used for.
Understand the privacy maturity model.
Requirements
A desire to learn what you need to know about laws and regulations for the CCSP exam.
There are no requirements. An understanding of networking can be very beneficial though.
A basic understanding of information security is recommended.
Description
In this course we walk through all of the critical concepts within the Legal and Compliance domain. Legal is only 13% of the test, but if you are not properly prepared it can have a huge impact on your success. I will guide you through all of the concepts that you need to know and advise you on the level of knowledge that you need to get comfortable with.There is nearly 3 hours of video content plus course notes based on information from my book: Cloud Guardians.In here you will learn about privacy laws (especially ones that are good to be aware of), financial laws, health care laws and many other regulations. Privacy laws include the EU's GDPR, Canada's PIPEDA and more.There are also many US Government regulations that you should be familiar with such as the CLOUD act, Fed RAMP, and the Stored Communication Act (SCA). You will be guided through the parts of a contract as well as contractual requirements such as PCI-DSS.In order to be in compliance with applicable laws, regulations, standards, contracts and policies it is necessary to have audits performed. We will explore the AICPA's auditing standard and resulting reports, such as SOC 2 Type II.The final piece to this domain is the topic of forensics. Especially how the cloud impacts a forensic investigation.

Overview

Section 1: Introduction to Legal domain

Lecture 1 Introduction to the Legal domain

Section 2: Privacy laws and regulations

Lecture 2 Privacy laws and regulations introduction

Lecture 3 General Data Protection Regulation (GDPR)

Lecture 4 Additional Privacy Laws

Lecture 5 Privacy Management Framework (PMF) and Maturity Model (PMM)

Section 3: FedRAMP and CLOUD Act

Lecture 6 FedRAMP and CLOUD Act

Section 4: PCI

Lecture 7 PCI

Lecture 8 PCI Requirements 1-3

Lecture 9 PCI Requirements 4-6

Lecture 10 PCI Requirements 7-12

Section 5: ITAR and EAR

Lecture 11 ITAR and EAR

Section 6: Industrial Control Systems (ICS)

Lecture 12 Industrial Control Systems

Section 7: Audits and SOC Reports

Lecture 13 Audits

Section 8: Gap analysis and CSA STAR, CCM & CAIQ

Lecture 14 Gap analysis and CSA STAR, CCM & CAIQ

Section 9: CSA STAR and CCM

Lecture 15 CSA STAR and CCM

Section 10: Risk Management

Lecture 16 Risk appetite and risk profile

Lecture 17 Risk Tolerance

Lecture 18 Basic Risk Terminology

Lecture 19 Quantitative Risk Assessment

Lecture 20 Qualitative Risk Assessment

Lecture 21 Risk Response

Section 11: Forensics in the cloud

Lecture 22 Forensics Intro

Lecture 23 Basic Cloud Forensics

Lecture 24 E-Discovery

Lecture 25 Basic Forensic Rules

This course is intended for people that are preparing for the (ISC)2 CCSP exam with the August 2022 updates..,This course would benefit anyone working to expand their knowledge and understanding of the cloud and its impact on laws and regulations.