< CASP

Integrate enterprise disciplines to achieve secure solutions

Interpreting security requirements and goals to communicate with other disciplines

Programmers

Network engineers

Sales staff

Provide guidance and recommendations to staff and senior management on security processes and controls

Establish effective collaboration within teams to implement secure solutions

Disciplines

Programmer

Database administrator

Network administrator

Management

Stake holders

Financial

HR- Human Resources

Emergency response team

Facilities manager

Physical security manager

Explain the security impact of inter-organizational change

Security concerns of interconnecting multiple industries

Rules, policies and regulations

Design considerations during mergers, acquisitions and de-mergers

Assuring third party products - only introduce acceptable risk

Custom developed

COTS – Commercial Off The Shelf Software

Network secure segmentation and delegation

Integration of products and services

Select and distinguish the appropriate security controls with regard to communications and collaboration

Unified communication security

Web conferencing

Video conferencing

Instant messaging

Desktop sharing

Remote assistance

Presence

Email

Telephony

VoIP security

VoIP implementation

Remote access

Enterprise configuration management of mobile devices

Secure external communications

Secure implementation of collaboration platforms

Prioritizing traffic (QoS- Quality of Service)

Mobile devices

Smart phones, IP cameras, laptops, IP based devices

Explain advanced authentication tools, techniques and concepts

Federated identity management (SAML--Security Assertions Markup Language)

XACML- eXtensible Access Control Markup Language

SOAP-Simple Object Access Protocol

Single sign on

SPML- Service Provisioning Markup Language

Certificate based authentication

Attestation

Carry out security activities across the technology life cycle

End to end solution ownership

Understanding results of solutions in advance

Operational activities

Maintenance

Decommissioning

General change management

Systems Development Life Cycle

Security System Development Life Cycle (SSDLC) / Security Development Life Cycle (SDL)

Security Requirements Traceability Matrix (SRTM)

Validate system designs

This article is issued from Wikibooks. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.