CISSP Domain-7: Security Operations

The podcast discussions details critical aspects of maintaining an organisation's security posture and operational resilience. The discussion covers security operational controls such as auditing and logging, enforcing least privilege and separation of duties, and implementing change management and configuration management practices to maintain system integrity. A significant portion addresses physical security measures, including defensive perimeters, access controls like locks and surveillance (CCTV), and the use of intrusion detection systems (IDSs). Finally, the sources extensively describe incident response (IR), digital forensics, disaster recovery (DR), and business continuity planning (BCP), focusing on strategies like defining recovery objectives (RPO/RTO), managing backup strategies (hot/warm/cold sites), and using high-availability technologies.