CCT 298: Determining Data Controls - CISSP

CISSP Cyber Training Podcast - CISSP Training Program

Inhalt bereitgestellt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.

4d ago 36:27

MP3•Episode-Home

Send us a text

Check us out at: https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv

A graphing calculator running ChatGPT might make headlines, but our real job is keeping sensitive data from walking out the door. We break down the data states that matter most—at rest, in transit, and in use—and show how to pair encryption, access control, and monitoring without drowning in complexity. Along the way, we share a pragmatic blueprint for classification and labeling that teams actually follow, from visual tags and watermarks to tightly governed upgrade and downgrade paths that keep owners accountable.
From there, we zoom out to strategy. Risk tolerance drives control selection, so we talk through scoping and tailoring: how to apply NIST and ISO 27001 sensibly, where GDPR and HIPAA come into play, and why focused logging beats “collect everything” fantasies. You’ll hear the real differences between DRM and DLP—licensing and usage enforcement versus data path control—and when each tool earns its keep. We also lay out transfer procedures that work in the wild: SFTP with verified keys, email encryption, FIPS‑validated USBs, and restricted cloud shares with time‑boxed access.
Cloud isn’t a blind spot when a CASB sits between your users and SaaS. We explain how a CASB delivers visibility into shadow IT, enforces policy across apps, integrates with identity for conditional access, and even helps you rein in egress costs. Tie it all together and you get a layered, test‑ready approach that helps you pass the CISSP while protecting what matters most. If this helped sharpen your plan, follow the show, share it with a teammate, and leave a quick review so we can keep building tools that move you forward.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Kapitel

1. Welcome And Episode Focus (00:00:00)

2. TI-84 ChatGPT Hack And Ethics (00:00:56)

3. Show Updates And Resources (00:04:34)

4. Determining Data Security Controls (00:04:34)

5. Data States Explained (00:05:30)

6. Encryption Keys And Emerging Methods (00:10:59)

7. DLP And Data Exfiltration Risks (00:15:10)

8. Data Classification And Labeling (00:17:59)

9. Governance For Sensitivity Changes (00:24:26)

10. Scoping And Tailoring Controls (00:26:06)

11. Standards And Risk Tolerance (00:31:25)

12. DRM Concepts And Reality (00:36:20)

302 Episoden

#CISSP #Cyber Security #Cybersecurity #Cyber Training #Cybersecurity Consultant #Shon Gerber #Cissp Course #Cissp Boot Camp #Cissp Exam #Cissp Practice Exam #Cissp Practice Test #Higher Education #Podcasting Education #CISSP Training