All Episodes
Displaying 41 - 60 of 147 in total
Episode 41 — System and Communications Protection — Part One: Segmentation and boundary thinking
System and communications protection within NIST 800-53 establishes how data and traffic are isolated, filtered, and secured across system boundaries. For exam purpose...
Episode 42 — System and Communications Protection — Part Two: Cryptography and session protections
Cryptography within NIST 800-53 provides confidentiality and integrity for information in transit and at rest. Exam candidates must grasp that cryptographic protection...
Episode 43 — System and Communications Protection — Part Three: Evidence, coverage, and pitfalls
Evidence for system and communications protection confirms that segmentation, encryption, and traffic controls function as designed. For the exam, candidates must know...
Episode 44 — System and Communications Protection — Part Four: Advanced topics and metrics
Advanced system and communications protection extends traditional boundary security into adaptive, context-aware controls. For exam readiness, candidates should recogn...
Episode 45 — Contingency Planning — Part One: Plans, roles, and objectives
Contingency planning ensures that critical missions continue despite disruptions such as cyber incidents, natural disasters, or hardware failures. In NIST 800-53, this...
Episode 46 — Contingency Planning — Part Two: Backup, alternate sites, and continuity patterns
Backups and alternate sites form the operational backbone of contingency planning under NIST 800-53. For exam preparation, candidates should know that backups protect ...
Episode 47 — Contingency Planning — Part Three: Evidence, tests, and pitfalls
Evidence for contingency planning demonstrates that recovery strategies are not just written but operationally validated. For the exam, candidates must understand that...
Episode 48 — Contingency Planning — Part Four: Advanced topics and metrics
Advanced contingency planning merges automation, analytics, and integrated resilience design. For exam purposes, candidates should understand how metrics validate read...
Episode 49 — System and Services Acquisition — Part One: Purpose, scope, and sourcing options
System and services acquisition ensures that cybersecurity requirements are embedded from the start of procurement and development. NIST 800-53 positions this family o...
Episode 50 — System and Services Acquisition — Part Two: Security engineering and supplier controls
Security engineering integrates protection principles into product and service design, ensuring risks are mitigated before deployment. Under NIST 800-53, acquisition p...
Episode 51 — System and Services Acquisition — Part Three: Evidence, contract hooks, and pitfalls
Evidence in system and services acquisition demonstrates that suppliers have met agreed security and privacy obligations throughout the lifecycle. For exam readiness, ...
Episode 52 — System and Services Acquisition — Part Four: Advanced topics and metrics
Advanced acquisition management applies continuous assurance and data-driven oversight to supplier relationships. For exam purposes, candidates should understand that ...
Episode 53 — Assessment, Authorization, and Monitoring — Part One: Purpose, scope, and outcomes
Assessment, authorization, and monitoring—often referred to collectively as A A M—form the governance framework for verifying and maintaining system security. NIST 800...
Episode 54 — Assessment, Authorization, and Monitoring — Part Two: Assessment practices and monitoring
Assessment practices within NIST 800-53 define how controls are tested, reviewed, and scored. For exam readiness, candidates should understand the role of assessment p...
Episode 55 — Assessment, Authorization, and Monitoring — Part Three: Evidence, POA&M, and pitfalls
Evidence in the AAM process substantiates that control testing, authorization, and remediation are properly executed. Candidates should recognize that a strong evidenc...
Episode 56 — Assessment, Authorization, and Monitoring — Part Four: Advanced topics and metrics
Advanced practices in assessment, authorization, and monitoring focus on compressing the time between change and assurance while preserving evidence quality. For exam ...
Episode 57 — Supply Chain Risk Management — Part One: Purpose, scope, and outcomes
Supply chain risk management in NIST 800-53 addresses the reality that modern systems depend on providers, components, and services outside direct organizational contr...
Episode 58 — Supply Chain Risk Management — Part Two: Supplier controls and assurance patterns
Supplier controls translate expectations into operating rules that suppliers must follow and prove. For exam preparation, understand the assurance patterns that make t...
Episode 59 — Supply Chain Risk Management — Part Three: Evidence, approvals, and pitfalls
Evidence in the supply chain domain must show that components are authentic, code is untampered, and providers are meeting obligations over time. For the exam, be able...
Episode 60 — Supply Chain Risk Management — Part Four: Advanced topics and metrics
Advanced supply chain programs treat dependency risk as a quantifiable, continuously monitored portfolio. For exam readiness, understand how metrics expose weak links ...