All Episodes
Displaying 121 - 140 of 147 in total
Episode 122 — Spotlight: System Monitoring (SI-4)
System Monitoring (SI-4) provides the visibility necessary to detect, analyze, and respond to security-relevant events across networks and systems. For exam readiness,...
Episode 123 — Spotlight: Software, Firmware, and Information Integrity (SI-7)
Software, Firmware, and Information Integrity (SI-7) ensures that system components and data remain trustworthy throughout their lifecycle. For the exam, understand th...
Episode 124 — Spotlight: Information Input Validation (SI-10)
Information Input Validation (SI-10) requires systems to verify that all incoming data is correct, complete, and in the expected format before processing. For exam pur...
Episode 125 — Spotlight: Malicious Code Protection (SI-3)
Malicious Code Protection (SI-3) ensures that organizations deploy, update, and monitor mechanisms designed to detect, prevent, and remediate malware infections across...
Episode 126 — Spotlight: Spam Protection (SI-8)
Spam Protection (SI-8) ensures organizations safeguard communication channels against unwanted, malicious, or deceptive messages that can disrupt operations or serve a...
Episode 127 — Spotlight: Error Handling (SI-11)
Error Handling (SI-11) ensures that systems process and report errors securely, preventing the leakage of sensitive information or system details that could aid attack...
Episode 128 — Spotlight: Contingency Plan (CP-2)
Contingency Plan (CP-2) requires organizations to establish, maintain, and test documented procedures for restoring essential operations following disruption. For exam...
Episode 129 — Spotlight: System Backup (CP-9)
System Backup (CP-9) ensures that critical information, configurations, and software are copied and stored securely to enable rapid recovery after data loss or corrupt...
Episode 130 — Spotlight: Contingency Plan Testing (CP-4)
Contingency Plan Testing (CP-4) ensures that the organization’s recovery strategies and procedures are validated through realistic, periodic exercises. For exam readin...
Episode 131 — Spotlight: System Recovery and Reconstitution (CP-10)
System Recovery and Reconstitution (CP-10) ensures that after a disruption—malware outbreak, data corruption, hardware failure, or site loss—systems are restored to a ...
Episode 132 — Spotlight: Control Assessments (CA-2)
Control Assessments (CA-2) verify that implemented safeguards function as intended and achieve their stated objectives. For exam readiness, recognize that CA-2 require...
Episode 133 — Spotlight: Plan of Action and Milestones (CA-5)
Plan of Action and Milestones (CA-5) is the enterprise ledger for weaknesses, corrective actions, and accountability. For the exam, understand that CA-5 transforms ass...
Episode 134 — Spotlight: Continuous Monitoring (CA-7)
Continuous Monitoring (CA-7) sustains assurance between assessments by collecting, analyzing, and acting on security-relevant data with defined cadence and triggers. F...
Episode 135 — Spotlight: Authorization (CA-6)
Authorization (CA-6) is the formal, risk-based decision that a system may operate within defined conditions, made by an authorizing official who accepts residual risk ...
Episode 136 — Spotlight: Supply Chain Controls and Processes (SR-3)
Supply Chain Controls and Processes (SR-3) ensure that products and services acquired or integrated into an organization’s environment meet established security and pr...
Episode 137 — Spotlight: Supplier Assessments (SR-6)
Supplier Assessments (SR-6) verify that external vendors and service providers meet security and privacy requirements before and during their engagement. For exam read...
Episode 138 — Spotlight: Component Authenticity (SR-11)
Component Authenticity (SR-11) focuses on verifying that hardware, software, and firmware components are genuine, unaltered, and obtained from trusted sources. For the...
Episode 139 — Spotlight: Supply Chain Risk Management Plan (SR-2)
Supply Chain Risk Management Plan (SR-2) establishes how organizations identify, assess, and mitigate risks arising from suppliers, service providers, and dependencies...
Episode 140 — Spotlight: Awareness Training (AT-2)
Awareness Training (AT-2) ensures that personnel understand security and privacy responsibilities commensurate with their roles and the organization’s risk environment...
Episode 141 — Spotlight: Controlled Maintenance (MA-2)
Controlled Maintenance (MA-2) ensures that all maintenance activities—routine, preventive, or emergency—are performed under defined, authorized, and auditable conditio...