New Training: Explain Compliance-based Assessments
| new skills - Team Nuggets

New Training: Explain Compliance-based Assessments

In this 5-video skill, CBT Nuggets trainer Shawn Powers identifies the key aspects of compliance-based assessments, including rules, policies, limitations, and more. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

This training includes:

  • 5 videos
  • 16 minutes of training

You’ll learn these topics in this skill:

  • Intro to Compliance Assessments
  • Identifying Various Compliance-based Standards
  • Using Pre-defined Rules for a Pentesting Engagement
  • Understanding Password Policies and Key Management
  • Handling Data Isolation and Limited Access

Which is Better: Compliance or Risk Assessments?

Compliance-based assessments are used to ensure that organizations, companies, and even entire industries align with specific security standards. Businesses that deal with financial information or healthcare data must protect those details from being compromised, and standards like those published by the NIST outline best practices and requirements.

This approach stands in stark contrast to risk-based assessments.In the latter, cybersecurity professionals examine a company's systems and networks to identify weaknesses that could be exploited, then propose customized solutions to resolve any issues they find. Compliance-based assessments, however, evaluate an organization's systems and networks against a published standard to see how they measure up to those requirements.

Look at it this way: when a government inspector comes out to a construction site, he checks the plumbing and the electrical systems to ensure they align with local building codes–that's a compliance assessment. When you buy a home and a house inspector gives the building a scrub from top to bottom, he's looking for any issues that have developed over the years that might cause problems. That's an example of a risk-based assessment.

Both types of evaluations are necessary, but it's even more critical to understand the difference between the two and how each should be used.



Ultimate Security Cert Guide

A 62-page guide to every Palo Alto, Offensive Security, (ISC)2, Check Point, CompTIA, and Cisco certification, and how they fit into your career.

By submitting this form you agree that you have read, understood, and are able to consent to our privacy policy.


Learn anytime anywhere with our mobile apps.

I have read and understood the privacy policy and am able to consent to it.

© 2021 CBT Nuggets. All rights reserved. Terms | Privacy Policy | Accessibility | Sitemap | 1550 Valley River Drive, Eugene, OR 97401 | 541-284-5522
CBT Nuggets