[<< wikibooks] CASP/Integration
== Integrate enterprise disciplines to achieve secure solutions ==


=== Interpreting security requirements and goals to communicate with other disciplines ===


==== Programmers ====


==== Network engineers ====


==== Sales staff ====


=== Provide guidance and recommendations to staff and senior management on security processes and controls ===


=== Establish effective collaboration within teams to implement secure solutions ===


=== Disciplines ===


==== Programmer ====


==== Database administrator ====


==== Network administrator ====


==== Management ====


==== Stake holders ====


==== Financial ====


==== HR- Human Resources ====


==== Emergency response team ====


==== Facilities manager ====


==== Physical security manager ====


== Explain the security impact of inter-organizational change ==


=== Security concerns of interconnecting multiple industries ===


==== Rules, policies and regulations ====


=== Design considerations during mergers, acquisitions and de-mergers ===


=== Assuring third party products - only introduce acceptable risk ===


==== Custom developed ====


==== COTS – Commercial Off The Shelf Software ====


=== Network secure segmentation and delegation ===


=== Integration of products and services ===


== Select and distinguish the appropriate security controls with regard to communications and collaboration ==


=== Unified communication security ===


==== Web conferencing ====


==== Video conferencing ====


==== Instant messaging ====


==== Desktop sharing ====


==== Remote assistance ====


==== Presence ====


==== Email ====


==== Telephony ====


=== VoIP security ===


=== VoIP implementation ===


=== Remote access ===


=== Enterprise configuration management of mobile devices ===


=== Secure external communications ===


=== Secure implementation of collaboration platforms ===


=== Prioritizing traffic (QoS- Quality of Service) ===


=== Mobile devices ===


==== Smart phones, IP cameras, laptops, IP based devices ====


== Explain advanced authentication tools, techniques and concepts ==


=== Federated identity management (SAML--Security Assertions Markup Language) ===


=== XACML- eXtensible Access Control Markup Language ===


=== SOAP-Simple Object Access Protocol ===


=== Single sign on ===


=== SPML- Service Provisioning Markup Language ===


=== Certificate based authentication ===


=== Attestation ===


== Carry out security activities across the technology life cycle ==


=== End to end solution ownership ===


=== Understanding results of solutions in advance ===


==== Operational activities ====


==== Maintenance ====


==== Decommissioning ====


==== General change management ====


=== Systems Development Life Cycle ===


==== Security System Development Life Cycle (SSDLC) / Security Development Life Cycle (SDL) ====


==== Security Requirements Traceability Matrix (SRTM) ====


=== Adapt solutions to address emerging threats and security trends ===


=== Validate system designs ===