Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Certified Information Systems Security Professional - CISSP
Training Overview
Description of Training
Video Overview
Introduction
Introduction (2:40)
Student Feedback (1:04)
Student Feedback (1:07)
Student Material
Course Introduction
Introduction (0:47)
CISSP Training (4:26)
CISSP Certification (5:56)
CISSP Exam
Course Outline (4:14)
Course Flow (4:17)
Course Materials (4:43)
Before You Start (2:50)
Domain 1: Security and Risk Management
NIST (8:13)
Understand and Apply CIA (11:28)
Evaluate and apply security governance principles (8:13)
NIST 800-100 (7:31)
Security Governance (3:37)
Security Governance – Requirements (7:31)
The Organizational Culture's (11:07)
Due Care and Due Diligence (7:27)
Exam Question (4:11)
Guidelines for Applying Security Governance Principles
Security Models (2:18)
Determine compliance requirements (8:42)
Understand legal and regulatory issues (2:56)
Exam Question (2:13)
Computer Crime (8:37)
Professional Ethics (4:32)
Ethics (2:26)
Security Documentation (2:47)
Guidelines for Upholding Professional Ethics in Security
Information Security Policy (3:08)
Some Important Policies (7:20)
Security Policy Framework (24:53)
Resources: CIS (4:17)
Exam Tips (1:45)
The Relationship Between Security Document Types (3:42)
Guidelines for Drafting Security Documentation
Identify, analyze, and prioritize Business Continuity (BC) requirements (8:17)
BCP Phases (12:01)
Business Impact Analysis - BIA (10:41)
NIST SP 800-34 (8:06)
MTD-RTO-RPO (11:29)
MTTF-MTTR (6:12)
BCP (5:48)
Business Continuity Controls (9:42)
High availability and Fault Tolerance (11:28)
Exam Tips (1:27)
Guidelines for Applying Business Continuity Plan Fundamentals
Contribute to and enforce personnel security policies and procedures (12:59)
Insider Threat Prevention (15:20)
Employees Privacy (4:50)
Social Media Security (9:45)
Threat Modeling (5:16)
Guidelines for Implementing Threat Modeling
Understand and apply risk management concepts (10:53)
Qualitative vs Quantitively Assessment (8:24)
Risks Formula (11:42)
Risk Management Strategies (10:12)
Security Controls (6:29)
Nist 800-37 (2:19)
Risk Register (1:17)
Exam Tips (1:58)
Guidelines for Implementing Risk Management
Understand and apply threat modeling concepts and methodologies (5:46)
STRIDE Modle (5:23)
Threat Intelligence Sources (3:07)
Risk Management (4:32)
Guidelines for Implementing Threat Modeling
Apply risk-based management concepts to the supply chain (6:17)
Vendor Management Life Cycle (5:26)
Acquisition Strategy and Practice (5:11)
Security Awareness and Training (3:43)
Establish and maintain a security awareness, education, and training program (18:39)
Awareness resources (9:09)
Some Important Policies (7:20)
Domain 2: Asset Security
Identify information and assets (14:19)
Asset Classification (4:14)
Assets Classification and Labeling (12:44)
Military / Commercial Classification (12:42)
Sample of Classification Tool 1 (2:49)
Sample of Classification Tool 2 (2:30)
Data Lost Prevention (3:11)
Sample of DLP Tool (3:18)
Guidelines for Implementing Asset Classification
Information Asset Management (4:05)
Determine and maintain information and asset ownership (3:33)
Protect privacy (7:49)
Privacy Protection (4:06)
Guidelines for Implementing Privacy Protection
Ensure appropriate asset retention (12:07)
Asset Retention (5:17)
Data Security Controls (4:02)
Determine data security controls (12:51)
Data Encryptian (1:46)
Secure Data Handling (5:04)
Establish information and asset handling requirements
Domain 3: Security Architecture and Engineering
Introduction to Security Architecture and Engineering (3:50)
Security Engineering Lifecycle (4:13)
Security Desgin (3:13)
System Component Security-Part 1 (5:15)
System Component Security-Part-2 (3:44)
System Component Security-Part-3 (4:18)
NISP SP 14-27 (11:36)
Trusted Computing Base _ TCB (9:21)
TCB Vulnerability (9:46)
Security Models (3:33)
Security Models (17:07)
TCSEC (5:42)
ITSEC (6:06)
Design and Architecture Vulnerability Mitigation-Part-1 (5:27)
Design and Architecture Vulnerability Mitigation-Part-2 (5:29)
Design and Architecture Vulnerability Mitigation-Part-3 (5:45)
Vulnerability Mitigation in Embedded, Mobile, and Web Based Systems (6:52)
Security Architecture Questions (3:17)
Enterprise Security Architecture (5:05)
Virtualization (9:50)
Fault Tolerance (6:31)
Server Fault Tolerance Techniques (2:05)
New Technology (6:27)
Cryptography Basics-Part-1 (3:05)
Cryptography Basics-Part-2 (0:53)
Cryptography Basics-Part-3 (1:55)
Cryptography (16:30)
Cryptography (6:35)
Symmetric vs. Asymmetric Cryptography (2:34)
Cryptography Applications (Digital Rights Management, Hishing) (6:55)
Cryptography Applications (PKI,Digital Certificates and Signature) (4:53)
Alternative Ciphers (7:55)
Symmetric Encryption (12:43)
Asymmetric Encryption (13:51)
Hash (6:04)
Physical Security (7:38)
Physical Access Barriers (9:41)
Power Issue (3:10)
Fire (5:28)
Domain 4: Communication and Network Security
OSI Model InfoSec4TC (5:07)
OSI Model
The OSI Model (17:26)
TCP-IP Model (2:48)
Fundamentals of Network- Part 1 (5:16)
Fundamentals of Network- Part 2 (3:33)
Fundamentals of Network-Part 3 (4:04)
Network Architecture Components (17:08)
Communication Channel Security (5:38)
Communication Channel Security
Firewall (10:42)
Network Types and Topolgies (8:36)
Remote Access Technology (18:33)
Network Attack Mitigation-Part 1 (3:52)
Network Attack Mitigation-Part 1
Network Attack Mitigation-Part 2 (5:38)
Network Attack Mitigation-Part 2
Wireless Network (7:12)
Network Attacks (8:53)
Remote Access Security Mechanisms (2:06)
RAID (6:47)
Backup (5:49)
Network Questions (1:13)
Domain 5: Identity and Access Management (IAM)
Physical and Logical Access Control (5:07)
Access Control (6:50)
Identity as a Service (4:59)
Identification Authentication and Authorization (4:49)
Authorization Mechanisms (4:36)
Authorization (19:24)
Authentication (18:51)
Single Sign on SSO (13:11)
Central Administration (RADUIS) (4:17)
Access Control Attack Mitigation (5:21)
Access Control Attack (17:16)
Instrusion Detection System (IDS) (6:58)
Access Control Inportant exam area (4:15)
Access Control Questions (8:02)
Cloud Security
Introduction to Cloud Security (2:50)
NIST 800-145 (1:55)
IaaS vs PaaS vs SaaS (2:25)
SaaS (4:25)
PaaS (2:04)
IaaS (1:59)
Storage Architecture (1:25)
Data Life Cycle Security (4:27)
Hypervisor (4:49)
Virtualization Security (5:26)
Perimeter Security (6:05)
Physical and Logical Access Control (5:07)
Physical and Logical Access Control
Identification Authentication and Authorization (4:49)
Identification, Authentication and Authorization
Identity as a Service (4:59)
Identity as a Service
Authorization Mechanisms (4:36)
Authorization Mechanisms
Access Control Attack Mitigation (5:21)
Access Control Attack Mitigation
Domain 6: Security Assessment and Testing
Introduction Security Assessment and Testing (11:20)
Test Output (4:33)
Vulnerability asessment - Part 1 (2:16)
Vulnerability asessment -Part 2 (3:16)
Nessus VA (13:25)
Nessus VA- Part 2 (14:05)
Nessus VA Report (5:20)
OWASP ZAP - VA (5:06)
Nexpose VA (5:05)
Penetration testing (8:34)
Reconnaissance Demo - Maltego 2 (7:59)
Scanning Demo - Zenmap (5:06)
Exploitation Demo - MetaSploit 2 (14:33)
Event Log Review 2 (7:19)
NIST 800-92 (2:56)
SIEM Solution (6:16)
SIEM Solution Demo - Qradar (3:09)
Code Review (5:20)
Security KPI's (6:57)
System Security Control Testing (5:22)
Software Security Control Testing (4:24)
Security Process Data Collection (4:43)
Audits (4:18)
System Security Control Testing (5:22)
System Security Control Testing
Software Security Control Testing (4:24)
Software Security Control Testing
Security Process Data Collection (4:43)
Security Process Data Collection
Audits (4:18)
Audits
Domain 7: Security Operations
Introduction to Security Operation 2 (1:41)
Security Operations (5:09)
Security Operation 2 (9:53)
Physcial Security (5:48)
Personnel Security (2:52)
Logging and Monitoring (4:18)
Preventative Measures (5:35)
Resource Provisioning and Protection (5:30)
Patch and Vulnerability Management (2:46)
Change Management (2:55)
Incident Response (5:37)
Investigations (5:25)
Disaster Recovery Planning (5:40)
Recovery Site Strategies (4:52)
Disaster Recovery Implementation (4:47)
Security Operations (5:09)
Security Operations
Physcial Security (5:48)
Physical Security
Personnel Security (2:52)
Personal Security
Logging and Monitoring (4:18)
Logging and Monitoring
Preventative Measures (5:35)
Preventative Measures
Resource Provisioning and Protection (5:30)
Resource Provisioning and Protection
Patch and Vulnerability Management (2:46)
Patch and Vulnerability Management
Change Management (2:55)
Change Management
Incident Response (5:37)
Incident Response
Investigations (5:25)
Investigation
Disaster Recovery Planning (5:40)
Disaster Recovery Planning
Recovery Site Strategies (4:52)
Recovery Site Strategies
Disaster Recovery Implementation (4:47)
Disaster Recovery Implementation
Domain 8: Software Development Security
The System Life Cycle (6:45)
Software Development Methods (6:43)
Change Control Process (3:07)
Security Consideration (1:54)
Software Control (2:50)
Introduction to SQL Injection 2 (11:27)
What is SQL Injection (11:27)
The Relationship Between Security Document Types
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock