Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Certified Information Systems Security Professional - CISSP
Training Overview
Description of Training
Video Overview
Introduction
Introduction (2:40)
Student Feedback (1:04)
Student Feedback (1:07)
Student Material
Course Introduction
Introduction (0:47)
CISSP Training (4:26)
CISSP Certification (5:56)
CISSP Exam
Course Outline (4:14)
Course Flow (4:17)
Course Materials (4:43)
Before You Start (2:50)
Domain 1: Security and Risk Management
NIST (8:13)
Understand and Apply CIA (11:28)
Evaluate and apply security governance principles (8:13)
NIST 800-100 (7:31)
Security Governance – Requirements (7:31)
The Organizational Culture's (11:07)
Due Care and Due Diligence (7:27)
Exam Question (4:11)
Guidelines for Applying Security Governance Principles
Determine compliance requirements (8:42)
Understand legal and regulatory issues (2:56)
Exam Question (2:13)
Computer Crime (8:37)
Ethics (2:26)
Guidelines for Upholding Professional Ethics in Security
Security Policy Framework (24:53)
Resources: CIS (4:17)
Exam Tips (1:45)
The Relationship Between Security Document Types (3:42)
Guidelines for Drafting Security Documentation
Identify, analyze, and prioritize Business Continuity (BC) requirements (8:17)
BCP Phases (12:01)
Business Impact Analysis - BIA (10:41)
NIST SP 800-34 (8:06)
MTD-RTO-RPO (11:29)
MTTF-MTTR (6:12)
Business Continuity Controls (9:42)
High availability and Fault Tolerance (11:28)
Exam Tips (1:27)
Guidelines for Applying Business Continuity Plan Fundamentals
Contribute to and enforce personnel security policies and procedures (12:59)
Insider Threat Prevention (15:20)
Employees Privacy (4:50)
Social Media Security (9:45)
Understand and apply risk management concepts (10:53)
Qualitative vs Quantitively Assessment (8:24)
Risks Formula (11:42)
Risk Management Strategies (10:12)
Security Controls (6:29)
Nist 800-37 (2:19)
Risk Register (1:17)
Exam Tips (1:58)
Guidelines for Implementing Risk Management
Understand and apply threat modeling concepts and methodologies (5:46)
STRIDE Modle (5:23)
Threat Intelligence Sources (3:07)
Guidelines for Implementing Threat Modeling
Apply risk-based management concepts to the supply chain (6:17)
Vendor Management Life Cycle (5:26)
Establish and maintain a security awareness, education, and training program (18:39)
Awareness resources (9:09)
Some Important Policies (7:20)
Domain 2: Asset Security
Identify information and assets (14:19)
Assets Classification and Labeling (12:44)
Military / Commercial Classification (12:42)
Sample of Classification Tool 1 (2:49)
Sample of Classification Tool 2 (2:30)
Data Lost Prevention (3:11)
Sample of DLP Tool (3:18)
Guidelines for Implementing Asset Classification
Determine and maintain information and asset ownership (3:33)
Protect privacy (7:49)
Guidelines for Implementing Privacy Protection
Ensure appropriate asset retention (12:07)
Determine data security controls (12:51)
Data Encryptian (1:46)
Domain 3: Security Architecture and Engineering
Introduction to Security Architecture and Engineering (3:50)
Security Engineering Lifecycle (4:13)
NISP SP 14-27 (11:36)
Trusted Computing Base _ TCB (9:21)
TCB Vulnerability (9:46)
Security Models (17:07)
TCSEC (5:42)
ITSEC (6:06)
Security Architecture Questions (3:17)
Enterprise Security Architecture (5:05)
Virtualization (9:50)
Fault Tolerance (6:31)
Server Fault Tolerance Techniques (2:05)
New Technology (6:27)
Cryptography (16:30)
Alternative Ciphers (7:55)
Symmetric Encryption (12:43)
Asymmetric Encryption (13:51)
Hash (6:04)
Physical Security (7:38)
Physical Access Barriers (9:41)
Power Issue (3:10)
Fire (5:28)
Domain 4: Communication and Network Security
The OSI Model (17:26)
TCP-IP Model (2:48)
Network Architecture Components (17:08)
Firewall (10:42)
Network Types and Topolgies (8:36)
Remote Access Technology (18:33)
Wireless Network (7:12)
Network Attacks (8:53)
Remote Access Security Mechanisms (2:06)
RAID (6:47)
Backup (5:49)
Network Questions (1:13)
Domain 5: Identity and Access Management (IAM)
Access Control (6:50)
Authorization (19:24)
Authentication (18:51)
Single Sign on SSO (13:11)
Central Administration (RADUIS) (4:17)
Access Control Attack (17:16)
Instrusion Detection System (IDS) (6:58)
Access Control Inportant exam area (4:15)
Access Control Questions (8:02)
Cloud Security
Introduction to Cloud Security (2:50)
NIST 800-145 (1:55)
IaaS vs PaaS vs SaaS (2:25)
SaaS (4:25)
PaaS (2:04)
IaaS (1:59)
Storage Architecture (1:25)
Data Life Cycle Security (4:27)
Hypervisor (4:49)
Virtualization Security (5:26)
Perimeter Security (6:05)
Domain 6: Security Assessment and Testing
Introduction Security Assessment and Testing (11:20)
Test Output (4:33)
Vulnerability asessment - Part 1 (2:16)
Vulnerability asessment -Part 2 (3:16)
Nessus VA (13:25)
Nessus VA- Part 2 (14:05)
Nessus VA Report (5:20)
OWASP ZAP - VA (5:06)
Nexpose VA (5:05)
Penetration testing (8:34)
Reconnaissance Demo - Maltego 2 (7:59)
Scanning Demo - Zenmap (5:06)
Exploitation Demo - MetaSploit 2 (14:33)
Event Log Review 2 (7:19)
NIST 800-92 (2:56)
SIEM Solution (6:16)
SIEM Solution Demo - Qradar (3:09)
Code Review (5:20)
Security KPI's (6:57)
Domain 7: Security Operations
Introduction to Security Operation 2 (1:41)
Security Operation 2 (9:53)
Domain 8: Software Development Security
The System Life Cycle (6:45)
Software Development Methods (6:43)
Change Control Process (3:07)
Security Consideration (1:54)
Software Control (2:50)
Introduction to SQL Injection 2 (11:27)
What is SQL Injection (11:27)
Determine data security controls
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock