CISSP Certification Training

CISSP Certification Training

730,000.00

 

The CISSP Certification training(Certified Information Systems Security Professional )program governed by the International Information Systems Security Certification Consortium (ISC2) is globally recognized as a standardized body of knowledge for confirming professionals’ knowledge in the field of information security.

Description

CISSP Certification Training Overvew

The CISSP Certification training(Certified Information Systems Security Professional )program governed by the International Information Systems Security Certification Consortium (ISC2) is globally recognized as a standardized body of knowledge for confirming professionals’ knowledge in the field of information security.

JK Michaels training in Certified Information Systems Security Professional (CISSP) is an ideal course package for every aspiring professional who wants to build their career in information security sector.

The CISSP professional will be able to define the architecture, design, and management which are important factors to assure security of an organization. They will also be able to create and operate duties related to information security programs.

The main aim of this course is to provide knowledge on information security and governance, risk management, software development security and related concepts which will enable a professional to cope up with the growing demand of protecting an organization’s information and assets.

 

CISSP Certification Training|Why is the certification most sought-after?

CISSP is one of the most demanding certifications in the field of information security as this confirms an individual’s knowledge of the various domains of information security.
According to Symantec Corp. (security software company), in 2011, the global cost of cyber-attacks estimated around $388 billion, which has increased the demand of IT professionals with CISSP certification.

JK Michaels CISSP course will help a professional acquire the skills to design architecture and manage controls to ensure the security of business environments. With this certification, you will be able to successfully handle security issues in cloud computing, mobiles, application development, risk management, and more. The best thing about CISSP is that it will enable you to align security with business requirements.
According to one of the major employment websites, more than 70% of information security jobs required CISSP certification.

What are the career benefits in-store for you?

A CISSP certified professional with a working knowledge in the field of information security will have an upward career graph. Such a professional can work as information security manager, security consultant, security architect, and so on. They will find good opportunities in various industries including the IT sector.
  • 53% growth in Information Security Jobs by 2018 is expected as per Peninsula/Stanford Journalism report.
  • LinkedIn research shows 51% of Security Architects are CISSP certified.
  • According to Indeed Salary Data CISSP’s earn $12,000 more than non-certified peers.

Course Outlines

Domain 00 – Introduction31:8
  • 1 CISSP®—Introduction 2.6
  • 2 Before you start 1.11
  • 3 Objectives 1.20
  • 4 CISSP®2:19
  • 5 (ISC)²®1:58
  • 6 CISSP® Domains3:47
  • 7 Benefits of CISSP® for Professionals2:1
  • 8 Benefits of CISSP® for Employers2:6
  • 9 CISSP® Certification Requirements1:42
  • 10 CISSP® Certification Requirements (contd.)1:21
  • 11 CISSP® Certification Requirements (contd.)1:57
  • 12 CISSP® Certification Requirements (contd.)2:5
  • 13 CISSP® Examination3:36
  • 14 CISSP® Examination (contd.)1:30
  • 15 Conclusion
  • Domain 01 – Security and Risk Management258:46
    • 1 Domain 01—Security and Risk Management1:10
    • 2 Objectives1:32
    • 3 Importance of Information Security and Risk Management2:3
    • 4 Role and Importance of CIA in ISM2:7
    • 5 Confidentiality2:51
    • 6 Integrity2:32
    • 7 Availability1:57
    • 8 Information Security1:33
    • 9 Information Security Management1:26
    • 10 Information Security Governance2:6
    • 11 IT Security and Organizational Goals, Mission, and Objectives1:29
    • 12 Goals, Mission, and Objectives2:55
    • 13 Aligning Security with Goals, Mission, and Objectives1:41
    • 14 Business Scenario2:14
    • 15 Organizational Processes2:28
    • 16 Auditing1:21
    • 17 Control Framework1:40
    • 18 Due Care1:31
    • 19 Due Diligence1:28
    • 20 Security Controls1:49
    • 21 Service Level Agreements1:58
    • 22 Managing Third – Party Governance3:23
    • 23 Offshoring—Privacy Requirements and Compliance2:7
    • 24 Business Scenario1:52
    • 25 Layers of Responsibility2:3
    • 26 Security Policies2:31
    • 27 Types of Security Policies2:35
    • 28 Security Policy Implementation3:7
    • 29 Policy Chart2:8
    • 30 Standards, Guidelines, Procedures, and Baselines3:7
    • 31 Business Scenario1:30
    • 32 Compliance—Need for Compliance2:23
    • 33 Regulatory Compliance1:45
    • 34 Compliance1:39
    • 35 Compliance (contd.)1:57
    • 36 Compliance (contd.)1:48
    • 37 Standards/Manuals/Guidelines for Compliance2:9
    • 38 Computer Crimes1:27
    • 39 Introduction to Computer Crimes1:54
    • 40 Categories of Computer Crimes3:28
    • 41 Business Scenario1:51
    • 42 Major Legal Systems1:45
    • 43 Common Law and Civil Law2:42
    • 44 Customary Law and Religious Law2:44
    • 45 Mixed Law1:28
    • 46 Business Scenario1:36
    • 47 Introduction to Intellectual Property (IP) Law2:1
    • 48 Types of Intellectual Property (IP) Law2:51
    • 49 Types of Intellectual Property (IP) Law (contd.)2:44
    • 50 Types of Intellectual Property (IP) Law (contd.)1:0
    • 51 Business Scenario1:39
    • 52 Import or Export Controls and Trans – Border Data Flow2:10
    • 53 Introduction to Privacy2:59
    • 54 U.S. Privacy Laws2:14
    • 55 U.S. Privacy Laws (contd.)2:21
    • 56 U.S. Guidelines for Managing Privacy2:41
    • 57 EU Council Directive (Law) on Data Protection2:18
    • 58 The U.S.-European Union Safe Harbor3:4
    • 59 Security Definitions3:40
    • 60 Information Risk Management2:9
    • 61 Business Scenario1:54
    • 62 Introduction to Risk Analysis2:6
    • 63 Goals of Risk Analysis1:26
    • 64 Risk Analysis Team1:54
    • 65 Steps for Risk Analysis1:50
    • 66 Information and Assets Valuation2:16
    • 67 Risk Analysis Types1:41
    • 68 Quantitative Risk Analysis—Steps2:47
    • 69 Quantitative Risk Analysis—Problem1:39
    • 70 Qualitative Risk Analysis2:10
    • 71 Delphi Technique2:4
    • 72 Quantitative vs.Qualitative1:29
    • 73 Hybrid Analysis1:45
    • 74 Countermeasure Selection—Problem1:56
    • 75 Countermeasure Selection—Other Factors1:57
    • 76 Handling Risk2:39
    • 77 Business Scenario1:51
    • 78 Threat Modeling1:59
    • 79 Need for Business Continuity Planning1:55
    • 80 Basic Concepts—Disruptive Events3:26
    • 81 Basic Concepts—Business Continuity Planning1:47
    • 82 Importance of Business Continuity Planning1:31
    • 83 Business Continuity Planning Phases1:53
    • 84 BCP/DRP Phase 1—Project Initiation and Scoping3:54
    • 85 BCP/DRP Phase 2—Business Impact Analysis (BIA)2:11
    • 86 BIA—Goals2:20
    • 87 BIA—Steps4:32
    • 88 BIA Steps—Business Unit Level2:7
    • 89 Maximum Tolerable Downtime (MTD)2:46
    • 90 Failure and Recovery Metrics3:52
    • 91 Failure and Recovery Metrics (contd.)2:46
    • 92 Stages of Failure and Recovery1:52
    • 93 BCP/DRP Phase 3—Identify Preventive Controls2:19
    • 94 Importance of Managing Personnel Security1:51
    • 95 Managing Personnel Security—Hiring Practices1:54
    • 96 Managing Personnel Security—Employee Termination1:47
    • 97 Vendor, Contractors, and Consultant Controls1:47
    • 98 Best Work Practices2:44
    • 99 Business Scenario1:48
    • 100 Importance of Security Awareness Training1:54
    • 101 Security Awareness Training: Awareness, Training, and Education2:28
    • 102 Implementation of Security Awareness Training Program1:38
    • 103 Importance of Content Updates1:23
    • 104 Importance of Managing Security Function1:53
    • 105 Best Practices—Budget and Establish Security Metrics2:28
    • 106 Best Practices—Resources and Develop and Implement Strategies2:23
    • 107 Best Practices—Completeness and Effectiveness of the Program1:25
    • 108 Business Scenario1:44
    • 109 (ISC)² Code of Ethics3:31
    • 110 Quiz0:0
    • 111 Summary1:54
    • 112 Conclusion1:6
  • Domain 02 – Asset Security116:50
    • 1 Domain 02—Asset Security1:13
    • 2 Objectives1:28
    • 3 Importance of Asset Security1:39
    • 4 Need for Information Classification2:12
    • 5 Information Classification Objectives1:56
    • 6 Government or Military Sector Classification2:33
    • 7 Commercial or Private Sector Classification2:50
    • 8 Information Classification Criteria2:52
    • 9 Data Classification Considerations1:47
    • 10 Role Responsible for Data Classification1:51
    • 11 Business Scenario1:37
    • 12 Data Management1:53
    • 13 Best Practices for Data Management1:54
    • 14 Data Policy2:14
    • 15 Data Ownership1:54
    • 16 Data Ownership—Best Practices1:45
    • 17 Data Custodians2:15
    • 18 Data Custodians (contd.)1:33
    • 19 Data Quality2:9
    • 20 Data Quality—Aspects1:32
    • 21 Data Quality Assurance and Quality Control1:49
    • 22 Data Documentation1:44
    • 23 Data Documentation Practices2:28
    • 24 Data Standards1:58
    • 25 Data Control Lifecycle1:33
    • 26 Data Specification and Modeling1:37
    • 27 Database Maintenance1:38
    • 28 Data Audit1:41
    • 29 Data Storage and Archiving1:59
    • 30 Data Security1:58
    • 31 Data Access, Sharing, and Dissemination1:56
    • 32 Data Publishing1:32
    • 33 Data Handling Requirements2:25
    • 34 Media Resource Protection4:32
    • 35 Data Remanence2:51
    • 36 Business Scenario1:45
    • 37 Asset Management2:17
    • 38 Software Licensing1:45
    • 39 Equipment Lifecycle1:0
    • 40 Protecting Privacy2:35
    • 41 Ensuring Appropriate Retention2:6
    • 42 Data Security Controls2:36
    • 43 Data in Transit—Best Practices2:11
    • 44 Scoping and Tailoring1:52
    • 45 Scoping and Tailoring (contd.)2:2
    • 46 Standards Selection—US DoD3:10
    • 47 Standards Selection—International Standards2:45
    • 48 Standards Selection—National Cyber Security Framework Manual1:48
    • 49 Standards Selection—Center for Strategic and International Studies1:0
    • 50 Standards Selection—Critical Security Controls2:23
    • 51 Standards Selection—Security Content Automation Protocol2:19
    • 52 Framework for Improving Critical Infrastructure Cybersecurity2:4
    • 53 Business Scenario1:38
    • 54 Quiz0:0
    • 55 Summary1:44
    • 56 Conclusion1:7
  • Domain 03 – Security Engineering338:34
    • 1 Domain 03—Security Engineering1:14
    • 2 Objectives1:23
    • 3 Security Architecture and Design – Case Study1:42
    • 4 Security Engineering1:31
    • 5 Architecture Framework2:29
    • 6 Zachman Framework2:11
    • 7 TOGAF1:45
    • 8 ITIL2:32
    • 9 Creating a Security Architecture3:0
    • 10 Enterprise Security Architecture3:6
    • 11 Common Security Services in ESA2:29
    • 12 SABSA Framework1:58
    • 13 SABSA Matrix5:1
    • 14 Business Scenario1:41
    • 15 ISO/IEC 27001:2013 Security Standards2:8
    • 16 ISO/IEC 27002—Code of Practice for Information Security Management2:37
    • 17 Security Models2:6
    • 18 State Machine Model1:24
    • 19 Multilevel Security Models2:7
    • 20 Matrix-Based Model1:48
    • 21 Non-Interference Model1:57
    • 22 Information flow model1:40
    • 23 Examples of Security Models: Bell–LaPadula Confidentiality Model3:13
    • 24 Examples of Security Models: Biba Integrity Model2:26
    • 25 Examples of Security Models: Clark–Wilson integrity model2:13
    • 26 Brewer–Nash, Graham–Denning, and Harrison–Ruzzo–Ullman models2:15
    • 27 Business Scenario1:34
    • 28 Evaluation Criteria2:4
    • 29 CSEC3:20
    • 30 Information Technology Security Evaluation Criteria2:20
    • 31 Common Criteria2:15
    • 32 Common Criteria Evaluation Process1:50
    • 33 Common Criteria Levels2:23
    • 34 Payment Card Industry Data Security Standard1:51
    • 35 Certification and Accreditation1:36
    • 36 Certification and Accreditation Standards2:33
    • 37 SEI—CMMI2:49
    • 38 SEI—CMMI Levels1:46
    • 39 Business Scenario2:11
    • 40 System Security Architecture2:19
    • 41 Mainframes and Other Thin Client Systems2:40
    • 42 Middleware and Embedded Systems1:23
    • 43 Pervasive Computing and Mobile Computing Devices1:15
    • 44 System Components—Processors2:8
    • 45 System Components—Memory1:51
    • 46 System Components—Storage1:17
    • 47 System Components—Trusted Computing Base (TCB)1:23
    • 48 System Components—Reference Monitor1:29
    • 49 System Components—Trusted Platform Module (TPM)1:38
    • 50 System Components—Peripherals and Other Input/Output Devices1:42
    • 51 System Components—Operating System1:40
    • 52 System Components—Ring Model1:34
    • 53 System Components—System Kernel1:54
    • 54 Distributed Systems1:34
    • 55 Virtualization1:28
    • 56 Hypervisor1:45
    • 57 Cloud Computing1:10
    • 58 Service models2:15
    • 59 Grid Computing1:12
    • 60 Peer to Peer Networking (P2P)1:20
    • 61 Business Scenario1:56
    • 62 Security Threats and Countermeasures1:22
    • 63 Assessing and Mitigating Vulnerabilities and Threats2:30
    • 64 Assessing and Mitigating Vulnerabilities and Threats (contd.)1:54
    • 65 Assessing and Mitigating Vulnerabilities and Threats (contd.)2:5
    • 66 Best Practices1:45
    • 67 Best Practices (contd.)1:30
    • 68 Best Practices—Techniques and Technologies1:59
    • 69 Best Practices—Techniques and Technologies (contd.)1:30
    • 70 Best Practices—Techniques and Technologies (contd.)1:24
    • 71 Best Practices—Techniques and Technologies (contd.)1:37
    • 72 Best Practices—Techniques and Technologies (contd.)1:42
    • 73 Introduction to Cryptography3:40
    • 74 Cryptographic Lifecycle1:56
    • 75 Algorithm or Protocol Governance1:52
    • 76 Cryptography Terms3:45
    • 77 Strength of a Cryptosystem2:29
    • 78 Cryptography Methods—Substitution Cipher2:31
    • 79 Cryptography Methods—Transposition Cipher1:24
    • 80 Cryptography Methods—Book or Running Key Cipher2:9
    • 81 Cryptography Methods—Concealment Cipher1:43
    • 82 Cryptography Methods—Steganography and DRM2:19
    • 83 Business Scenario1:36
    • 84 Introduction to Symmetric Cryptography3:1
    • 85 Symmetric Key Ciphers2:16
    • 86 Block Cipher1:47
    • 87 Stream Cipher3:2
    • 88 Block Cipher Designs1:41
    • 89 Data Encryption Standard (DES)2:33
    • 90 DES Algorithm2:35
    • 91 DES Operation Modes—Electronic Code Book2:1
    • 92 DES Operation Modes—Cipher Block Chaining2:7
    • 93 DES Operation Modes—Cipher Feed Back2:22
    • 94 DES Operation Modes—Output Feed Back1:44
    • 95 DES Operation Modes—Counter2:1
    • 96 Triple DES2:46
    • 97 Advanced Encryption Standard (AES)2:17
    • 98 AES Algorithm1:14
    • 99 AES Algorithm—Key Expansion and Initial Round1:15
    • 100 Advanced Encryption Standard (AES) Algorithm—Rounds3:1
    • 101 AES Algorithm—Final Round1:8
    • 102 Other Symmetric Systems2:54
    • 103 Other Symmetric Systems (contd.)2:11
    • 104 Business Scenario1:43
    • 105 Introduction to Asymmetric Cryptography3:7
    • 106 Introduction to Asymmetric Cryptography—Diagram1:9
    • 107 Introduction to RSA Algorithm1:54
    • 108 RSA Algorithm Process2:20
    • 109 Other Types of Asymmetric Cryptography—Elliptic Curve Cryptosystems2:2
    • 110 Other Types of Asymmetric Cryptography—Diffie-Hellman Key Exchange1:35
    • 111 Public Key Cryptography2:25
    • 112 Symmetric vs. Asymmetric Cryptography3:45
    • 113 Advantages and Disadvantages1:54
    • 114 Introduction to Public Key Infrastructure3:15
    • 115 PKI Certification2:48
    • 116 PKI Certification (contd.)1:33
    • 117 PKI Steps—Part 11:44
    • 118 PKI Steps—Part 21:58
    • 119 One-Way Hash2:13
    • 120 Hashing Algorithms3:9
    • 121 Hashing Algorithms (contd.)2:41
    • 122 Salting1:34
    • 123 Message Authentication Code (MAC)2:50
    • 124 Digital Signatures2:15
    • 125 Key Management2:30
    • 126 Key Management Principles2:50
    • 127 Escrowed Encryption3:44
    • 128 Business Scenario1:58
    • 129 Need for Physical and Environmental Security2:50
    • 130 Business Scenario2:2
    • 131 Site and Facility Design Criteria3:27
    • 132 Information Protection Environment1:53
    • 133 Crime Prevention Through Environmental Design (CPTED)2:2
    • 134 Site Location2:38
    • 135 Construction2:8
    • 136 Support Facilities2:46
    • 137 Business Scenario1:51
    • 138 Secure Operational Areas4:15
    • 139 Business Scenario1:49
    • 140 Environmental Controls1:21
    • 141 Environmental Controls (Contd.)2:5
    • 142 Fire Detection and Suppression1:44
    • 143 Power Supply3:3
    • 144 Power Supply (contd.)1:57
    • 145 HVAC1:43
    • 146 Training and Awareness1:23
    • 147 Business Scenario1:0
    • 148 Quiz0:0
    • 149 Summary1:48
    • 150 Conclusion1:7
  • Domain 04 – Communications and Network Security255:44
    • 1 Domain 04—Communications and Network Security1:15
    • 2 Objectives1:27
    • 3 Importance of Communications and Network Security—Case Study1:39
    • 4 Introduction to Secure Network Architecture and Design1:26
    • 5 Open Systems Interconnection4:43
    • 6 OSI Model Layers2:15
    • 7 Physical Layer2:9
    • 8 Data Link Layer2:18
    • 9 Network Layer1:49
    • 10 Transport Layer2:1
    • 11 Session Layer1:52
    • 12 Presentation Layer2:16
    • 13 Application Layer1:47
    • 14 Transmission Control Protocol/Internet Protocol (TCP/IP) Model2:8
    • 15 Network Access Layer and Internet Layer2:8
    • 16 Host-to-Host Layer and Application Layer2:10
    • 17 Comparison of OSI and TCP/IP Models2:17
    • 18 Introduction to IP Addressing1:48
    • 19 IPv4 and IPv63:35
    • 20 Classful IP Addressing1:38
    • 21 Class A1:31
    • 22 Class B1:30
    • 23 Class C1:27
    • 24 Class D and Class E1:30
    • 25 Classless Inter-Domain Routing3:41
    • 26 Private Networks and Loopback Address2:42
    • 27 Types of IP Addressing2:15
    • 28 Routed and Routing Protocols2:56
    • 29 Types of Network Protocols1:15
    • 30 Transmission Control Protocol (TCP)2:6
    • 31 User Datagram Protocol (UDP)1:46
    • 32 Internet Protocol1:20
    • 33 Address Resolution Protocol2:37
    • 34 Internet Control Message Protocol (ICMP)1:29
    • 35 Hypertext Transfer Protocol (HTTP)2:56
    • 36 Implications of Multi-Layer Protocols1:53
    • 37 Distributed Network Protocol2:7
    • 38 LAN/Network Technologies5:14
    • 39 Transmission Media1:26
    • 40 Twisted Pair2:0
    • 41 Coaxial Cable Box2:45
    • 42 Fiber-Optic Cable Box2:42
    • 43 Network Topologies2:52
    • 44 Media Access Technologies1:46
    • 45 Carrier-Sense Multiple Access with Collision Detection2:20
    • 46 Carrier-Sense Multiple Access with Collision Avoidance2:4
    • 47 Flavors of LAN transmission methods1:30
    • 48 List of Networking Devices3:33
    • 49 VLANs3:8
    • 50 Gateways2:3
    • 51 Network Access Control Devices1:38
    • 52 Packet-Filtering and Application-Level3:40
    • 53 Circuit-Level and Stateful-Inspection2:39
    • 54 Firewall Architectures3:37
    • 55 Network Security Terms2:51
    • 56 Business Scenario1:26
    • 57 Networks2:9
    • 58 Types of Networks2:9
    • 59 WAN Technologies2:11
    • 60 WAN Switching and Devices2:55
    • 61 Network Address Translation and Frame Relay2:36
    • 62 Multi-Protocol Label Switching and VoIP1:58
    • 63 Fiber Channel over Ethernet and Internet Small Computer System Interface2:5
    • 64 Virtualized Networks2:2
    • 65 Introduction to Remote Access1:45
    • 66 VPN using PPTP and L2TP2:44
    • 67 Internet Security Protocol (IPsec)2:6
    • 68 Internet Security Protocol (IPsec) Modes of Operation2:47
    • 69 IPsec Security Protocols—Authentication Header (AH)3:44
    • 70 IPsec Security Protocols—Encapsulating Security Payload (ESP)2:26
    • 71 Components of the IPsec Process2:28
    • 72 Components of the IPsec Process (contd.)2:18
    • 73 IPsec Process1:59
    • 74 Secure Access Protocols3:49
    • 75 Secure Access Protocols (contd.)3:10
    • 76 Secure Access Protocols (contd.)2:3
    • 77 Remote Access Security Methods1:32
    • 78 Multimedia Collaboration1:52
    • 79 Wireless Technologies1:29
    • 80 IEEE Wireless Standards and Spread-Spectrum Technologies2:17
    • 81 Direct Sequence Spread Spectrum and Frequency-Hopping Spread Spectrum2:20
    • 82 WLAN Operational Modes2:30
    • 83 Bluetooth2:37
    • 84 Bluetooth Attack1:15
    • 85 Blue Jacking and Blue Snarfing2:9
    • 86 Blue Bugging, Backdoor Attacks, and Denial of Service Attacks2:3
    • 87 Wireless Security7:29
    • 88 Business Scenario1:49
    • 89 Network Attacks3:33
    • 90 Network Attacks (contd.)3:17
    • 91 Network Attacks—Countermeasures4:2
    • 92 Quiz0:0
    • 93 Summary1:40
    • 94 Conclusion1:8
  • Domain 05 – Identity and Access Management185:52
    • 1 Domain 05—Identity and Access Management1:15
    • 2 Objectives1:31
    • 3 Importance of Identity and Access Management in Information Security1:59
    • 4 Controlling Physical and Logical Access to Assets2:23
    • 5 Controlling Physical and Logical Access to Assets (contd.)2:51
    • 6 Access Subject Object and Access controls2:13
    • 7 Identity and Access Management Policy1:47
    • 8 Identification Authentication and Authorization2:21
    • 9 Identity Management1:32
    • 10 Identity and Access Provisioning Lifecycle2:28
    • 11 Identity and Access Provisioning Lifecycle (contd.)1:48
    • 12 Guidelines for User Identification1:53
    • 13 Verifying Identification Information2:41
    • 14 Strong Authentication2:26
    • 15 Biometrics—Characteristics3:11
    • 16 Types of Biometrics2:42
    • 17 FRR FAR CER3:4
    • 18 Passwords2:15
    • 19 Password Types2:43
    • 20 Tokens1:30
    • 21 Token Device—Synchronous1:48
    • 22 Token Device—Asynchronous1:40
    • 23 Memory Cards and Smart Cards2:39
    • 24 Attacks on Smart Cards—Fault Generation and Micro-Probing3:8
    • 25 Access Criteria3:4
    • 26 Authorization Concepts3:22
    • 27 Identity Management Implementation1:31
    • 28 Password Management3:2
    • 29 Directory Management2:5
    • 30 Directory Technologies2:35
    • 31 Accounts Management2:16
    • 32 Profile Management1:49
    • 33 Web Access Management1:30
    • 34 Single Sign-On (SSO)2:49
    • 35 SSO Technologies2:1
    • 36 Kerberos3:41
    • 37 Kerberos Steps2:35
    • 38 Problems with Kerberos1:54
    • 39 Business Scenario2:1
    • 40 Access Control Types—Security Layer2:17
    • 41 Access Control Types—Functionality2:39
    • 42 Business Scenario1:24
    • 43 Access Control Models—DAC1:0
    • 44 Access Control Models—MAC1:0
    • 45 Access Control Models—RBAC1:51
    • 46 Business Scenario1:28
    • 47 Access Control Concepts4:12
    • 48 Types of Access Control Administration3:19
    • 49 Remote Authentication Dial-In User Service (RADIUS)2:50
    • 50 TACACS and TACACS+1:56
    • 51 DIAMETER1:58
    • 52 Accountability2:43
    • 53 Accountability (contd.)1:40
    • 54 Session Management1:56
    • 55 Registration and Proof of Identity1:42
    • 56 Credential Management Systems1:47
    • 57 Credential Management Systems—Risks and benefits1:42
    • 58 Federated Identity Management1:45
    • 59 Federated Identity Management Models1:51
    • 60 Federated Identity Management Models (contd.)2:6
    • 61 Federated Identity Management Models (contd.)1:48
    • 62 Identity as a Service1:44
    • 63 Identity as a Service—Functionality2:53
    • 64 Identity as a Service—Possible Issues2:7
    • 65 Integrate Third-Party Identity Services2:5
    • 66 Integrate Third-Party Identity Services (contd.)1:49
    • 67 Unauthorized Disclosure of Information4:37
    • 68 Threats to Access Control5:27
    • 69 Protection against Access Control Attacks1:39
    • 70 Access Control Best Practices1:53
    • 71 Access Control Best Practices (contd.)1:29
    • 72 Quiz0:0
    • 73 Summary1:39
    • 74 Conclusion1:7
  • Domain 06 – Security Assessment and Testing93:8
    • 1 Domain 06—Security Assessment and Testing1:14
    • 2 Objectives1:25
    • 3 Security Assessment and Testing—Introduction1:36
    • 4 Assessment and Test Strategies1:48
    • 5 Vulnerability Assessment2:4
    • 6 Penetration Testing2:18
    • 7 Log Management2:14
    • 8 Log Management—Advantages and Challenges1:44
    • 9 Log Management—Best Practices1:48
    • 10 Log Management—Operational Process1:40
    • 11 Logged Events1:27
    • 12 Synthetic Transactions1:59
    • 13 Reasons to Use Synthetic Transactions1:51
    • 14 Code Review and Testing1:49
    • 15 Testing Techniques2:16
    • 16 Security Testing in the SDLC2:55
    • 17 Software Product Testing Levels2:5
    • 18 Misuse Case Testing1:37
    • 19 Misuse Case Testing—Scenarios2:19
    • 20 Test Coverage Analysis1:38
    • 21 Interface Testing1:35
    • 22 API Testing (contd.)1:59
    • 23 Interface Testing (contd.)1:27
    • 24 GUI Testing1:51
    • 25 Common Software Vulnerabilities2:28
    • 26 Business Scenario1:54
    • 27 Information Security Continuous Monitoring2:32
    • 28 Information Security Continuous Monitoring—Strategy and Process2:55
    • 29 Risk Evaluation and Control—Metrics1:0
    • 30 Security Controls Monitoring Frequencies3:24
    • 31 ISCM—Benefits1:50
    • 32 Key Performance and Risk Indicators2:12
    • 33 Internal and Third Party Audits2:33
    • 34 Audit Frequency and Scope1:47
    • 35 Statement on Auditing Standards No. 702:43
    • 36 Service Organization Controls1:57
    • 37 SOC 1 Report2:23
    • 38 SOC 2 Report2:40
    • 39 SOC 2 Reports (contd.)2:7
    • 40 SOC 3 Report1:41
    • 41 SOC 1, SOC 2, and SOC 3 Comparison1:58
    • 42 Audit Process—Audit Preparation Phase2:3
    • 43 Audit Process—Audit Phase1:43
    • 44 Business Scenario1:36
    • 45 Quiz0:0
    • 46 Summary1:52
    • 47 Conclusion1:7
  • Domain 07 – Security Operations373:48
    • 1 Domain 07—Security Operations1:15
    • 2 Objectives1:24
    • 3 Importance of Security Operations—Case Study1:47
    • 4 Introduction to Investigations1:41
    • 5 Investigation Challenges2:4
    • 6 Investigations—Primary Activities2:51
    • 7 Crime Scene1:52
    • 8 Forensic Investigation Guidelines2:7
    • 9 Incident Response Terminologies2:53
    • 10 Incident Response Goals1:28
    • 11 Incident Response Team2:39
    • 12 Incident Response Procedures3:19
    • 13 Incident Response Procedures (contd.)1:59
    • 14 Incident Response Procedures (contd.)1:27
    • 15 Incident Response Procedures (contd.)1:31
    • 16 Business Scenario1:52
    • 17 Evidence2:21
    • 18 Evidence Lifecycle2:17
    • 19 Chain of Evidence2:4
    • 20 Types of Evidence4:47
    • 21 Computer Forensics Procedure1:50
    • 22 Requirements for Investigation Types2:15
    • 23 Logging and Monitoring Activities1:40
    • 24 Intrusion Detection System3:52
    • 25 Intrusion Prevention System3:30
    • 26 Security Information and Event Management (SIEM)2:12
    • 27 Security Information and Event Management (SIEM)—Characteristics1:45
    • 28 Continuous Monitoring1:53
    • 29 Egress Filtering1:0
    • 30 Data Leak or Loss Prevention (DLP)2:26
    • 31 Steganography and Digital Watermarking1:58
    • 32 Business Scenario1:44
    • 33 Secure Provisioning of Resources through Configuration Management2:8
    • 34 Secure Provisioning of Resources through Configuration Management (contd.)1:52
    • 35 Introduction to Security Operations1:37
    • 36 Security Operations Concepts1:44
    • 37 Security Operations1:51
    • 38 Effects of Operations Controls on C.I.A.1:29
    • 39 Business Scenario2:3
    • 40 Operational Resilience2:8
    • 41 Threats to Operations3:12
    • 42 Threats to Operations (contd.)3:36
    • 43 Vulnerabilities4:30
    • 44 Controls2:49
    • 45 Business Scenario1:44
    • 46 Need for Controlling Privileged Accounts2:18
    • 47 Identity and Access Management2:30
    • 48 Types of Accounts2:29
    • 49 Commonly Used Roles2:1
    • 50 Commonly Used Roles (contd.)2:53
    • 51 Monitoring Special Privileges1:33
    • 52 Service Level Agreements (SLAs)2:15
    • 53 Business Scenario1:45
    • 54 Protect Valuable Assets2:28
    • 55 Protecting Physical Assets1:45
    • 56 Protecting Information Assets2:7
    • 57 Protecting Resources2:33
    • 58 Controls for Protecting Assets—Hardware Controls2:51
    • 59 Controls for Protecting Assets—Software Controls3:2
    • 60 Controls for Protecting Assets—Media Controls2:0
    • 61 Controls for Protecting Assets—Administrative Controls3:51
    • 62 Cloud and Virtual Storage1:53
    • 63 Cloud and Virtual Storage Security Issues1:53
    • 64 Types of Virtualized Storage2:0
    • 65 Hard Copy Records1:46
    • 66 Business Scenario1:34
    • 67 Incident Management2:46
    • 68 Security Measurements, Metrics, and Reporting1:32
    • 69 Managing Security Technologies1:42
    • 70 Incident Management—Detection Phase1:27
    • 71 Intrusion Detection System1:46
    • 72 Security Information Event Management (SIEM)3:38
    • 73 Anti-Malware Systems1:59
    • 74 Monitoring Techniques—Violation Analysis2:12
    • 75 Incident Management—Other Phases1:57
    • 76 Trusted Recovery and System Recovery2:54
    • 77 Problem Management2:29
    • 78 Operating and Maintaining Preventive Measures2:2
    • 79 Patch Management2:15
    • 80 Vulnerability Management2:19
    • 81 Change Management2:39
    • 82 Change Control Process2:23
    • 83 Configuration Management3:24
    • 84 Configuration Management (contd.)1:26
    • 85 Business Scenario1:37
    • 86 Develop a Recovery Strategy2:18
    • 87 Types of Recovery—Business Recovery and Facility and Supply Recovery1:44
    • 88 Types of Recovery—User Recovery1:29
    • 89 Types of Recovery—Operational Recovery1:56
    • 90 Recovery Partners Strategy3:44
    • 91 Backup Sites1:51
    • 92 Backup Sites (contd.)4:6
    • 93 Backup Sites (contd.)2:36
    • 94 Backup Methods2:36
    • 95 Importance of Maintaining Resilient Systems3:35
    • 96 Redundancy and Fault Tolerance2:54
    • 97 Redundancy and Fault Tolerance Methods2:13
    • 98 Redundancy and Fault Tolerance Methods (contd.)5:21
    • 99 Best Practices for Backup and Recovery1:55
    • 100 Business Scenario1:43
    • 101 Disaster Recovery—Planning Design and Development1:37
    • 102 Planning Design and Development—Step 1 and Step 22:38
    • 103 Planning Design and Development—Step 3 and Step 43:19
    • 104 Disaster Recovery Phases—Implementation, Testing, and Training1:44
    • 105 Importance of Testing1:19
    • 106 Types of Testing2:4
    • 107 Types of Testing (contd.)2:30
    • 108 Types of Testing (contd.)2:54
    • 109 Training3:57
    • 110 Disaster Recovery Phases—Maintenance3:49
    • 111 Disaster Recovery Phases—Maintenance (contd.)1:26
    • 112 Business Scenario2:4
    • 113 Perimeter Security2:32
    • 114 Barriers1:37
    • 115 Fences2:14
    • 116 Gates2:40
    • 117 Walls and Bollards2:13
    • 118 Perimeter Intrusion Detection5:26
    • 119 Business Scenario1:42
    • 120 Importance of Lighting2:12
    • 121 Types of Lighting Systems2:20
    • 122 Types of Lights2:21
    • 123 Access Control2:41
    • 124 Types of Access Control Systems7:33
    • 125 Business Scenario1:42
    • 126 Building and Inside Security9:5
    • 127 Personnel Security2:28
    • 128 Business Scenario1:50
    • 129 Quiz0:0
    • 130 Summary1:0
    • 131 Conclusion1:6
Domain 08 – Software Development Security222:50
  • 1 Domain 08 – Software Development Security1:15
  • 2 Objectives1:25
  • 3 Importance of Software Development Security1:51
  • 4 System Environments2:9
  • 5 Distributed Environment1:11
  • 6 Client/Server Systems and Local Environment1:35
  • 7 Distributed Data Processing and Agents1:45
  • 8 Applets1:42
  • 9 Programming Concepts2:22
  • 8.010 Complier Vs Interpreter2:39
  • 11 Programming and Software2:40
  • 12 Threats in the Software Environment2:15
  • 13 Threats in the Software Environment (contd.)3:11
  • 14 Threats in the Software Environment (contd.)2:7
  • 15 Threats in the Software Environment (contd.)2:3
  • 16 Threats in the Software Environment (contd.)1:49
  • 17 Threats in the Software Environment (contd.)1:46
  • 18 Business Scenario2:12
  • 19 System Life Cycle and Systems Development3:35
  • 20 Systems Development Life Cycle3:31
  • 21 SDLC—Operation and Maintenance1:42
  • 22 Integrated Product Team (IPT)1:42
  • 23 DevOps1:39
  • 24 Software Testing Methods4:18
  • 25 Software Testing Levels1:43
  • 26 Application Controls1:35
  • 27 Software Development Methods2:9
  • 28 Software Development Methods (contd.)2:9
  • 29 Software Development Methods (contd.)1:53
  • 30 Software Development Methods (contd.)1:54
  • 31 Software Development Methods (contd.)2:32
  • 32 Java Security1:57
  • 33 Secure Software Development Best Practices1:47
  • 34 Business Scenario2:5
  • 35 Object – Oriented Programming Terms2:1
  • 36 Object – Oriented Programming Terms (contd.)1:34
  • 37 Object-Oriented Programming—Definition2:23
  • 38 Distributed Object-Oriented Systems2:47
  • 39 Object Request Brokers1:49
  • 40 COM—Component Object Model1:28
  • 41 DCOM—Distributed Component Object Model1:38
  • 42 CORBA—Common Object Request Broker Architecture1:58
  • 43 Software Security and Assurance2:18
  • 44 Software Security and Assurance (contd.)1:43
  • 45 Software Security and Assurance (contd.)1:53
  • 46 Software Security and Assurance (contd.)1:42
  • 47 Software Security and Assurance (contd.)1:41
  • 48 Software Security and Assurance (contd.)1:50
  • 49 Software Security and Assurance (contd.)1:40
  • 50 Software Security and Assurance (contd.)1:55
  • 51 Software Security and Assurance (contd.)1:40
  • 52 Software Security and Assurance (contd.)1:36
  • 53 Software Security and Assurance (contd.)1:56
  • 54 Software Security and Assurance (contd.)1:54
  • 55 Software Security and Assurance (contd.)1:35
  • 56 Software Security : XML and Security Assertion Markup Language2:23
  • 57 Software Security: SOA3:15
  • 58 Audit and Assurance Mechanisms3:24
  • 59 Assessing the Effectiveness of Software Security1:51
  • 60 Assessing the Effectiveness of Software Security (contd.)1:51
  • 61 Assessing the Security Impact of Acquired Software2:15
  • 62 Code Repositories and Application Programming Interfaces2:4
  • 63 Business Scenario1:47
  • 64 Database and Data Warehousing Environments2:25
  • 65 Database Terms2:9
  • 66 Types of Databases1:27
  • 67 Types of Databases (contd.)1:27
  • 68 Types of Databases (contd.)1:41
  • 69 Types of Databases (contd.)1:29
  • 70 Types of Databases (contd.)1:43
  • 71 Database—Threats and Vulnerabilities5:40
  • 72 Introduction to Data Warehousing2:4
  • 73 Data Warehousing Concepts2:57
  • 74 Database Normalization2:17
  • 75 DBMS Controls5:26
  • 76 Business Scenario1:39
  • 77 Malwares—Types5:56
  • 78 Malware Protection2:31
  • 79 Business Scenario1:35
  • 80 Importance and Role of Knowledge Management2:3
  • 81 Knowledge-Based System/Artificial Intelligence1:33
  • 82 Knowledge-Based System—Expert System2:22
  • 83 Knowledge-Based System—Neural Network2:33
  • 84 Web Application Environment—Threats and Vulnerabilities2:35
  • 85 Web Application Environment Security2:3
  • 86 Web Application Environment Security (contd.)2:14
  • 87 Web Application Environment Security (contd.)1:34
  • 88 Web Application Environment Security (contd.)1:45
  • 89 The Ten Best Practices for Secure Software Development—(ISC)27:28
  • 90 Quiz0:0
  • 91 Summary2:7
  • 92 Conclusion

Who should do this course?

.

Who should do this course?

The CISSP certification course is suitable for IT managers, security consultants, security analysts, IT professionals, network engineers, and so on.