To reinforce what you’ve learned, each video ends with a 3-Second Challenge so you can assess your knowledge, as well as a Security-in-Action review with real-world scenarios so you can apply these concepts to real-life scenarios. Throughout the course, Sari walks you through practice exam questions with a focus on test-taking strategies.
Topics include
Intermediate
Learn How To
This complete video course is designed primarily for individuals interested in pursuing the CISSP certification. (ISC)2 requires CISSP candidates to have at least five years of cumulative, paid, full-time work experience in at least two of the (ISC)2 CISSP Common Body of Knowledge (CBK) domains. An understanding of the basic concepts of information security and computer networking is also recommended.
About Pearson Video Training
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more.
Learn more about Pearson Video training at http://www.informit.com/video .
Introduction
CISSP: Introduction
Module 1: Security and Risk Management Domain
Module introduction
Lesson 1: Understand, Adhere to, and Promote Professional Ethics
Learning objectives
1.1 Organizational and Professional Ethics
Lesson 2: Understand and Apply Security Concepts
Learning objectives
2.1 Information Security Fundamentals
Lesson 3: Evaluate and Apply Security Governance Principles
Learning objectives
3.1 Strategic Alignment
3.2 Organizational Roles and Responsibilities
3.3 Security Control Frameworks
Lesson 4: Determine Compliance and Other Requirements
Learning objectives
4.1 Regulatory and Contractual Obligations
4.2 Privacy and Data Protection
Lesson 1-4 Assessment
Lesson 5: Understand Legal and Regulatory Issues that Pertain to Information Security in a Holistic Context
Learning objectives
5.1 Cybercrime and Data Breaches
5.2 Data Flow
Lesson 6: Understand Requirements for Investigation Types
Learning objectives
6.1 Investigation Objectives and Requirements
Lesson 7: Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
Learning objectives
7.1 Governance Documents
Lesson 8: Identify, Analyze, and Prioritize Business Continuity Requirements
Learning objectives
8.1 Business Continuity Planning
8.2 Business Impact Analysis
Lesson 9: Contribute to and Enforce Personnel Security Policies and Procedures
Learning objectives
9.1 Personnel Policies and Agreements
9.2 Personnel Security Practices
Lesson 5-9 Assessment
Lesson 10: Understand and Apply Risk Management Concepts
Learning objectives
10.1 Risk Management Concepts
10.2 Risk Management Frameworks
10.3 Risk Assessment
10.4 Controls and Countermeasures
Lesson 11: Understand and Apply Threat Modeling Concepts and Methodologies
Learning objectives
11.1 Threat Actors and Attributes
11.2 Threat Modeling
11.3 Attack Vectors
11.4 Threat Intelligence
Lesson 12: Apply Supply Chain Risk Management Concepts
Learning objectives
12.1 Supply Chain Risk Management
Lesson 13: Establish and Maintain a Security Awareness, Education, and Training Program
Learning objectives
13.1 SETA Principles and Practices
13.2 Social Engineering
Lesson 10-13 Assessment
Module 2: Asset Security
Module introduction
Lesson 14: Identify and Classify Information and Assets
Learning objectives
14.1 Asset Classification
Lesson 15: Establish Information and Asset Handling Requirements
Learning objectives
15.1 Data and Asset Handling
Lesson 16: Provision Resources Securely
Learning objectives
16.1 Asset Management
Lesson 17: Manage Data Lifecycle
Learning objectives
17.1 Data Collection and Retention
17.2 Deletion and Destruction
Lesson 18: Ensure Appropriate Asset Retention
Learning objectives
18.1 Asset Lifecycle - EOL
Lesson 19: Determine Data Security Controls and Compliance Requirements
Learning objectives
19.1 Control Baselines, Tailoring, and Scoping
19.2 Data Protection Methods
Lesson 14-19 Assessment
Module 3: Security Architecture and Engineering
Module introduction
Lesson 20: Research, Implement, and Manage Engineering Processes Using Secure Design Principles
Learning objectives
20.1 Secure Design Principles
Lesson 21: Understand the Fundamental Concepts of Security Models
Learning objectives
21.1 Information Security Models
Lesson 22: Select Controls Based Upon System Security Requirements
Learning objectives
22.1 Security Evaluation Criteria
Lesson 23: Understand Security Capabilities of Information Systems
Learning objectives
23.1 Information Systems Security Capabilities
Lesson 20-23 Assessment
Lesson 24: Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
Learning objectives
24.1 Traditional Systems Architectures
24.2 Database Systems
24.3 Cloud-based Systems
24.4 Embedded Systems
24.5 IoT and IIoT
24.6 Virtualized Systems
24.7 Automation and Solution Elements
Lesson 24 Assessment
Lesson 25: Select and Determine Cryptographic Solutions
Learning objectives
25.1 Ciphers and Keys
25.2 Symmetric Encryption
25.3 Asymmetric Encryption
25.4 Hashing and Digital Signatures
25.5 PKI and Digital Certificates
25.6 Emerging Cryptography
Lesson 26: Understand Methods of Cryptanalytic Attacks
Learning objectives
26.1 Cryptographic Attacks
26.2 Hash and Kerberos Post-Exploitation Attacks
26.3 Ransomware
Lesson 25-26 Assessment
Lesson 27: Apply Security Principles to Site and Facility Design
Learning objectives
27.1 Physical Security Principles
Lesson 28: Design Site and Facility Security Controls
Learning objectives
28.1 Site and Building Security
28.2 Environmental Impact
Lesson 27-28 Assessment
Module 4: Communication and Network Security
Module introduction
Lesson 29: Assess and Implement Secure Design Principles in Network Architecture
Learning objectives
29.1 Network Models
29.2 IP Networking
29.3 Non-IP Networking
29.4 Secure Communications Protocols
29.5 Secure Network Protocols
29.6 Micro-segmentation
29.7 Wireless Architecture
Lesson 29 Assessment
Lesson 30: Secure Network Components
Learning objectives
30.1 Wired Transmission
30.2 Wireless (Wi-Fi) Transmission
30.3 Security Zones and Firewalls
30.4 Network Access Control
30.5 Endpoint Security
Lesson 30 Assessment
Lesson 31: Implement Secure Communication Channels According to Design
Learning objectives
31.1 Voice-over-IP (VoIP)
31.2 Multimedia Collaboration
31.3 Remote Access
31.4 Virtual Private Cloud
Lesson 31 Assessment
Module 5: Identity and Access Management (IAM)
Module introduction
Lesson 32: Control Physical and Logical Access to Assets
Learning objectives
32.1 Access Control Fundamentals
Lesson 33: Manage Identification and Authentication of People, Devices, and Services
Learning objectives
33.1 Identity Management (IdM)
33.2 Authentication Factors
33.3 Biometric Authentication
Lesson 34: Federated Identity with a Third-party Service
Learning objectives
34.1 Federated Identity Management
Lesson 35: Implement and Manage Authorization Mechanisms
Learning objectives
35.1 Authorization and Access Controls
Lesson 32-35 Assessment
Lesson 36: Manage the Identity and Access Provisioning Lifecycle
Learning objectives
36.1 Identity and Access Management
36.2 Privileged Accounts
Lesson 37: Implement Authentication Systems
Learning objectives
37.1 Authentication Protocols
37.2 FIDO and WebAuthn
Lesson 36-37 Assessment
Module 6: Security Assessment and Testing
Module introduction
Lesson 38: Design and Validate Assessment, Test, and Audit Strategies
Learning objectives
38.1 Security Assessment Overview
38.2 Planning Engagements
Lesson 39: Conduct Security Controls Testing
Learning objectives
39.1 Infrastructure Testing
39.2 Penetration Testing
39.3 Code Assessment
Lesson 38-39 Assessment
Lesson 40: Collect Security Process Data
Learning objectives
40.1 Management Metrics
40.2 SETA Measures and Metrics
40.3 Continuous Monitoring
Lesson 41: Analyze Test Output and Generate Report
Learning objectives
41.1 Reporting and Response
Lesson 42: Conduct or Facilitate Security Audits
Learning objectives
42.1 Security Audits
Lesson 40-42 Assessment
Module 7: Security Operations
Module introduction
Lesson 43: Understand and Comply with Investigations
Learning objectives
43.1 Evidence Handling
43.2 Digital Forensics
Lesson 44: Conduct Logging and Monitoring Activities
Learning objectives
44.1 Logging and Analysis
44.2 Detection and Response Tools
Lesson 45: Perform Configuration Management
Learning objectives
45.1 Configuration Management
45.2 Automated Provisioning
Lesson 46: Apply Foundational Security Operations Concepts
Learning objectives
46.1 Security Operations
Lesson 47: Apply Resource Protection
Learning objectives
47.1 Media Management and Protection
47.2 Mobile Device Management
Lesson 43-47 Assessment
Lesson 48: Conduct Incident Management
Learning objectives
48.1 Incident Management Planning
48.2 Incident Response and Handling
Lesson 49: Operate and Maintain Detective and Preventative Measures
Learning objectives
49.1 Detective and Preventative Controls
49.2 Anti-Malware Tools and Techniques
49.3 Adversarial Artificial Intelligence
49.4 Deception and Disruption
Lesson 50: Implement and Support Patch and Vulnerability Management
Learning objectives
50.1 Vulnerability and Patch Management
Lesson 51: Understand and Participate in Change Management Process
Learning objectives
51.1 Change Management
Lesson 48-51 Assessment
Lesson 52: Implement Recovery Strategies
Learning objectives
52.1 Backup and Recovery
52.2 Resiliency
Lesson 53: Implement Disaster Recovery Processes
Learning objectives
53.1 Disaster Response and Recovery
Lesson 54: Test Disaster Recovery Plans
Learning objectives
54.1 DRP Training and Testing
Lesson 55: Participate in Business Continuity (BC) Planning and Exercises
Learning objectives
55.1 Business Continuity Integration
Lesson 56: Implement and Manage Physical Security
Learning objectives
56.1 Perimeter and Internal Security Controls
Lesson 57: Address Personnel Safety and Security Concerns
Learning objectives
57.1 Workplace Safety
Lesson 52-57 Assessment
Module 8: Software Development Security
Module introduction
Lesson 58: Understand and Integrate Security in the Software Development Lifecycle
Learning objectives
58.1 Software Development Lifecycle
58.2 Security Collaboration
Lesson 59: Identify and Apply Security Controls in Software Development Ecosystems
Learning objectives
59.1 Code, Languages, Libraries, and Tools
59.2 Secure Staging
Lesson 58-59 Assessment
Lesson 60: Assess the Effectiveness of Software Security
Learning objectives
60.1 Software Security Assessment
Lesson 61: Assess the Security Impact of Acquired Software
Learning objectives
61.1 Software Procurement and Acquisition
Lesson 62: Define and Apply Secure Coding Guidelines and Standards
Learning objectives
62.1 Source Code Flaws
62.2 Input and Output Validation
62.3 Secure Coding Practices
Lesson 60-62 Assessment
Module 9: Attaining and Maintaining Your CISSP
Module introduction
Lesson 63: Preparing for Your Examination
Learning objectives
63.1 Understanding the Exam Structure
63.2 Test Taking Strategies
63.3 Preparing for Test Day
Lesson 64: The Certification Process
Learning objectives
64.1 What to Expect at the Testing Center
64.2 Endorsement and Continuing Education
Summary
CISSP: Summary