Danh mục
Duocmmo Tedu Tin học văn phòng Laravel Cyberlearn Khoá học miễn phí Tất cả khoá học
Get link khoá học
Trang chủ
IT & Software
IT Certifications
Certified Information Systems Security Professional (CISSP)
CISSP - The Complete Exam Guide

CISSP - The Complete Exam Guide

Loại khoá học: IT Certifications

This Course Covers the Content to Help You Prepare For the CISSP Certification.

image
50.000 VND
99 VND
Đầy Đủ Bài Giảng
Học Online Tiện Lợi
Kích Hoạt Nhanh 2-5 Phút
Thanh toán tự động
Được phép tải xuống

Tổng quan

Nội dung khoá học

Đánh giá

Mô tả

CISSP is the gold standard for security certifications. It covers the breadth of information security’s deep technical and managerial concepts. Learning to effectively design, engineer, and manage the overall security posture of an organization.

This course covers Domain 1 - Security and Risk Management. This domain is one of the most important domains in the CISSP exam. It lays the foundation, covering security concepts that all the other domains build upon. Understanding exactly what security means and the core concepts around assessing and managing the wide array of risks we face is fundamental to every domain in the CISSP.
Domain 2 - Asset Security. An asset is anything we value. When we have highly valued assets, such as sensitive data, securing those assets throughout their lifecycle is paramount. We will learn about data standards, classification, regulations, retention, and controls to protect organizational value.
Domain 3 - Security Engineering. Engineering is about understanding and designing systems that work. Security is a fundamental part of any well-designed system. This domain will help you understand the engineering lifecycle and various models and security components required in data structures and physical facilities. We also learn how cryptography fits in to information security.
Domain 4 - Communication and Network Security. Information is not just stored; it is also transmitted and must be secured in transit. Understanding networking models, protocols, hardware components, and possible attack vectors is vital to information security. It is one of the most important domains on the CISSP exam.
Domain 5 - Identity and Access Management. Controlling who can access valuable resources can lead to proper confidentiality, integrity, and availability. A CISSP must understand mechanisms and techniques to verify a subject’s authenticity before authorizing access. They must be able to assure that only proper interactions have occurred and mitigate potential attacks.
Domain 6 - Security Assessment and Testing. Understanding the effectiveness of your security measures is vital. As you collect and review logs, verify software development security, and undergo security audits and certification you can have some assurance and insight into your security status and needs.
Domain 7- Security Operations. From incident response that involves investigation of evidence to facility access management and disaster recovery planning, testing, and implementation, this domain requires putting security principles and concepts into practice.
Domain 8 - Security in the Software Development Life Cycle. Many of the most publicized security issues have stemmed from flaws in the software code. While a CISSP does not have to be a software developer, they must understand and be able to communicate software development security needs. In this domain you will learn important terminology and concepts of software development.

Bạn sẽ học được gì

Understanding Information Security Concepts in Domain 1 - Security and Risk Management

Defining Security

Security Governance

Effective Security Program

Compliance

Global Legal and Regulatory Issues

Understand Professional Ethics

Business Continuity (BC) & Disaster Recovery (DR) Requirements

Manage Personnel Security

Risk Management Concepts

Threat Modeling

Acquisitions Strategy and Practice

Security Education, Training, and Awareness

Understanding Information Security Concepts in Domain 2 - Asset Security Managing Data: Determining and Maintaining Data Ownership

Data Standards

Protecting Data

Protecting Data Classifying Information and Supporting Assets

Ensuring Appropriate Retention Determining Data Security Controls

Selecting Standards

Understanding Information Security Concepts in Domain 3 - Security Engineering

Using Security Design Principles in The Engineering Lifecycle

Understanding Fundamental Concepts of Security Models

Exploring Information Systems Security Evaluation Models

Ensuring Security Capabilities of Information Systems

Discovering Vulnerabilities of Security Architectures

Securing Databases

Analyzing Vulnerabilities and Threats

Applying and Using Cryptography

Implementing and Operating Facilities Security

Site Planning

Understanding Information Security Concepts in Domain 4- Communication and Network Security

Secure Network Architecture and Design

Implications of Multi-Layer Protocols

Converged Protocols

Securing Network Components

Network Attacks

Understanding Information Security Concepts in Domain 5 - Identity and Access Management

Physical and Logical Access to Assets

Integrate Third-Party Identity Services

Implement and Manage Authorization Mechanisms

Prevent or Mitigate Access Control Attacks Identity and Access Provisioning Lifecycle

Assessment and Test Strategies Collect Security Process Data Internal and Third-Party Audits

Resource Protection and Incident Response

Preventative Measures against Attacks

Patch and Vulnerability Management

Change and Configuration Management

The Disaster Recovery Process

Business Continuity and Other Risk Areas

Building and Inside Security

Security of the Software Environment

Assess the Effectiveness of Software Security

Assess Software Acquisition Security

Understanding Information Security Concepts in Domain 6 - Security Assessment and Testing

Understanding Information Security Concepts in Domain 7 Security Operations

Understanding Information Security Concepts in Domain 8 - Security in the Software Development Life Cycle

Yêu cầu

  • 5 Years IT/Security experience

Nội dung khoá học

11 sections

Introduction to the Complete Exam Guide

1 lectures
Introduction
16:20

CISSP Domain 1: Security and Risk Management

37 lectures
Defining Security
04:11
Supporting the Goals, Mission, and Objectives of the Organization
07:06
Understanding Organizational Processes
08:59
Defining Security Roles and Responsibilities
09:55
Understanding Information Security Strategies
03:48
Ensuring Oversight Committee Representation
05:16
Utilizing Control Frameworks
12:45
Practicing Due Care and Due Diligence
08:26
Applying Governance, Risk Management, and Compliance
06:27
Ensuring Legislative and Regulatory Compliance
03:05
Complying with Privacy Requirements
04:47
Defining Computer/Cyber Crime
03:23
Licensing and Intellectual Property
08:41
Importing/Exporting and Trans-Border Data Flow
07:00
Protecting Privacy
04:00
Understanding Data Breaches
03:54
Exploring Relevant Laws and Regulations
03:36
Exploring Topics in Computer Ethics
08:54
Understanding Codes of Ethics
07:12
Defining Security Documentation
06:42
Initiating a Business Continuity and Disaster Recovery Project
11:09
Assessing Exposure to Outages
08:30
Employment Candidate Screening
04:44
Understanding Employment Agreements and Policies
07:47
Reviewing Employee, Vendor, Consultant, and Contractor Controls
11:17
Defining Organizational Risk Management Concepts
06:06
Risk Management Concepts
08:03
Mastering Risk Assessment Methodologies
07:14
Quantitative Risk Assessments
07:40
Responding to Risk
06:27
Implementing Risk Countermeasures
10:12
Defining Access Control Types
13:13
Assessing/Monitoring and Measuring Controls
11:38
Discussing Risk Management Frameworks
03:08
Threat Modeling
07:51
Acquisition Strategy and Practice
12:43
Security Education, Training, and Awareness
07:09

CISSP Domain 2: Asset Security

28 lectures
Data Policy
02:37
Roles and Responsibilities
03:28
Data Ownership
02:52
Data Custodianship
02:36
Data Quality
06:04
Data Documentation and Organization
06:30
Data Lifecycle Control
05:04
Data Specification and Modeling
06:05
Database Maintenance
02:43
Data Audit
03:45
Data Storage and Archiving
03:45
Data Security
04:33
Data Access, Sharing, and Dissemination
02:37
Data Publishing
09:25
Aspects of the Classification Policy
02:55
Classification Policy
07:33
Managing Assets
09:04
Laws Adopted Worldwide
07:01
Media, Hardware, and Personnel
03:29
Company Data Retention Policy
02:41
Data at Rest
04:25
Data in Transit
08:57
Baselines
03:13
Scoping and Tailoring
03:29
United States Resources
06:43
International Resources
03:20
National Cyber Security Framework Manual
02:01
Improving Critical Infrastructure Cybersecurity
06:34

CISSP Domain 3: Security Engineering

62 lectures
Systems Engineering
07:43
Common System Components
09:02
Enterprise Security Architecture
08:55
Common Architecture Frameworks
04:07
Introducing Types of Security Models
04:24
The Bell-LaPadula Confidentiality Model
05:45
The Biba Integrity Model
05:21
The Clark-Wilson Integrity Model
04:35
Other Types of Security Models
04:30
Capturing and Analyzing Requirements
03:48
Creating and Documenting Security Architecture
03:01
Common Formal Security Models
03:42
Trusted Computer System Evaluation Criteria
05:53
Information Technology Security Evaluation Criteria
03:47
The Common Criteria
03:54
Industry and International Security Implementation Guidelines
08:31
Access Control Mechanisms
03:28
Secure Memory Management
10:44
Systems
07:18
Technology and Process Integration
06:41
Single Point of Failure (SPOF)
05:22
Client-Based Vulnerabilities
06:56
Server-Based Vulnerabilities
04:46
Database Security
07:11
Large Scale Parallel Data Systems
03:27
Distributed Systems
06:56
Rapid Elasticity
08:35
Cryptographic Systems
09:10
Stream-Based Ciphers
11:03
Block Ciphers
05:45
Defining Symmetric Cryptography
04:28
Counter Mode Algorithms
07:54
Defining Asymmetric Cryptography
06:22
Asymmetric Cryptography
06:04
Hashing and Hybrid Cryptography
06:06
Web Based Vulnerabilities and Threats
05:35
Risks from Remote Computing
02:39
Risks from Mobile Workers
03:29
Embedded Cyber Physical Systems (CPS)
02:47
The History of Cryptography
03:26
Emerging Technology
02:27
Core Information Security Principles
03:10
Additional Features of Cryptographic Systems
02:15
The Cryptographic Lifecycle
05:57
Public Key Infrastructure (PKI)
08:16
Key Management Process
03:03
Creation and Distribution of Keys
04:09
Digital Signatures
03:29
Digital Rights Management (DRM)
03:52
Non-Repudiation
00:48
Hashing
06:48
Hash Functions
05:33
Methods of Cryptanalytic Attacks
08:25
Roadway Design
02:38
Crime Prevention through Environmental Design
01:56
Windows
03:51
Garages
01:53
Location Threats
07:58
Federal Emergency Management Agency (FEMA) Publications
01:43
Communications and Server Rooms
02:25
Restricted and Work Area Security
02:49
Data Center Security
07:34

CISSP Domain 4: Communication & Network Security

33 lectures
Introducing OSI and TCP/IP
09:41
OSI and TCP/IP Lower Layers
13:51
OSI and TCP/IP Upper Layers
08:27
IP Networking Part 1
08:44
IP Networking Part 2
12:06
Directory Services
11:52
SCADA
03:50
Implementation
03:39
Voice over Internet Protocol (VoIP)
05:05
Wireless
05:37
Wireless Security Issues
05:35
Cryptography Used to Maintain Communications Security
08:58
Introductory Concepts
08:33
Hardware
12:08
Transmission Media
04:31
Network Access Control Devices
05:25
End Point Security
03:27
Content Distribution Networks
02:00
Voice
04:15
Multimedia Collaboration
02:39
Open Protocols, Applications, and Services
01:53
Remote Access
09:45
Data Communications
09:52
Virtualized Networks
05:37
The Network as an Enabler of Channel of Attack
01:58
The Network as a Bastion of Defense
04:42
Network Security Objectives and Attack Modes
04:58
Scanning Techniques
08:05
Security Event Management (SEM)
05:17
IP Fragmentation Attacks and Crafted Packets
05:55
DOS and DDOS Attacks
06:47
Spoofing
05:43
Session Highjack
02:16

CISSP Domain 5: Identity & Access Management

17 lectures
Physical and Logical Access
04:21
Identification, Authentication, and Authorization
09:34
Password, Account, Profile, and Directory Management
04:39
Directory Technologies
08:11
Single/Multi-Factor Authentication
08:31
Accountability
06:56
Session Management
03:43
Registration and Proof of Identity
02:25
Credential Management Systems
02:58
Identity as a Service (IDaaS)
03:44
Integrating Third-Party Identity Services
01:54
Role-Based Access Control
03:29
Rule-Based Access Control
03:12
Mandatory Access Controls (MACs)
04:11
Discretionary Access Controls (DACs)
03:09
Prevent or Mitigate Access Control Attacks
05:51
Identity and Access Provisioning Lifecycle
03:37

CISSP Domain 6: Security Assessment & Testing

8 lectures
Software Development as Part of System Design
05:09
Log Reviews
05:38
Synthetic Transactions
02:45
Code Review and Testing
11:52
Negative Testing/Misuse Case Testing
05:13
Interface Testing
04:36
Collecting Security Process Data
03:59
Service Organization Control (SOC) Reporting Options
05:58

CISSP Domain 7: Security Operations

41 lectures
The Crime Scene
09:20
Policy, Roles, and Responsibilities
04:28
Incident Handling and Response
02:36
Recovery Phase
05:27
Evidence Collection and Processing
04:00
Continuous and Egress Monitoring
02:54
Data Leak/Loss Prevention (DLP)
07:45
Provisioning of Resources through Configuration Management
06:03
Key Themes
07:17
Controlling and Managing Privileged Accounts, Groups and Roles
03:32
Separations of Duties and Responsibilities
04:15
Monitor Special Privileges and Job Rotation
03:47
Managing the Information Lifecycle
05:52
Service Level Agreements (SLAs)
08:25
Resource Protection
07:23
IR Concepts
07:56
IR Phases
05:25
Unauthorized Disclosure
01:40
Network Intrusion Detection System Architecture
06:15
Other Preventative Measures against Attacks
06:30
Patch and Vulnerability Management
04:14
Change Management
05:10
Configuration Management
01:30
Recovery Site Strategies
05:41
System Resilience and Fault Tolerance Requirements
10:52
Documenting the Plan
03:17
Response
02:53
Personnel and Communications
03:12
Recovery Concepts
03:36
Exercise, Assess, and Maintaining the Plan
03:09
Tabletop Exercise/Structured Walk-Through Test
01:50
Walk-Through Drill/Simulation Test
03:08
Functional Drill/Parallel Test
02:05
Full-Interruption/Full-Scale Test
02:44
Update and Maintenance of the Plan
03:03
Implementation and Operation of Perimeter Security
05:46
Card Types
03:52
Closed Circuit TV
05:54
Interior Intrusion Detection Systems
03:28
Building and Inside Security
06:26
Personnel Safety
03:39

CISSP Domain 8: Security in the Software Development Life Cycle

22 lectures
Development Life Cycle
06:46
Maturity Models
04:02
Operation and Maintenance
04:20
Software Development Methods
07:43
The Database and Data Warehousing Environment
13:27
Database Vulnerabilities and Threats
06:48
DBMS Controls
04:00
Knowledge Management and Web Application Environment
05:20
Applications Development and Programming Concepts
07:10
The Software Environment
13:46
Libraries & Toolsets
05:32
Security Issues in Source Code
07:57
Malicious Software (Malware)
08:15
Malware Protection
05:07
Security Kernels, Reference Monitors, and the TCB
09:05
Configuration Management
03:50
Security of Code Repositories
03:45
Security of Application Programming Interfaces (API)
02:27
Certification and Accreditation
03:34
Auditing and Logging of Changes
04:42
Risk Analysis and Mitigation
04:44
Assess Software Acquisition Security
03:46

Conclusion

1 lectures
Course Recap
15:23

CISSP - The Complete Exam Guide Assessment

1 lectures
Course Assessment
40 questions

Đánh giá của học viên

Chưa có đánh giá
Course Rating
5
0%
4
0%
3
0%
2
0%
1
0%

Bình luận khách hàng

Viết Bình Luận

Bạn đánh giá khoá học này thế nào?

Khoá học liên quan

Practice Exams | AWS Certified Solutions Architect Associate

Practice Exams | AWS Certified Solutions Architect Associate

125 VND
50.000 VND
Ethical Hacking Course by Black Hat Pakistan

Ethical Hacking Course by Black Hat Pakistan

26 VND
50.000 VND
AWS Cloud for beginner (Vietnamese)

AWS Cloud for beginner (Vietnamese)

90 VND
50.000 VND
OpenStack Essentials

OpenStack Essentials

1.499.000 VND
50.000 VND
Java Certification : OCA (1Z0-808) Exam Simulation [2023]

Java Certification : OCA (1Z0-808) Exam Simulation [2023]

1.399.000 VND
50.000 VND
Master Big Data - Apache Spark/Hadoop/Sqoop/Hive/Flume/Mongo

Master Big Data - Apache Spark/Hadoop/Sqoop/Hive/Flume/Mongo

1.049.000 VND
50.000 VND
Reverse Engineering and Malware Analysis Fundamentals

Reverse Engineering and Malware Analysis Fundamentals

1.399.000 VND
50.000 VND
Microsoft Windows Server 2016 Training for Beginners

Microsoft Windows Server 2016 Training for Beginners

1.799.000 VND
50.000 VND
Learn Autocad API with C# - MVVM - WPF

Learn Autocad API with C# - MVVM - WPF

25 VND
50.000 VND
Ultimate AWS Certified Solutions Architect Associate SAA-C03

Ultimate AWS Certified Solutions Architect Associate SAA-C03

185 VND
50.000 VND
Website Hacking / Penetration Testing

Website Hacking / Penetration Testing

95 VND
50.000 VND
10 Sample Exams ISTQB Foundation Level (CTFL) v4.0 [NEW!]

10 Sample Exams ISTQB Foundation Level (CTFL) v4.0 [NEW!]

26 VND
50.000 VND
MongoDB : A Complete Database Administration Course

MongoDB : A Complete Database Administration Course

999.000 VND
50.000 VND
Become Zabbix Administrator For Expert

Become Zabbix Administrator For Expert

799.000 VND
50.000 VND
Learn 5 PLCs in a Day-AB, Siemens, Schneider, Omron & Delta

Learn 5 PLCs in a Day-AB, Siemens, Schneider, Omron & Delta

90 VND
50.000 VND
C++ Data Structures & Algorithms + LEETCODE Exercises

C++ Data Structures & Algorithms + LEETCODE Exercises

120 VND
50.000 VND
image

Đăng ký get khoá học Udemy - Unica - Gitiho giá chỉ 50k!

Get khoá học giá rẻ ngay trước khi bị fix.

Get khoá học cho tôi