Learn your way! Get started

Certified Information Systems Security Professional, Part 3 of 9: Cryptography and Operations

with expert Kevin Henry

Watch trailer

Course at a glance

Included in these subscriptions:

Dev & IT Pro Video
Dev & IT Pro Power Pack

	Release date	3/22/2018
	Level	Intermediate
	Runtime	2h 27m
	Closed captioning	N/A
	Transcript	N/A
	eBooks / courseware	N/A
	Hands-on labs	N/A
	Sample code	N/A
	Exams	Included

Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

Operations security is where all the theory and policies are put into action. Topics in this course will include administration responsibilities, redundancy and fault tolerance, and threats to operations. Also, an overview of cryptography and how it can be used in something like access will be discussed. This course is part of a series covering the ISC(2) Certified Information Systems Security Professional (CISSP).

Prerequisites

This series assumes a good understanding of enterprise networking and networking security. This is part 3 of a 9 part series.

Learning Paths

This course will help you prepare for the following certification and exam:
Certified Information Systems Security Professional

Meet the expert

Kevin is an international author, consultant and international
speaker. He is the official course development writer for ISC2 CISSP, ISACA CRISC and mile2’s C)ISSO. Kevin has been educating IT professionals for over 30 years. He also provides cyber security consulting and support services for organizations around the world. Assisting them with setting up Information Security programs and addressing areas ranging from in-depth risk analysis to policy creation and security awareness.

Course outline

Operations Security

Admin Responsibilities (31:38)

Introduction (00:27)
Operations Issues (01:22)
Role of Operations (01:22)
Administrator Access (01:42)
Computer Operations: System Administrators (03:12)
Security Administrator (01:57)
Operational Assurance (00:50)
Audit and Compliance (01:50)
Some Threats to Computer Operations (04:02)
Specific Operations Tasks (00:48)
Agenda (00:08)
Product Implementation Concerns (02:10)
Logs and Monitoring (01:15)
Records Management (01:17)
Change Control (01:40)
Resource Protection (02:00)
Contingency Planning (01:53)
System Controls (00:36)
Trusted Recovery (02:48)
Summary (00:08)

Redundancy and Fault Tolerance (13:17)

Introduction (00:15)
Fault-Tolerance Mechanisms (01:59)
Duplexing, Mirroring, And Checkpointing (01:24)
Redundant Array of Independent Disks (03:30)
Fault Tolerance (00:44)
Redundancy Mechanism (01:11)
Backups (01:28)
Backup Types (02:34)
Summary (00:08)

Operational Issues (15:43)

Introduction (00:08)
Remote Access (00:42)
Facsimilie Security (00:48)
Email Security (00:44)
Before Carrying out Vulnerability Testing (02:02)
Vulnerability Assessments (02:18)
Methology (03:22)
Penetration Testing (01:02)
Ethical Hacking (01:02)
Hack and Attack Strategies (02:06)
Protection Mechanism: Honeypot (01:16)
Summary (00:08)

Threats to Operations (09:32)

Introduction (00:08)
Threats to Operations (01:55)
Data Leakage: Social Engineering (00:59)
Data Leakage - Object Reuse (00:27)
Object Reuse (01:49)
Why Not Just Delete the File or Format the Disk (00:31)
Data Leakage: Keystroke Logging (00:29)
Data Leakage: Emanation (00:47)
Controlling Data Leakage: TEMPEST (00:34)
Controlling Data Leakage: Control Zone (00:23)
Controlling Data Leakage: White Noise (00:23)
Summary (00:53)
Summary (00:08)

Symmetric Cryptography and Hashing

Cryptography Terms (06:24)

Introduction (00:06)
Cryptography Objectives (01:14)
Cryptographic Definitions (01:28)
A Few More Definitions (02:12)
Some More Definitions (00:47)
Symmetric Cryptography: Use of Secret Keys (00:28)
Summary (00:08)

Historical Uses of Cryptography (13:02)

Introduction (00:27)
Cryptography Uses Yesterday and Today (02:17)
Historical Uses of Symmetric Cryptography (01:44)
Scytale Cipher (00:38)
Substitution Cipher (00:25)
Caesar Cipher Example (01:14)
Vigenere Cipher (00:30)
Polyalphabetic Substitution and Vigenere Example (01:36)
Enigma Machine (01:12)
Vernam Cipher (01:14)
Running Key and Concealment (01:32)
Summary (00:08)

Cryptography Foundations (14:03)

Introduction (00:05)
One-Time Pad Characteristics (01:21)
Binary Mathmatical Fuction (00:59)
Key and Algorithm Relationship (01:49)
128-Bit Keys vs. 64-Bit Keys (02:33)
Breaking Cryptosystems: Brute Force (00:49)
Breaking Cryptosystems: Frequency Analysis (00:51)
Determining Strength in a Cryptosystem (02:52)
Characteristics of Strong Algorithms (01:46)
Open or Closed (00:46)
Summary (00:08)

Modern Cryptography (16:26)

Introduction (00:23)
Types of Ciphers Used Today (00:43)
Encryption/Decryption Methods (00:46)
Symmetric Ciphers: Block Cipher (01:32)
S-Boxes Used in Block Ciphers (00:55)
Symmetric Ciphers: Stream Cipher (02:35)
Encryption Process and Symmetric Characteristics (01:16)
Strength of a Stream Cipher (02:01)
Let's Dive in Deeper (01:04)
Symmetric Key Cryptography (04:45)
Symmetric Key Management Issue (00:14)
Summary (00:08)

Symmetric Algorithms (27:39)

Introduction (00:06)
Symmetric Algorithms Examples (01:21)
Symmetric Downfalls (01:01)
Secret vs. Session Keys (01:31)
Symmetric Algorithms: DES (02:30)
Evolution of DES (02:30)
Block Cipher Modes: CBC (01:21)
Block Cipher Modes: ECB, CFB, and OFB (01:34)
Symmetric Ciphers: AES (01:10)
Other Symmetric Algorithms (01:26)
Agenda (00:06)
MAC- Sender (00:04)
Hashing Algorithms (01:53)
Protecting the Integrity of Data (01:56)
Data Integrity Mechanisms (00:48)
Weakness in Using Only Hash Algorithms (00:44)
More Protection in Data Integrity (01:58)
Security Issues in Hashing (02:36)
Birthday Attack (01:55)
Summary (00:52)
Summary (00:08)