Learn your way! Get started

Certified Information Systems Security Professional, Part 7: Malware and Business Continuity

with expert Kevin Henry


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 3/22/2018
Level Beginner
Runtime 2h 33m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

Malicious software exists in many forms. This course will cover many types of malware including worms, Trojans, viruses along with rootkits and back-doors. It then will cover business continuity, hot and cold sites, redundancy, and backups. Finally it will look at specifics of how to recover from disasters and and how it ties into risk management. This course is part of a series covering the ISC(2) Certified Information Systems Security Professional (CISSP).

Prerequisites

This series assumes a good understanding of enterprise networking and networking security. This is part 7 of a 9 part series.

Learning Paths

This course will help you prepare for the following certification and exam:
Certified Information Systems Security Professional

Meet the expert

Kevin Henry Kevin is an international author, consultant and international speaker. He is the official course development writer for ISC2 CISSP, ISACA CRISC and mile2’s C)ISSO. Kevin has been educating IT professionals for over 30 years. He also provides cyber security consulting and support services for organizations around the world. Assisting them with setting up Information Security programs and addressing areas ranging from in-depth risk analysis to policy creation and security awareness.


Course outline



Database Security and System Development

Database Models (18:47)
  • Introduction (00:09)
  • Database Models (00:38)
  • Database Models: Hierarchical and Distributed (01:12)
  • Database Models: Relational (00:44)
  • Database Systems (01:01)
  • Database Models: Relational Components (00:52)
  • Foreign Key (01:31)
  • Database Component (01:49)
  • Database Security Mechanisms (01:14)
  • Database Data Integrity Controls (01:58)
  • Add-On Security (01:23)
  • Database Security Issues (01:14)
  • Controlling Access (01:43)
  • Database Integrity (00:51)
  • Data Warehousing (01:05)
  • Data Mining (01:10)
  • Summary (00:08)
Software Development (17:31)
  • Introduction (00:08)
  • Artificial Intelligence (02:33)
  • Expert System Components (00:45)
  • Artificial Neural Networks (01:03)
  • Software Development Models (03:17)
  • Project Development: Phases III, IV, and V (01:56)
  • Project Development: Phases VI and VII (00:36)
  • Verification vs. Validation (00:45)
  • Evaluating the Resulting Product (01:27)
  • Controlling How Changes Take Place (01:05)
  • Change Control Process (01:45)
  • Administrative Controls (01:58)
  • Summary (00:08)
Malware Attacks (23:11)
  • Introduction (00:08)
  • Malware Attacks (00:42)
  • Virus (02:08)
  • More Malware (02:44)
  • Rootkits and Backdoors (02:14)
  • DDoS Attack Types (01:05)
  • Escalation of Privilege (01:23)
  • DDoS Issues (02:21)
  • Buffer Overflow (02:55)
  • Mail Bombing and Email Links (00:54)
  • Phishing (02:22)
  • Replay Attack (00:23)
  • Cross-Site Scripting Attack (01:21)
  • Timing Attacks (01:14)
  • More Advanced Attacks (00:32)
  • Summary (00:29)
  • Summary (00:08)

Business Continuity

Project Initiation (14:12)
  • Introduction (00:05)
  • Phases of Plan (00:56)
  • Pieces of the BCP (00:47)
  • BCP Development (02:55)
  • Where Do We Start (02:46)
  • Why Is BCP a Hard Sell to Management (02:22)
  • Understanding the Organization (02:01)
  • BCP Committee (02:08)
  • Summary (00:08)
Business Impact Analysis (27:35)
  • Introduction (00:06)
  • BCP Risk Analysis (01:25)
  • Identifying Threats and Vulnerabilties (00:55)
  • Categories (01:04)
  • How to Identify the Critical Company Functions (01:24)
  • Loss Criteria (00:54)
  • Interdependencies (00:26)
  • Choosing Offsite Services (00:36)
  • Functions' Resources (02:51)
  • Calculating MTD (01:05)
  • Recovery Point Objective (02:22)
  • Recovery Strategies (01:33)
  • What Items Need to Be Considered in a Recovery (02:24)
  • Facility Backups (02:30)
  • Compatibility Issues with Offsite Facility (00:48)
  • Which Do We Use? (02:36)
  • Choosing Site Location (00:54)
  • Other Offsite Approaches (01:53)
  • BCP Plans Become out of Date (01:11)
  • Summary (00:22)
  • Summary (00:08)

Disaster Recovery

Disaster Preparation (14:08)
  • Introduction (00:11)
  • Proper Planning (01:16)
  • Executive Succession Planning (00:33)
  • Preventing a Disaster (01:11)
  • Preventative Measures (03:18)
  • Backup/Redundancy Options (01:00)
  • Disk Shadowing (02:18)
  • Hierarchical Storage Management (01:53)
  • SAN (00:52)
  • Co-Location (00:35)
  • Other Options (00:48)
  • Summary (00:08)
Development Plan (23:59)
  • Introduction (00:12)
  • Review: Results from the BIA (07:01)
  • Now What (01:35)
  • Priorities (00:18)
  • Plan Objectives (02:10)
  • Defining Roles (02:28)
  • The Plan (01:04)
  • Types of BC Plans (01:15)
  • Recovery (00:56)
  • Damage Assessment (01:31)
  • Coordination Procedures (01:10)
  • Sequence of Recovery Options (00:35)
  • Relocate to the Alternate Facility (01:17)
  • Restoration of Primary Site (01:19)
  • Return to Normal Operations (00:56)
  • Summary (00:08)
Emergency Response (14:03)
  • Introduction (00:06)
  • Environment (01:56)
  • Operational Planning (01:10)
  • Emergency Response (00:49)
  • Revieing Insurance (00:58)
  • When Is the Danger Over (01:22)
  • Testing and Drills (02:04)
  • Types of Tests (04:13)
  • What Is Success (00:49)
  • Summary (00:23)
  • Summary (00:08)