Learn your way! Get started

Certified Information Systems Security Professional, Part 9: Systems Professional

with expert Kevin Henry


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 3/22/2018
Level Beginner
Runtime 2h 14m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

This course covers security fundamentals, risk management, threat modeling. governance, compliance, ethics, policies, and personnel security. When complete you'll have a comprehensive understanding of how security integrates with all of these key areas of knowledge. This course is part of a series covering the ISC(2) Certified Information Systems Security Professional (CISSP).

Prerequisites

This series assumes a good understanding of enterprise networking and networking security. This is part 9 of a 9 part series.

Learning Paths

This course will help you prepare for the following certification and exam:
Certified Information Systems Security Professional

Meet the expert

Kevin Henry Kevin is an international author, consultant and international speaker. He is the official course development writer for ISC2 CISSP, ISACA CRISC and mile2’s C)ISSO. Kevin has been educating IT professionals for over 30 years. He also provides cyber security consulting and support services for organizations around the world. Assisting them with setting up Information Security programs and addressing areas ranging from in-depth risk analysis to policy creation and security awareness.


Course outline



Security Overview

Security and Risk Management (24:43)
  • Introduction (00:32)
  • Overview (03:08)
  • Confidentiality, Integrity, and Availability (01:15)
  • Security Governance Principles (03:53)
  • Compliance (00:31)
  • Legal and Regulatory Issues (02:33)
  • Ethics (01:48)
  • Business Continuity Requirements (00:55)
  • Personnel Security Policies (02:24)
  • Risk Management Concepts (02:58)
  • Threat Modeling (01:21)
  • Security Risk Considerations (01:29)
  • Education, Training, and Awareness (01:13)
  • Summary (00:29)
  • Summary (00:08)
Asset Security (12:30)
  • Introduction (00:11)
  • Overview (01:32)
  • Classify Information and Supporting Assets (01:25)
  • Determine and Maintain Ownership (02:18)
  • Protect Privacy (02:30)
  • Ensure Appropriate Retention (00:56)
  • Determine Data Security Controls (02:11)
  • Establish Handling Requirements (00:38)
  • Summary (00:36)
  • Summary (00:08)
Security Engineering (15:30)
  • Introduction (00:14)
  • Overview (02:25)
  • Engineering Processes (00:30)
  • Fundamental Concepts of Security Models (00:45)
  • Controls and Countermeasures (00:46)
  • Security Capabilites of Information Systems (01:42)
  • Mitgate Vulnerabilities (03:56)
  • Cryptography (03:01)
  • Security Principles (00:22)
  • Physical Security (01:36)
  • Summary (00:08)
Communication and Network Security (10:17)
  • Introduction (00:14)
  • Overview (01:10)
  • Secure Network Architecture Design Principles (03:20)
  • Secure Network Components (01:41)
  • Secure Communications Channels (03:07)
  • Prevent or Mitigate Network Attacks (00:35)
  • Summary (00:08)
Identity and Access Management (09:54)
  • Introduction (00:10)
  • Overview (02:09)
  • Physical and Logical Access to Assets (00:54)
  • Identification and Authorization (02:54)
  • Identity Services (00:34)
  • Authorization Mechanisms (01:47)
  • Access Control Attacks (00:58)
  • Summary (00:18)
  • Summary (00:08)

Enacting Security

Security Assessment Testing (12:33)
  • Introduction (00:11)
  • Overview (02:10)
  • Assessment and Test Strategies (00:37)
  • Security Control Testing (04:40)
  • Security Process Data (02:59)
  • Analyze and Report Test Outputs (01:02)
  • Summary (00:44)
  • Summary (00:08)
Security Operations (36:25)
  • Introduction (00:14)
  • Overview (03:30)
  • Understanding Investigations (03:24)
  • Requirements for Investigation Types (01:09)
  • Logging and Monitoring Activities (03:00)
  • Resource Provisioning (03:23)
  • Foundational Security Operations Concepts (04:37)
  • Resource Protection Techniques (00:57)
  • Incident Management (01:56)
  • Preventative Measures (04:04)
  • Support Patch and Vulnerability Management (02:03)
  • Implement Recovery Strategies (02:44)
  • Disaster Recovery Processes (00:42)
  • Disaster Recovery Plans (02:22)
  • Business Continuity Planning (02:07)
  • Summary (00:08)
Software Development Security (13:02)
  • Introduction (00:56)
  • Overview (00:47)
  • Security in the Software Development Lifecycle (04:04)
  • Security Controls in Development Environment (04:29)
  • Software Security Effectiveness (01:55)
  • Summary (00:48)