Certified Information Systems Security Professional, Part 9 of 9: Systems Professional
with expert Kevin Henry
Course at a glance
Included in these subscriptions:
- Dev & IT Pro Video
- Dev & IT Pro Power Pack
| Release date | 3/22/2018 | |
| Level | Advanced | |
| Runtime | 2h 14m | |
| Closed captioning | N/A | |
| Transcript | N/A | |
| eBooks / courseware | N/A | |
| Hands-on labs | N/A | |
| Sample code | N/A | |
| Exams | Included |
Course description
This course covers security fundamentals, risk management, threat modeling. governance, compliance, ethics, policies, and personnel security. When complete you'll have a comprehensive understanding of how security integrates with all of these key areas of knowledge. This course is part of a series covering the ISC(2) Certified Information Systems Security Professional (CISSP).
Prerequisites
This series assumes a good understanding of enterprise networking and networking security. This is part 9 of a 9 part series.
Learning Paths
This course will help you prepare for the following certification and exam:
Certified Information Systems Security Professional
Meet the expert
Kevin is an international author, consultant and international
speaker. He is the official course development writer for ISC2 CISSP, ISACA CRISC and mile2’s C)ISSO. Kevin has been educating IT professionals for over 30 years. He also provides cyber security consulting and support services for organizations around the world. Assisting them with setting up Information Security programs and addressing areas ranging from in-depth risk analysis to policy creation and security awareness.
speaker. He is the official course development writer for ISC2 CISSP, ISACA CRISC and mile2’s C)ISSO. Kevin has been educating IT professionals for over 30 years. He also provides cyber security consulting and support services for organizations around the world. Assisting them with setting up Information Security programs and addressing areas ranging from in-depth risk analysis to policy creation and security awareness.
Course outline
Security Overview
Security and Risk Management (24:43)
- Introduction (00:32)
- Overview (03:08)
- Confidentiality, Integrity, and Availability (01:15)
- Security Governance Principles (03:53)
- Compliance (00:31)
- Legal and Regulatory Issues (02:33)
- Ethics (01:48)
- Business Continuity Requirements (00:55)
- Personnel Security Policies (02:24)
- Risk Management Concepts (02:58)
- Threat Modeling (01:21)
- Security Risk Considerations (01:29)
- Education, Training, and Awareness (01:13)
- Summary (00:29)
- Summary (00:08)
Asset Security (12:30)
- Introduction (00:11)
- Overview (01:32)
- Classify Information and Supporting Assets (01:25)
- Determine and Maintain Ownership (02:18)
- Protect Privacy (02:30)
- Ensure Appropriate Retention (00:56)
- Determine Data Security Controls (02:11)
- Establish Handling Requirements (00:38)
- Summary (00:36)
- Summary (00:08)
Security Engineering (15:30)
- Introduction (00:14)
- Overview (02:25)
- Engineering Processes (00:30)
- Fundamental Concepts of Security Models (00:45)
- Controls and Countermeasures (00:46)
- Security Capabilites of Information Systems (01:42)
- Mitgate Vulnerabilities (03:56)
- Cryptography (03:01)
- Security Principles (00:22)
- Physical Security (01:36)
- Summary (00:08)
Communication and Network Security (10:17)
- Introduction (00:14)
- Overview (01:10)
- Secure Network Architecture Design Principles (03:20)
- Secure Network Components (01:41)
- Secure Communications Channels (03:07)
- Prevent or Mitigate Network Attacks (00:35)
- Summary (00:08)
Identity and Access Management (09:54)
- Introduction (00:10)
- Overview (02:09)
- Physical and Logical Access to Assets (00:54)
- Identification and Authorization (02:54)
- Identity Services (00:34)
- Authorization Mechanisms (01:47)
- Access Control Attacks (00:58)
- Summary (00:18)
- Summary (00:08)
Enacting Security
Security Assessment Testing (12:33)
- Introduction (00:11)
- Overview (02:10)
- Assessment and Test Strategies (00:37)
- Security Control Testing (04:40)
- Security Process Data (02:59)
- Analyze and Report Test Outputs (01:02)
- Summary (00:44)
- Summary (00:08)
Security Operations (36:25)
- Introduction (00:14)
- Overview (03:30)
- Understanding Investigations (03:24)
- Requirements for Investigation Types (01:09)
- Logging and Monitoring Activities (03:00)
- Resource Provisioning (03:23)
- Foundational Security Operations Concepts (04:37)
- Resource Protection Techniques (00:57)
- Incident Management (01:56)
- Preventative Measures (04:04)
- Support Patch and Vulnerability Management (02:03)
- Implement Recovery Strategies (02:44)
- Disaster Recovery Processes (00:42)
- Disaster Recovery Plans (02:22)
- Business Continuity Planning (02:07)
- Summary (00:08)
Software Development Security (13:02)
- Introduction (00:56)
- Overview (00:47)
- Security in the Software Development Lifecycle (04:04)
- Security Controls in Development Environment (04:29)
- Software Security Effectiveness (01:55)
- Summary (00:48)