Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium (ISC). This video series will prepare you for this certification through eight clips:
- Introduction. This first clip in the CISSP video series introduces you to the expert security speaker and provides an overview to the certification and the series.
- Cornerstone Security Concepts. This second clip in the CISSP video series covers core CISSP concepts including the CIA Triad (Confidentiality, Integrity, and Availability), Identity, Authentication, Authorization, Non Repudiation, Least Privilege, Need to Know, Policies, Standards, Procedures, and Guidelines.
- Access Control. This third clip in the CISSP video series covers the types, categories, and techniques used to determining who (or what) can access something within our environment. Access control types include Administrative, Technical, and Physical. Access control categories include Preventive, Detective, Compensating, Corrective, Deterrent, and Recovery. Access control techniques include Mandatory Access Control, Discretionary Access Control, Rule-Based Access Control, and Role-Based Access Control.
- Authentication Types. This fourth clip in the CISSP video series covers Subject and Object authentication types and their importance. Authentication types are either something that you know, something you have, something you are, or someplace you are. The different types of passwords are covered including Static Passwords, Passphrases, One Time Passwords, And Dynamic Passwords. The different types of tokens are covered, including Synchronous Dynamic Tokens and Asynchronous Dynamic Tokens. Biometric controls are covered as well, including Fingerprints, Retina Scan, Iris Scan, Hand Geometric, Keyboard Dynamics, Dynamic Signature, Voice Print, and Facial Scan.
- Network Security. This fifth clip in the CISSP video series covers network security concerns including the OSI Model and its seven levels of Application, Presentation, Session, Transport, Network, Data Link, and Physical. The TCP/IP protocol is covered as well, which includes Application, Transport, Internet, and Network Access. The different network protocols are explored including SSH, Telnet, DNS, HTTP, HTTPS, FTP, and SFTP.
- Vulnerabilities and Threats. This sixth clip in the CISSP video series covers vulnerabilities and threats. Vulnerabilities and threats are compared and contrasted. Examples of common security vulnerabilities include Weak Passwords, Bugs, Buffer Overflows, Use of Insecure Protocols, Missing Data Encryption, SQL Injection, and Missing Proper Authentication. Common security threats include Computer Viruses (Macro, Boot Sector, Stealth, Polymorphic, and Multipartite), Worms, Trojans, and Rootkits. Common Security Threats include Adware, Spyware, DoS and DDoS Attacks, Man in the Middle Attacks, and Phishing Attacks.
- Cryptography. This seventh clip in the CISSP video series explains how cryptography can protect you from attacks. The various types of cryptography are covered including Symmetric and Asymmetric Encryption. Symmetric Encryption keys include DES, 3DES, and AES. Asymmetric Encryption keys include Diffie-Hellman and Elliptic Curve. We also discuss the benefits of Hashing.
- Perimeter Defense. This eighth clip in the CISSP video series focuses on perimeter defense. Administrative (Policies, Procedures, and Standards), Tech Controls (Network, Software, and Hardware), and Physical Controls (Fences, Locks, and Guards) are explored.