CISSP, 3rd Edition

Video description

27+ Hours of Video Instruction

Overview:

CISSP Complete Video Course, 3rd Edition, is your full study resource to successfully prepare for the latest version of the CISSP exam. This engaging video course, with more than 27 hours of personal training from cybersecurity-recognized leader Sari Greene, explores every exam objective and provides deep-dive training on the most challenging and difficult to understand topics, so you can use it as a complete study tool for taking and passing the CISSP Certification exam.

To reinforce what you’ve learned, each video ends with a 3-Second Challenge so you can assess your knowledge, as well as a Security-in-Action review with real-world scenarios so you can apply these concepts to real-life scenarios. Throughout the course, Sari walks you through practice exam questions with a focus on test-taking strategies.

Topics include
  • Security and risk management
  • Asset security
  • Security architecture and engineering
  • Communications and network security
  • Identity and access management
  • Security assessment and testing
  • Security operations
  • Software development security
  • Attaining and maintaining your CISSP certification
About the Instructor

Sari Greene (CISSP-ISSMP, CRISC, CISM, CISA, SEC+, NSA/IAM) is an information security practitioner, author, educator, entrepreneur, and sailor. In 2003, Sari founded one of the first dedicated cybersecurity consultancies. She is a recognized leader in the field of cybersecurity and has amassed thousands of hours in the field working with a spectrum of technical, operational, compliance, and management personnel as well as boards of directors, regulators, service providers, and law enforcement agencies. In 2017, Sari was named Cybersecurity Educator of the Year.

Skill Level:

Intermediate

Learn How To
  • Pass the CISSP or SSCP certification examination
  • Enhance your knowledge of information security
  • Experience real-life scenarios using Security-in-Action case studies
Who Should Take This Course?
  • The primary audience is anyone preparing for the ISC2 CISSP certification examination.
  • The secondary audience is anyone preparing for the ISC2 SSCP certification examination.
Course Requirements:

This complete video course is designed primarily for individuals interested in pursuing the CISSP certification. (ISC)2 requires CISSP candidates to have at least five years of cumulative, paid, full-time work experience in at least two of the (ISC)2 CISSP Common Body of Knowledge (CBK) domains. An understanding of the basic concepts of information security and computer networking is also recommended.

About Pearson Video Training

Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more.

Learn more about Pearson Video training at http://www.informit.com/video.

Table of contents

  1. Introduction
    1. CISSP: Introduction
  2. Module 1: Security and Risk Management Domain
    1. Module introduction
  3. Lesson 1: Understand, Adhere to, and Promote Professional Ethics
    1. Learning objectives
    2. 1.1 Organizational and Professional Ethics
  4. Lesson 2: Understand and Apply Security Concepts
    1. Learning objectives
    2. 2.1 Information Security Fundamentals
  5. Lesson 3: Evaluate and Apply Security Governance Principles
    1. Learning objectives
    2. 3.1 Strategic Alignment
    3. 3.2 Organizational Roles and Responsibilities
    4. 3.3 Security Control Frameworks
  6. Lesson 4: Determine Compliance and Other Requirements
    1. Learning objectives
    2. 4.1 Regulatory and Contractual Obligations
    3. 4.2 Privacy and Data Protection
    4. Lesson 1-4 Assessment
  7. Lesson 5: Understand Legal and Regulatory Issues that Pertain to Information Security in a Holistic Context
    1. Learning objectives
    2. 5.1 Cybercrime and Data Breaches
    3. 5.2 Data Flow
  8. Lesson 6: Understand Requirements for Investigation Types
    1. Learning objectives
    2. 6.1 Investigation Objectives and Requirements
  9. Lesson 7: Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
    1. Learning objectives
    2. 7.1 Governance Documents
  10. Lesson 8: Identify, Analyze, and Prioritize Business Continuity Requirements
    1. Learning objectives
    2. 8.1 Business Continuity Planning
    3. 8.2 Business Impact Analysis
  11. Lesson 9: Contribute to and Enforce Personnel Security Policies and Procedures
    1. Learning objectives
    2. 9.1 Personnel Policies and Agreements
    3. 9.2 Personnel Security Practices
    4. Lesson 5-9 Assessment
  12. Lesson 10: Understand and Apply Risk Management Concepts
    1. Learning objectives
    2. 10.1 Risk Management Concepts
    3. 10.2 Risk Management Frameworks
    4. 10.3 Risk Assessment
    5. 10.4 Controls and Countermeasures
  13. Lesson 11: Understand and Apply Threat Modeling Concepts and Methodologies
    1. Learning objectives
    2. 11.1 Threat Actors and Attributes
    3. 11.2 Threat Modeling
    4. 11.3 Attack Vectors
    5. 11.4 Threat Intelligence
  14. Lesson 12: Apply Supply Chain Risk Management Concepts
    1. Learning objectives
    2. 12.1 Supply Chain Risk Management
  15. Lesson 13: Establish and Maintain a Security Awareness, Education, and Training Program
    1. Learning objectives
    2. 13.1 SETA Principles and Practices
    3. 13.2 Social Engineering
    4. Lesson 10-13 Assessment
  16. Module 2: Asset Security
    1. Module introduction
  17. Lesson 14: Identify and Classify Information and Assets
    1. Learning objectives
    2. 14.1 Asset Classification
  18. Lesson 15: Establish Information and Asset Handling Requirements
    1. Learning objectives
    2. 15.1 Data and Asset Handling
  19. Lesson 16: Provision Resources Securely
    1. Learning objectives
    2. 16.1 Asset Management
  20. Lesson 17: Manage Data Lifecycle
    1. Learning objectives
    2. 17.1 Data Collection and Retention
    3. 17.2 Deletion and Destruction
  21. Lesson 18: Ensure Appropriate Asset Retention
    1. Learning objectives
    2. 18.1 Asset Lifecycle - EOL
  22. Lesson 19: Determine Data Security Controls and Compliance Requirements
    1. Learning objectives
    2. 19.1 Control Baselines, Tailoring, and Scoping
    3. 19.2 Data Protection Methods
    4. Lesson 14-19 Assessment
  23. Module 3: Security Architecture and Engineering
    1. Module introduction
  24. Lesson 20: Research, Implement, and Manage Engineering Processes Using Secure Design Principles
    1. Learning objectives
    2. 20.1 Secure Design Principles
  25. Lesson 21: Understand the Fundamental Concepts of Security Models
    1. Learning objectives
    2. 21.1 Information Security Models
  26. Lesson 22: Select Controls Based Upon System Security Requirements
    1. Learning objectives
    2. 22.1 Security Evaluation Criteria
  27. Lesson 23: Understand Security Capabilities of Information Systems
    1. Learning objectives
    2. 23.1 Information Systems Security Capabilities
    3. Lesson 20-23 Assessment
  28. Lesson 24: Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
    1. Learning objectives
    2. 24.1 Traditional Systems Architectures
    3. 24.2 Database Systems
    4. 24.3 Cloud-based Systems
    5. 24.4 Embedded Systems
    6. 24.5 IoT and IIoT
    7. 24.6 Virtualized Systems
    8. 24.7 Automation and Solution Elements
    9. Lesson 24 Assessment
  29. Lesson 25: Select and Determine Cryptographic Solutions
    1. Learning objectives
    2. 25.1 Ciphers and Keys
    3. 25.2 Symmetric Encryption
    4. 25.3 Asymmetric Encryption
    5. 25.4 Hashing and Digital Signatures
    6. 25.5 PKI and Digital Certificates
    7. 25.6 Emerging Cryptography
  30. Lesson 26: Understand Methods of Cryptanalytic Attacks
    1. Learning objectives
    2. 26.1 Cryptographic Attacks
    3. 26.2 Hash and Kerberos Post-Exploitation Attacks
    4. 26.3 Ransomware
    5. Lesson 25-26 Assessment
  31. Lesson 27: Apply Security Principles to Site and Facility Design
    1. Learning objectives
    2. 27.1 Physical Security Principles
  32. Lesson 28: Design Site and Facility Security Controls
    1. Learning objectives
    2. 28.1 Site and Building Security
    3. 28.2 Environmental Impact
    4. Lesson 27-28 Assessment
  33. Module 4: Communication and Network Security
    1. Module introduction
  34. Lesson 29: Assess and Implement Secure Design Principles in Network Architecture
    1. Learning objectives
    2. 29.1 Network Models
    3. 29.2 IP Networking
    4. 29.3 Non-IP Networking
    5. 29.4 Secure Communications Protocols
    6. 29.5 Secure Network Protocols
    7. 29.6 Micro-segmentation
    8. 29.7 Wireless Architecture
    9. Lesson 29 Assessment
  35. Lesson 30: Secure Network Components
    1. Learning objectives
    2. 30.1 Wired Transmission
    3. 30.2 Wireless (Wi-Fi) Transmission
    4. 30.3 Security Zones and Firewalls
    5. 30.4 Network Access Control
    6. 30.5 Endpoint Security
    7. Lesson 30 Assessment
  36. Lesson 31: Implement Secure Communication Channels According to Design
    1. Learning objectives
    2. 31.1 Voice-over-IP (VoIP)
    3. 31.2 Multimedia Collaboration
    4. 31.3 Remote Access
    5. 31.4 Virtual Private Cloud
    6. Lesson 31 Assessment
  37. Module 5: Identity and Access Management (IAM)
    1. Module introduction
  38. Lesson 32: Control Physical and Logical Access to Assets
    1. Learning objectives
    2. 32.1 Access Control Fundamentals
  39. Lesson 33: Manage Identification and Authentication of People, Devices, and Services
    1. Learning objectives
    2. 33.1 Identity Management (IdM)
    3. 33.2 Authentication Factors
    4. 33.3 Biometric Authentication
  40. Lesson 34: Federated Identity with a Third-party Service
    1. Learning objectives
    2. 34.1 Federated Identity Management
  41. Lesson 35: Implement and Manage Authorization Mechanisms
    1. Learning objectives
    2. 35.1 Authorization and Access Controls
    3. Lesson 32-35 Assessment
  42. Lesson 36: Manage the Identity and Access Provisioning Lifecycle
    1. Learning objectives
    2. 36.1 Identity and Access Management
    3. 36.2 Privileged Accounts
  43. Lesson 37: Implement Authentication Systems
    1. Learning objectives
    2. 37.1 Authentication Protocols
    3. 37.2 FIDO and WebAuthn
    4. Lesson 36-37 Assessment
  44. Module 6: Security Assessment and Testing
    1. Module introduction
  45. Lesson 38: Design and Validate Assessment, Test, and Audit Strategies
    1. Learning objectives
    2. 38.1 Security Assessment Overview
    3. 38.2 Planning Engagements
  46. Lesson 39: Conduct Security Controls Testing
    1. Learning objectives
    2. 39.1 Infrastructure Testing
    3. 39.2 Penetration Testing
    4. 39.3 Code Assessment
    5. Lesson 38-39 Assessment
  47. Lesson 40: Collect Security Process Data
    1. Learning objectives
    2. 40.1 Management Metrics
    3. 40.2 SETA Measures and Metrics
    4. 40.3 Continuous Monitoring
  48. Lesson 41: Analyze Test Output and Generate Report
    1. Learning objectives
    2. 41.1 Reporting and Response
  49. Lesson 42: Conduct or Facilitate Security Audits
    1. Learning objectives
    2. 42.1 Security Audits
    3. Lesson 40-42 Assessment
  50. Module 7: Security Operations
    1. Module introduction
  51. Lesson 43: Understand and Comply with Investigations
    1. Learning objectives
    2. 43.1 Evidence Handling
    3. 43.2 Digital Forensics
  52. Lesson 44: Conduct Logging and Monitoring Activities
    1. Learning objectives
    2. 44.1 Logging and Analysis
    3. 44.2 Detection and Response Tools
  53. Lesson 45: Perform Configuration Management
    1. Learning objectives
    2. 45.1 Configuration Management
    3. 45.2 Automated Provisioning
  54. Lesson 46: Apply Foundational Security Operations Concepts
    1. Learning objectives
    2. 46.1 Security Operations
  55. Lesson 47: Apply Resource Protection
    1. Learning objectives
    2. 47.1 Media Management and Protection
    3. 47.2 Mobile Device Management
    4. Lesson 43-47 Assessment
  56. Lesson 48: Conduct Incident Management
    1. Learning objectives
    2. 48.1 Incident Management Planning
    3. 48.2 Incident Response and Handling
  57. Lesson 49: Operate and Maintain Detective and Preventative Measures
    1. Learning objectives
    2. 49.1 Detective and Preventative Controls
    3. 49.2 Anti-Malware Tools and Techniques
    4. 49.3 Adversarial Artificial Intelligence
    5. 49.4 Deception and Disruption
  58. Lesson 50: Implement and Support Patch and Vulnerability Management
    1. Learning objectives
    2. 50.1 Vulnerability and Patch Management
  59. Lesson 51: Understand and Participate in Change Management Process
    1. Learning objectives
    2. 51.1 Change Management
    3. Lesson 48-51 Assessment
  60. Lesson 52: Implement Recovery Strategies
    1. Learning objectives
    2. 52.1 Backup and Recovery
    3. 52.2 Resiliency
  61. Lesson 53: Implement Disaster Recovery Processes
    1. Learning objectives
    2. 53.1 Disaster Response and Recovery
  62. Lesson 54: Test Disaster Recovery Plans
    1. Learning objectives
    2. 54.1 DRP Training and Testing
  63. Lesson 55: Participate in Business Continuity (BC) Planning and Exercises
    1. Learning objectives
    2. 55.1 Business Continuity Integration
  64. Lesson 56: Implement and Manage Physical Security
    1. Learning objectives
    2. 56.1 Perimeter and Internal Security Controls
  65. Lesson 57: Address Personnel Safety and Security Concerns
    1. Learning objectives
    2. 57.1 Workplace Safety
    3. Lesson 52-57 Assessment
  66. Module 8: Software Development Security
    1. Module introduction
  67. Lesson 58: Understand and Integrate Security in the Software Development Lifecycle
    1. Learning objectives
    2. 58.1 Software Development Lifecycle
    3. 58.2 Security Collaboration
  68. Lesson 59: Identify and Apply Security Controls in Software Development Ecosystems
    1. Learning objectives
    2. 59.1 Code, Languages, Libraries, and Tools
    3. 59.2 Secure Staging
    4. Lesson 58-59 Assessment
  69. Lesson 60: Assess the Effectiveness of Software Security
    1. Learning objectives
    2. 60.1 Software Security Assessment
  70. Lesson 61: Assess the Security Impact of Acquired Software
    1. Learning objectives
    2. 61.1 Software Procurement and Acquisition
  71. Lesson 62: Define and Apply Secure Coding Guidelines and Standards
    1. Learning objectives
    2. 62.1 Source Code Flaws
    3. 62.2 Input and Output Validation
    4. 62.3 Secure Coding Practices
    5. Lesson 60-62 Assessment
  72. Module 9: Attaining and Maintaining Your CISSP
    1. Module introduction
  73. Lesson 63: Preparing for Your Examination
    1. Learning objectives
    2. 63.1 Understanding the Exam Structure
    3. 63.2 Test Taking Strategies
    4. 63.3 Preparing for Test Day
  74. Lesson 64: The Certification Process
    1. Learning objectives
    2. 64.1 What to Expect at the Testing Center
    3. 64.2 Endorsement and Continuing Education
  75. Summary
    1. CISSP: Summary

Product information

  • Title: CISSP, 3rd Edition
  • Author(s): Sari Greene
  • Release date: May 2021
  • Publisher(s): Pearson IT Certification
  • ISBN: 0137442084