CISSP, Second Edition

Video description

The new CISSP Complete Video Course covering the 2021 CISSP exam is now available. Please use the new course to study for your certification.

Duration
Almost 26 hours of deep-dive training covering every objective in the latest (ISC)2 CISSP exam.

Overview
CISSP Complete Video Course is an engaging self-paced video training solution that provides learners with almost 26 hours of personal training from 2017 Cybersecurity Educator of the Year, Sari Greene. With each lesson, Sari fully explains the topics associated with each CISSP exam objective. To reinforce what you’ve learned, each lesson concludes with a 3Sec Challenge to test your knowledge and a Security-in-Action case study to demonstrate how the lesson concepts apply to real-life scenarios. This combination of teaching, testing, and application will ensure that you are prepared to take the CISSP exam.

Description
CISSP Complete Video Course contains almost 26 hours of training with content divided into 9 modules with 65 exam objective-targeted lessons and 106 related sublessons. This title covers every objective in the newly updated (ISC)2 CISSP exam and includes screencast teaching, and applied real-world scenarios.
The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CISSP exam.

Major sections are as follows:

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
  • Becoming a CISSP

About the Instructor
Sari Greene is an information security practitioner, author, and entrepreneur. In 2003, Sari founded one of the first dedicated cybersecurity consultancies. She is a recognized leader in the field of cybersecurity and has amassed thousands of hours in the field working with a spectrum of technical, operational, compliance, and management personnel as well as boards of directors, regulators, service providers, and law enforcement agencies.

Sari’s first book was Tools and Techniques for Securing Microsoft Networks, commissioned by Microsoft to train its partner channel, followed soon after by the first edition of Security Policies and Procedures: Principles and Practices. The second edition of Security Program and Policies: Principles and Practices is currently being used in undergraduate and graduate programs nationwide. She is also the author and presenter of the best-selling CompTIA Security+ (SY0-501) Complete Video Course, and CISA Complete Video Course. Sari has published a number of articles related to cybersecurity; has been quoted in The New York Times, in The Wall Street Journal, on CNN, and on CNBC; speaks regularly at cybersecurity, legal, financial, and healthcare conferences and workshops around the country; and is a frequent guest lecturer.
Sari serves on the Bangor Savings Bank Board of Directors and is chair of the Enterprise Risk Management Committee. She provided expert witness testimony in the groundbreaking PATCO v. Ocean National Bank case, represents industry on the Massachusetts Bankers Association Cybersecurity Task Force, and is a member of the American Bankers Association cybersecurity faculty.

Sari earned her MBA from the University of New Hampshire system. She holds multiple industry accreditations, including CISSP-ISSMP, CRISC, CISM, CISA, MCSE, and NSA/IAM. She is also certified in Offshore Emergency Medicine. In 2017, she was awarded Cybersecurity Educator of the Year. Learn more at sarigreene.com.

Skill Level
Beginning

What You Will Learn

  • Every objective on the (ISC)2 CISSP exam
  • Tips to prepare for and pass the exam
  • Real-world cybersecurity skills

Who Should Take This Course
Primary audience: Anyone preparing for the (ISC)2 CISSP examination.
Secondary audience: Anyone interested in pursuing a career in cybersecurity.

Table of Contents
Introduction
Module 1 Domain 1 Security and Risk Management
Lesson 1: Understand and Apply Concepts of Confidentiality, Integrity and Availability
Lesson 2: Evaluate and Apply Security Governance Principles
Lesson 3: Determine Compliance Requirements
Lesson 4: Understand Legal and Regulatory Issues That Pertain to Information Security in a Global Context
Lesson 5: Understand, Adhere to and Promote Professional Ethics
Lesson 6: Develop, Document and Implement Security Policy, Standards, Procedures and Guidelines
Lesson 7: Identify, Analyze, and Prioritize Business Continuity (BC) Requirements
Lesson 8: Contribute to and Enforce Personnel Security Policies and Procedures
Lesson 9: Understand and Apply Risk Management Concepts
Lesson 10: Understand and Apply Threat Modeling Concepts and Methodologies
Lesson 11: Apply Risk Management Concepts to the Supply Chain
Lesson 12: Establish and Maintain a Security Awareness, Education, and Training Program
Module 2 Domain 2 Asset Security
Lesson 13: Identify and Classify Information and Assets
Lesson 14: Determine and Maintain Information and Asset Ownership
Lesson 15: Protect Privacy
Lesson 16: Ensure Appropriate Asset Retention
Lesson 17: Determine Data Security Controls
Lesson 18: Establish Information and Asset Handling Requirements
Module 3 Domain 3 Security Architecture and Engineering
Lesson 19: Implement and Manage Engineering Processes Using Secure Design Principles
Lesson 20: Understand the Fundamental Concepts of Security Models
Lesson 21: Select Controls Based Upon Systems Security Requirements
Lesson 22: Understand Security Capabilities of Information Systems
Lesson 23: Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
Lesson 24: Assess and Mitigate Vulnerabilities in Web-based Systems
Lesson 25: Assess and Mitigate Vulnerabilities in Mobile Systems
Lesson 26: Assess and Mitigate Vulnerabilities in Embedded Systems
Lesson 27: Apply Cryptography
Lesson 28: Apply Security Principles to Site and Facility Design
Lesson 29: Implement Site and Facility Security Controls
Module 4 Domain 4 Communication and Network Security
Lesson 30: Implement Secure Design Principles in Network Architectures
Lesson 31: Secure Network Components
Lesson 32: Implement Secure Communication Channels According to Design
Module 5 Domain 5 Identity and Access Management (IAM)
Lesson 33: Control Physical and Logical Access to Assets
Lesson 34: Manage Identification and Authentication of People, Devices, and Services
Lesson 35: Integrate Identify as a Third-party Service
Lesson 36: Implement and Manage Authorization Mechanisms
Lesson 37: Manage the Identity and Access Provisioning Lifecycle
Module 6 Domain 6 Security Assessment and Testing
Lesson 38: Design and Validate Assessment, Test, and Audit Strategies
Lesson 39: Conduct Security Control Testing
Lesson 40: Collect Security Process Data
Lesson 41: Analyze Test Output and Generate Report
Lesson 42: Conduct or Facilitate Security Audits
Module 7 Domain 7 Security Operations
Lesson 43: Understand and Support Investigations
Lesson 44: Understand Requirements for Investigation Types
Lesson 45: Conduct Logging and Monitoring Activities
Lesson 46: Securely Provisioning Resources
Lesson 47: Understand and Apply Foundational Security Operations Concepts
Lesson 48: Apply Resource Protection Techniques
Lesson 49: Conduct Incident Management
Lesson 50: Operate and Maintain Detective and Preventative Measures
Lesson 51: Implement and Support Patch and Vulnerability Management
Lesson 52: Understand and Participate in Change Management Processes
Lesson 53: Implement Recovery Strategies
Lesson 54: Implement Disaster Recovery (DR) Processes
Lesson 55: Test Disaster Recovery Plans (DRP)
Lesson 56: Participate in Business Continuity (BC) Planning and Exercises
Lesson 57: Implement and Manage Physical Security
Lesson 58: Address Personnel Safety and Security Concerns
Module 8 Domain 8 Software Development Security
Lesson 59: Understand and Integrate Security in the Software Development Life Cycle (SDLC)
Lesson 60: Identify and Apply Security Controls in Development Environments
Lesson 61: Assess the Effectiveness of Software Security
Lesson 62: Assess Security Impact of Acquired Software
Lesson 63: Define and Apply Secure Coding Guidelines and Standards
Module 9 Becoming a CISSP
Lesson 64: Acing Your Exam
Lesson 65: Certification Process
Summary

About LiveLessons Video Training
Pearson’s LiveLessons video training series publishes the industry’s leading video tutorials for IT pros, developers, sys admins, devops, network engineers, and certification candidates. LiveLessons feature the highest-quality professional skills training led by recognized author instructors published by Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT certification, programming, development, networking, software skills for the home, office, and business, and more. Your purchase provides you with lifetime online access to the content.

http://www.pearsonitcertification.com/livelessons

Table of contents

  1. Introduction
    1. CISSP: Introduction
  2. Module 1 Domain 1 Security and Risk Management
    1. Module introduction
  3. Lesson 1: Understand and Apply Concepts of Confidentiality, Integrity and Availability
    1. Learning objectives
    2. 1.1 Information Security Fundamentals
  4. Lesson 2: Evaluate and Apply Security Governance Principles
    1. Learning objectives
    2. 2.1 Frameworks, Benchmarks, and Guidelines
    3. 2.2 Leadership Roles and Responsibilities
  5. Lesson 3: Determine Compliance Requirements
    1. Learning objectives
    2. 3.1 Regulatory and Contractual Obligations
    3. 3.2 Privacy and Data Protection
  6. Lesson 4: Understand Legal and Regulatory Issues That Pertain to Information Security in a Global Context
    1. Learning objectives
    2. 4.1 Cybercrime and Data Breaches
    3. 4.2 Licensing and Intellectual Property Law
    4. Lesson 1-4 Assessment
  7. Lesson 5: Understand, Adhere to and Promote Professional Ethics
    1. Learning objectives
    2. 5.1 Organizational and Professional Ethics
  8. Lesson 6: Develop, Document and Implement Security Policy, Standards, Procedures and Guidelines
    1. Learning objectives
    2. 6.1 Information Security Policy
  9. Lesson 7: Identify, Analyze, and Prioritize Business Continuity (BC) Requirements
    1. Learning objectives
    2. 7.1 Business Continuity Planning
    3. 7.2 Business Impact Analysis
  10. Lesson 8: Contribute to and Enforce Personnel Security Policies and Procedures
    1. Learning objectives
    2. 8.1 Personnel Policies and Agreements
    3. Lesson 5-8 Assessment
  11. Lesson 9: Understand and Apply Risk Management Concepts
    1. Learning objectives
    2. 9.1 Risk Management Concepts
    3. 9.2 Risk Assessment
    4. 9.3 Countermeasure Selection
  12. Lesson 10: Understand and Apply Threat Modeling Concepts and Methodologies
    1. Learning objectives
    2. 10.1 Threat Modeling
    3. 10.2 Attack Vectors
  13. Lesson 11: Apply Risk Management Concepts to the Supply Chain
    1. Learning objectives
    2. 11.1 Supply Chain Risk Management
  14. Lesson 12: Establish and Maintain a Security Awareness, Education, and Training Program
    1. Learning objectives
    2. 12.1 SETA Principles and Practices
    3. 12.2 Social Engineering Training
    4. Lesson 9-12 Assessment
  15. Module 2 Domain 2 Asset Security
    1. Module introduction
  16. Lesson 13: Identify and Classify Information and Assets
    1. Learning objectives
    2. 13.1 Classification Frameworks
  17. Lesson 14: Determine and Maintain Information and Asset Ownership
    1. Learning objectives
    2. 14.1 Asset Ownership and Management
  18. Lesson 15: Protect Privacy
    1. Learning objectives
    2. 15.1 Privacy Principles
  19. Lesson 16: Ensure Appropriate Asset Retention
    1. Learning objectives
    2. 16.1 Data Retention and Destruction
  20. Lesson 17: Determine Data Security Controls
    1. Learning objectives
    2. 17.1 Data Security Standards and Selection
  21. Lesson 18: Establish Information and Asset Handling Requirements
    1. Learning objectives
    2. 18.1 Labeling and Handling Standards
    3. Lesson 13-18 Assessment
  22. Module 3 Domain 3 Security Architecture and Engineering
    1. Module introduction
  23. Lesson 19: Implement and Manage Engineering Processes Using Secure Design Principles
    1. Learning objectives
    2. 19.1 Security Design Principles
  24. Lesson 20: Understand the Fundamental Concepts of Security Models
    1. Learning objectives
    2. 20.1 Information Security Models
  25. Lesson 21: Select Controls Based Upon Systems Security Requirements
    1. Learning objectives
    2. 21.1 Security Evaluation Models
  26. Lesson 22: Understand Security Capabilities of Information Systems
    1. Learning objectives
    2. 22.1 Information Systems Security Capabilities
    3. Lesson 19-22 Assessment
  27. Lesson 23: Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
    1. Learning objectives
    2. 23.1 Traditional Computing Environments
    3. 23.2 Cloud Computing
  28. Lesson 24: Assess and Mitigate Vulnerabilities in Web-based Systems
    1. Learning objectives
    2. 24.1 Web Vulnerabilities
  29. Lesson 25: Assess and Mitigate Vulnerabilities in Mobile Systems
    1. Learning objectives
    2. 25.1 Mobile Systems Vulnerabilities
  30. Lesson 26: Assess and Mitigate Vulnerabilities in Embedded Systems
    1. Learning objectives
    2. 26.1 Embedded Systems Vulnerabilities
    3. Lesson 23-26 Assessment
  31. Lesson 27: Apply Cryptography
    1. Learning objectives
    2. 27.1 Cryptographic Fundamentals
    3. 27.2 Symmetric Encryption
    4. 27.3 Asymmetric Encryption
    5. 27.4 Hashing and Digital Signatures
    6. 27.5 PKI and Digital Certificates
    7. 27.6 Cryptographic Attacks and Vulnerabilities
  32. Lesson 28: Apply Security Principles to Site and Facility Design
    1. Learning objectives
    2. 28.1 Physical Security Principles
  33. Lesson 29: Implement Site and Facility Security Controls
    1. Learning objectives
    2. 29.1 Site and Facility Security Controls
    3. 29.2 Environmental Issues and Controls
    4. Lesson 27-29 Assessment
  34. Module 4 Domain 4 Communication and Network Security
    1. Module introduction
  35. Lesson 30: Implement Secure Design Principles in Network Architectures
    1. Learning objectives
    2. 30.1 Network Models and IP Convergence
    3. 30.2 Non-IP Multilayer Protocols
    4. 30.3 Wireless Networks
  36. Lesson 31: Secure Network Components
    1. Learning objectives
    2. 31.1 Transmission and Connectivity
    3. 31.2 Network Access Control Devices
    4. 31.3 Endpoint Security
  37. Lesson 32: Implement Secure Communication Channels According to Design
    1. Learning objectives
    2. 32.1 Voice and Multimedia
    3. 32.2 Remote Access
    4. 32.3 Data Communications
    5. 32.4 Virtualization and Software-defined Networks
    6. Lesson 30-32 Assessment
  38. Module 5 Domain 5 Identity and Access Management (IAM)
    1. Module introduction
  39. Lesson 33: Control Physical and Logical Access to Assets
    1. Learning objectives
    2. 33.1 Access Control Fundamentals
  40. Lesson 34: Manage Identification and Authentication of People, Devices, and Services
    1. Learning objectives
    2. 34.1 Identification and Authentication
    3. 34.2 Identity and Access Services
  41. Lesson 35: Integrate Identify as a Third-party Service
    1. Learning objectives
    2. 35.1 Identity Management (IdM)
  42. Lesson 36: Implement and Manage Authorization Mechanisms
    1. Learning objectives
    2. 36.1 Access Control Models
  43. Lesson 37: Manage the Identity and Access Provisioning Lifecycle
    1. Learning objectives
    2. 37.1 Identity and Access Management (IAM)
    3. Lesson 33-37 Assessment
  44. Module 6 Domain 6 Security Assessment and Testing
    1. Module introduction
  45. Lesson 38: Design and Validate Assessment, Test, and Audit Strategies
    1. Learning objectives
    2. 38.1 Assessment and Testing Overview
    3. 38.2 Planning Engagements
  46. Lesson 39: Conduct Security Control Testing
    1. Learning objectives
    2. 39.1 Infrastructure Assessments
    3. 39.2 Code Testing and Analysis
  47. Lesson 40: Collect Security Process Data
    1. Learning objectives
    2. 40.1 Activity and Error Reporting
    3. 40.2 Information Security Continuous Monitoring
  48. Lesson 41: Analyze Test Output and Generate Report
    1. Learning objectives
    2. 41.1 Metrics, KPIs, and Business Intelligence
  49. Lesson 42: Conduct or Facilitate Security Audits
    1. Learning objectives
    2. 42.1 Managing Third-party Audits and Examinations
    3. Lesson 38-42 Assessment
  50. Module 7 Domain 7 Security Operations
    1. Module introduction
  51. Lesson 43: Understand and Support Investigations
    1. Learning objectives
    2. 43.1 Evidence Handling
    3. 43.2 Forensic Investigative Techniques
  52. Lesson 44: Understand Requirements for Investigation Types
    1. Learning objectives
    2. 44.1 Investigation Objectives and Requirements
  53. Lesson 45: Conduct Logging and Monitoring Activities
    1. Learning objectives
    2. 45.1 Logging and Analysis
    3. Lesson 43-45 Assessment
  54. Lesson 46: Securely Provisioning Resources
    1. Learning objectives
    2. 46.1 Configuration Management
  55. Lesson 47: Understand and Apply Foundational Security Operations Concepts
    1. Learning objectives
    2. 47.1 Security Operations
  56. Lesson 48: Apply Resource Protection Techniques
    1. Learning objectives
    2. 48.1 Media Management
    3. 48.2 Mobile Device Management
  57. Lesson 49: Conduct Incident Management
    1. Learning objectives
    2. 49.1 Incident Management Planning
    3. 49.2 Incident Response
    4. Lesson 46-49 Assessment
  58. Lesson 50: Operate and Maintain Detective and Preventative Measures
    1. Learning objectives
    2. 50.1 Detective and Preventative Solutions
    3. 50.2 Firewalls and Filters
    4. 50.3 IDS/IPS
    5. 50.4 Anti-Malware Techniques
  59. Lesson 51: Implement and Support Patch and Vulnerability Management
    1. Learning objectives
    2. 51.1 Vulnerability Management
    3. 51.2 Patch Management
    4. 51.3 Threat Intelligence and Information Sharing
  60. Lesson 52: Understand and Participate in Change Management Processes
    1. Learning objectives
    2. 52.1 Change Management
  61. Lesson 53: Implement Recovery Strategies
    1. Learning objectives
    2. 53.1 Site Recovery Strategies
    3. 53.2 Data Backup and Restoration
    4. 53.3 Resiliency and Fault Tolerance
    5. Lesson 50-53 Assessment
  62. Lesson 54: Implement Disaster Recovery (DR) Processes
    1. Learning objectives
    2. 54.1 DR Planning and Response
  63. Lesson 55: Test Disaster Recovery Plans (DRP)
    1. Learning objectives
    2. 55.1 DRP Training and Testing
  64. Lesson 56: Participate in Business Continuity (BC) Planning and Exercises
    1. Learning objectives
    2. 56.1 BCP Relationship
  65. Lesson 57: Implement and Manage Physical Security
    1. Learning objectives
    2. 57.1 Perimeter and Internal Security Controls
  66. Lesson 58: Address Personnel Safety and Security Concerns
    1. Learning objectives
    2. 58.1 Personnel and Workplace Safety
    3. Lesson 54-58 Assessment
  67. Module 8 Domain 8 Software Development Security
    1. Module introduction
  68. Lesson 59: Understand and Integrate Security in the Software Development Life Cycle (SDLC)
    1. Learning objectives
    2. 59.1 Software Development Life Cycle
    3. 59.2 Secure DevOps
  69. Lesson 60: Identify and Apply Security Controls in Development Environments
    1. Learning objectives
    2. 60.1 Staging and Deployment Strategies
  70. Lesson 61: Assess the Effectiveness of Software Security
    1. Learning objectives
    2. 61.1 Assessing the Effectiveness of Software Security
  71. Lesson 62: Assess Security Impact of Acquired Software
    1. Learning objectives
    2. 62.1 Software Procurement and Acquisition
  72. Lesson 63: Define and Apply Secure Coding Guidelines and Standards
    1. Learning objectives
    2. 63.1 Source Code Weaknesses
    3. 63.2 Secure Coding Techniques
    4. Lesson 59-63 Assessment
  73. Module 9 Becoming a CISSP
    1. Module introduction
  74. Lesson 64: Acing Your Exam
    1. Learning objectives
    2. 64.1 Understanding the Exam Structure
    3. 64.2 Test Taking Strategies
    4. 64.3 Preparing for Test Day
  75. Lesson 65: Certification Process
    1. Learning objectives
    2. 65.1 What to Expect at the Testing Center
    3. 65.2 Attaining and Maintaining Your CISSP Certification
  76. Summary
    1. CISSP: Summary

Product information

  • Title: CISSP, Second Edition
  • Author(s): Sari Greene
  • Release date: June 2018
  • Publisher(s): Pearson
  • ISBN: 0135180481