O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CISSP, Second Edition

Video Description

Duration
Almost 26 hours of deep-dive training covering every objective in the latest (ISC)2 CISSP exam.

Overview
CISSP Complete Video Course is an engaging self-paced video training solution that provides learners with almost 26 hours of personal training from 2017 Cybersecurity Educator of the Year, Sari Greene. With each lesson, Sari fully explains the topics associated with each CISSP exam objective. To reinforce what you’ve learned, each lesson concludes with a 3Sec Challenge to test your knowledge and a Security-in-Action case study to demonstrate how the lesson concepts apply to real-life scenarios. This combination of teaching, testing, and application will ensure that you are prepared to take the CISSP exam.

Description
CISSP Complete Video Course contains almost 26 hours of training with content divided into 9 modules with 65 exam objective-targeted lessons and 106 related sublessons. This title covers every objective in the newly updated (ISC)2 CISSP exam and includes screencast teaching, and applied real-world scenarios.
The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CISSP exam.

Major sections are as follows:

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
  • Becoming a CISSP

About the Instructor
Sari Greene is an information security practitioner, author, and entrepreneur. In 2003, Sari founded one of the first dedicated cybersecurity consultancies. She is a recognized leader in the field of cybersecurity and has amassed thousands of hours in the field working with a spectrum of technical, operational, compliance, and management personnel as well as boards of directors, regulators, service providers, and law enforcement agencies.

Sari’s first book was Tools and Techniques for Securing Microsoft Networks, commissioned by Microsoft to train its partner channel, followed soon after by the first edition of Security Policies and Procedures: Principles and Practices. The second edition of Security Program and Policies: Principles and Practices is currently being used in undergraduate and graduate programs nationwide. She is also the author and presenter of the best-selling CompTIA Security+ (SY0-501) Complete Video Course, and CISA Complete Video Course. Sari has published a number of articles related to cybersecurity; has been quoted in The New York Times, in The Wall Street Journal, on CNN, and on CNBC; speaks regularly at cybersecurity, legal, financial, and healthcare conferences and workshops around the country; and is a frequent guest lecturer.
Sari serves on the Bangor Savings Bank Board of Directors and is chair of the Enterprise Risk Management Committee. She provided expert witness testimony in the groundbreaking PATCO v. Ocean National Bank case, represents industry on the Massachusetts Bankers Association Cybersecurity Task Force, and is a member of the American Bankers Association cybersecurity faculty.

Sari earned her MBA from the University of New Hampshire system. She holds multiple industry accreditations, including CISSP-ISSMP, CRISC, CISM, CISA, MCSE, and NSA/IAM. She is also certified in Offshore Emergency Medicine. In 2017, she was awarded Cybersecurity Educator of the Year. Learn more at sarigreene.com.

Skill Level
Beginning

What You Will Learn

  • Every objective on the (ISC)2 CISSP exam
  • Tips to prepare for and pass the exam
  • Real-world cybersecurity skills

Who Should Take This Course
Primary audience: Anyone preparing for the (ISC)2 CISSP examination.
Secondary audience: Anyone interested in pursuing a career in cybersecurity.

Table of Contents
Introduction
Module 1 Domain 1 Security and Risk Management
Lesson 1: Understand and Apply Concepts of Confidentiality, Integrity and Availability
Lesson 2: Evaluate and Apply Security Governance Principles
Lesson 3: Determine Compliance Requirements
Lesson 4: Understand Legal and Regulatory Issues That Pertain to Information Security in a Global Context
Lesson 5: Understand, Adhere to and Promote Professional Ethics
Lesson 6: Develop, Document and Implement Security Policy, Standards, Procedures and Guidelines
Lesson 7: Identify, Analyze, and Prioritize Business Continuity (BC) Requirements
Lesson 8: Contribute to and Enforce Personnel Security Policies and Procedures
Lesson 9: Understand and Apply Risk Management Concepts
Lesson 10: Understand and Apply Threat Modeling Concepts and Methodologies
Lesson 11: Apply Risk Management Concepts to the Supply Chain
Lesson 12: Establish and Maintain a Security Awareness, Education, and Training Program
Module 2 Domain 2 Asset Security
Lesson 13: Identify and Classify Information and Assets
Lesson 14: Determine and Maintain Information and Asset Ownership
Lesson 15: Protect Privacy
Lesson 16: Ensure Appropriate Asset Retention
Lesson 17: Determine Data Security Controls
Lesson 18: Establish Information and Asset Handling Requirements
Module 3 Domain 3 Security Architecture and Engineering
Lesson 19: Implement and Manage Engineering Processes Using Secure Design Principles
Lesson 20: Understand the Fundamental Concepts of Security Models
Lesson 21: Select Controls Based Upon Systems Security Requirements
Lesson 22: Understand Security Capabilities of Information Systems
Lesson 23: Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
Lesson 24: Assess and Mitigate Vulnerabilities in Web-based Systems
Lesson 25: Assess and Mitigate Vulnerabilities in Mobile Systems
Lesson 26: Assess and Mitigate Vulnerabilities in Embedded Systems
Lesson 27: Apply Cryptography
Lesson 28: Apply Security Principles to Site and Facility Design
Lesson 29: Implement Site and Facility Security Controls
Module 4 Domain 4 Communication and Network Security
Lesson 30: Implement Secure Design Principles in Network Architectures
Lesson 31: Secure Network Components
Lesson 32: Implement Secure Communication Channels According to Design
Module 5 Domain 5 Identity and Access Management (IAM)
Lesson 33: Control Physical and Logical Access to Assets
Lesson 34: Manage Identification and Authentication of People, Devices, and Services
Lesson 35: Integrate Identify as a Third-party Service
Lesson 36: Implement and Manage Authorization Mechanisms
Lesson 37: Manage the Identity and Access Provisioning Lifecycle
Module 6 Domain 6 Security Assessment and Testing
Lesson 38: Design and Validate Assessment, Test, and Audit Strategies
Lesson 39: Conduct Security Control Testing
Lesson 40: Collect Security Process Data
Lesson 41: Analyze Test Output and Generate Report
Lesson 42: Conduct or Facilitate Security Audits
Module 7 Domain 7 Security Operations
Lesson 43: Understand and Support Investigations
Lesson 44: Understand Requirements for Investigation Types
Lesson 45: Conduct Logging and Monitoring Activities
Lesson 46: Securely Provisioning Resources
Lesson 47: Understand and Apply Foundational Security Operations Concepts
Lesson 48: Apply Resource Protection Techniques
Lesson 49: Conduct Incident Management
Lesson 50: Operate and Maintain Detective and Preventative Measures
Lesson 51: Implement and Support Patch and Vulnerability Management
Lesson 52: Understand and Participate in Change Management Processes
Lesson 53: Implement Recovery Strategies
Lesson 54: Implement Disaster Recovery (DR) Processes
Lesson 55: Test Disaster Recovery Plans (DRP)
Lesson 56: Participate in Business Continuity (BC) Planning and Exercises
Lesson 57: Implement and Manage Physical Security
Lesson 58: Address Personnel Safety and Security Concerns
Module 8 Domain 8 Software Development Security
Lesson 59: Understand and Integrate Security in the Software Development Life Cycle (SDLC)
Lesson 60: Identify and Apply Security Controls in Development Environments
Lesson 61: Assess the Effectiveness of Software Security
Lesson 62: Assess Security Impact of Acquired Software
Lesson 63: Define and Apply Secure Coding Guidelines and Standards
Module 9 Becoming a CISSP
Lesson 64: Acing Your Exam
Lesson 65: Certification Process
Summary

About LiveLessons Video Training
Pearson’s LiveLessons video training series publishes the industry’s leading video tutorials for IT pros, developers, sys admins, devops, network engineers, and certification candidates. LiveLessons feature the highest-quality professional skills training led by recognized author instructors published by Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT certification, programming, development, networking, software skills for the home, office, and business, and more. Your purchase provides you with lifetime online access to the content.

http://www.pearsonitcertification.com/livelessons

Table of Contents

  1. Introduction
    1. CISSP: Introduction 00:06:31
  2. Module 1 Domain 1 Security and Risk Management
    1. Module introduction 00:01:07
  3. Lesson 1: Understand and Apply Concepts of Confidentiality, Integrity and Availability
    1. Learning objectives 00:00:22
    2. 1.1 Information Security Fundamentals 00:15:20
  4. Lesson 2: Evaluate and Apply Security Governance Principles
    1. Learning objectives 00:00:25
    2. 2.1 Frameworks, Benchmarks, and Guidelines 00:16:07
    3. 2.2 Leadership Roles and Responsibilities 00:22:38
  5. Lesson 3: Determine Compliance Requirements
    1. Learning objectives 00:00:23
    2. 3.1 Regulatory and Contractual Obligations 00:13:14
    3. 3.2 Privacy and Data Protection 00:11:26
  6. Lesson 4: Understand Legal and Regulatory Issues That Pertain to Information Security in a Global Context
    1. Learning objectives 00:00:33
    2. 4.1 Cybercrime and Data Breaches 00:13:53
    3. 4.2 Licensing and Intellectual Property Law 00:10:41
    4. Lesson 1-4 Assessment 00:12:12
  7. Lesson 5: Understand, Adhere to and Promote Professional Ethics
    1. Learning objectives 00:00:22
    2. 5.1 Organizational and Professional Ethics 00:06:59
  8. Lesson 6: Develop, Document and Implement Security Policy, Standards, Procedures and Guidelines
    1. Learning objectives 00:00:23
    2. 6.1 Information Security Policy 00:13:45
  9. Lesson 7: Identify, Analyze, and Prioritize Business Continuity (BC) Requirements
    1. Learning objectives 00:00:26
    2. 7.1 Business Continuity Planning 00:11:13
    3. 7.2 Business Impact Analysis 00:14:17
  10. Lesson 8: Contribute to and Enforce Personnel Security Policies and Procedures
    1. Learning objectives 00:00:26
    2. 8.1 Personnel Policies and Agreements 00:17:53
    3. Lesson 5-8 Assessment 00:12:34
  11. Lesson 9: Understand and Apply Risk Management Concepts
    1. Learning objectives 00:00:27
    2. 9.1 Risk Management Concepts 00:15:42
    3. 9.2 Risk Assessment 00:16:51
    4. 9.3 Countermeasure Selection 00:15:27
  12. Lesson 10: Understand and Apply Threat Modeling Concepts and Methodologies
    1. Learning objectives 00:00:22
    2. 10.1 Threat Modeling 00:13:07
    3. 10.2 Attack Vectors 00:16:22
  13. Lesson 11: Apply Risk Management Concepts to the Supply Chain
    1. Learning objectives 00:00:20
    2. 11.1 Supply Chain Risk Management 00:11:36
  14. Lesson 12: Establish and Maintain a Security Awareness, Education, and Training Program
    1. Learning objectives 00:00:34
    2. 12.1 SETA Principles and Practices 00:13:21
    3. 12.2 Social Engineering Training 00:11:34
    4. Lesson 9-12 Assessment 00:12:45
  15. Module 2 Domain 2 Asset Security
    1. Module introduction 00:00:52
  16. Lesson 13: Identify and Classify Information and Assets
    1. Learning objectives 00:00:19
    2. 13.1 Classification Frameworks 00:14:04
  17. Lesson 14: Determine and Maintain Information and Asset Ownership
    1. Learning objectives 00:00:20
    2. 14.1 Asset Ownership and Management 00:16:00
  18. Lesson 15: Protect Privacy
    1. Learning objectives 00:00:18
    2. 15.1 Privacy Principles 00:14:39
  19. Lesson 16: Ensure Appropriate Asset Retention
    1. Learning objectives 00:00:20
    2. 16.1 Data Retention and Destruction 00:16:52
  20. Lesson 17: Determine Data Security Controls
    1. Learning objectives 00:00:20
    2. 17.1 Data Security Standards and Selection 00:10:31
  21. Lesson 18: Establish Information and Asset Handling Requirements
    1. Learning objectives 00:00:29
    2. 18.1 Labeling and Handling Standards 00:13:21
    3. Lesson 13-18 Assessment 00:10:55
  22. Module 3 Domain 3 Security Architecture and Engineering
    1. Module introduction 00:01:14
  23. Lesson 19: Implement and Manage Engineering Processes Using Secure Design Principles
    1. Learning objectives 00:00:21
    2. 19.1 Security Design Principles 00:09:47
  24. Lesson 20: Understand the Fundamental Concepts of Security Models
    1. Learning objectives 00:00:19
    2. 20.1 Information Security Models 00:13:47
  25. Lesson 21: Select Controls Based Upon Systems Security Requirements
    1. Learning objectives 00:00:20
    2. 21.1 Security Evaluation Models 00:09:45
  26. Lesson 22: Understand Security Capabilities of Information Systems
    1. Learning objectives 00:00:28
    2. 22.1 Information Systems Security Capabilities 00:09:52
    3. Lesson 19-22 Assessment 00:10:55
  27. Lesson 23: Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
    1. Learning objectives 00:00:27
    2. 23.1 Traditional Computing Environments 00:09:25
    3. 23.2 Cloud Computing 00:15:35
  28. Lesson 24: Assess and Mitigate Vulnerabilities in Web-based Systems
    1. Learning objectives 00:00:20
    2. 24.1 Web Vulnerabilities 00:12:23
  29. Lesson 25: Assess and Mitigate Vulnerabilities in Mobile Systems
    1. Learning objectives 00:00:21
    2. 25.1 Mobile Systems Vulnerabilities 00:12:07
  30. Lesson 26: Assess and Mitigate Vulnerabilities in Embedded Systems
    1. Learning objectives 00:00:27
    2. 26.1 Embedded Systems Vulnerabilities 00:09:43
    3. Lesson 23-26 Assessment 00:11:25
  31. Lesson 27: Apply Cryptography
    1. Learning objectives 00:00:41
    2. 27.1 Cryptographic Fundamentals 00:12:47
    3. 27.2 Symmetric Encryption 00:12:57
    4. 27.3 Asymmetric Encryption 00:16:25
    5. 27.4 Hashing and Digital Signatures 00:17:07
    6. 27.5 PKI and Digital Certificates 00:15:06
    7. 27.6 Cryptographic Attacks and Vulnerabilities 00:12:05
  32. Lesson 28: Apply Security Principles to Site and Facility Design
    1. Learning objectives 00:00:20
    2. 28.1 Physical Security Principles 00:11:07
  33. Lesson 29: Implement Site and Facility Security Controls
    1. Learning objectives 00:00:34
    2. 29.1 Site and Facility Security Controls 00:13:40
    3. 29.2 Environmental Issues and Controls 00:13:23
    4. Lesson 27-29 Assessment 00:12:07
  34. Module 4 Domain 4 Communication and Network Security
    1. Module introduction 00:00:54
  35. Lesson 30: Implement Secure Design Principles in Network Architectures
    1. Learning objectives 00:00:28
    2. 30.1 Network Models and IP Convergence 00:15:05
    3. 30.2 Non-IP Multilayer Protocols 00:06:33
    4. 30.3 Wireless Networks 00:17:22
  36. Lesson 31: Secure Network Components
    1. Learning objectives 00:00:26
    2. 31.1 Transmission and Connectivity 00:17:18
    3. 31.2 Network Access Control Devices 00:16:27
    4. 31.3 Endpoint Security 00:09:58
  37. Lesson 32: Implement Secure Communication Channels According to Design
    1. Learning objectives 00:00:43
    2. 32.1 Voice and Multimedia 00:13:27
    3. 32.2 Remote Access 00:16:27
    4. 32.3 Data Communications 00:15:35
    5. 32.4 Virtualization and Software-defined Networks 00:14:10
    6. Lesson 30-32 Assessment 00:11:39
  38. Module 5 Domain 5 Identity and Access Management (IAM)
    1. Module introduction 00:00:54
  39. Lesson 33: Control Physical and Logical Access to Assets
    1. Learning objectives 00:00:21
    2. 33.1 Access Control Fundamentals 00:15:42
  40. Lesson 34: Manage Identification and Authentication of People, Devices, and Services
    1. Learning objectives 00:00:29
    2. 34.1 Identification and Authentication 00:19:10
    3. 34.2 Identity and Access Services 00:16:52
  41. Lesson 35: Integrate Identify as a Third-party Service
    1. Learning objectives 00:00:22
    2. 35.1 Identity Management (IdM) 00:14:03
  42. Lesson 36: Implement and Manage Authorization Mechanisms
    1. Learning objectives 00:00:20
    2. 36.1 Access Control Models 00:11:54
  43. Lesson 37: Manage the Identity and Access Provisioning Lifecycle
    1. Learning objectives 00:00:32
    2. 37.1 Identity and Access Management (IAM) 00:12:44
    3. Lesson 33-37 Assessment 00:12:52
  44. Module 6 Domain 6 Security Assessment and Testing
    1. Module introduction 00:00:55
  45. Lesson 38: Design and Validate Assessment, Test, and Audit Strategies
    1. Learning objectives 00:00:24
    2. 38.1 Assessment and Testing Overview 00:09:37
    3. 38.2 Planning Engagements 00:12:52
  46. Lesson 39: Conduct Security Control Testing
    1. Learning objectives 00:00:23
    2. 39.1 Infrastructure Assessments 00:18:26
    3. 39.2 Code Testing and Analysis 00:10:07
  47. Lesson 40: Collect Security Process Data
    1. Learning objectives 00:00:24
    2. 40.1 Activity and Error Reporting 00:10:35
    3. 40.2 Information Security Continuous Monitoring 00:10:25
  48. Lesson 41: Analyze Test Output and Generate Report
    1. Learning objectives 00:00:22
    2. 41.1 Metrics, KPIs, and Business Intelligence 00:07:07
  49. Lesson 42: Conduct or Facilitate Security Audits
    1. Learning objectives 00:00:30
    2. 42.1 Managing Third-party Audits and Examinations 00:14:39
    3. Lesson 38-42 Assessment 00:14:30
  50. Module 7 Domain 7 Security Operations
    1. Module introduction 00:01:19
  51. Lesson 43: Understand and Support Investigations
    1. Learning objectives 00:00:23
    2. 43.1 Evidence Handling 00:10:23
    3. 43.2 Forensic Investigative Techniques 00:14:55
  52. Lesson 44: Understand Requirements for Investigation Types
    1. Learning objectives 00:00:22
    2. 44.1 Investigation Objectives and Requirements 00:08:07
  53. Lesson 45: Conduct Logging and Monitoring Activities
    1. Learning objectives 00:00:25
    2. 45.1 Logging and Analysis 00:13:08
    3. Lesson 43-45 Assessment 00:14:32
  54. Lesson 46: Securely Provisioning Resources
    1. Learning objectives 00:00:19
    2. 46.1 Configuration Management 00:06:24
  55. Lesson 47: Understand and Apply Foundational Security Operations Concepts
    1. Learning objectives 00:00:21
    2. 47.1 Security Operations 00:12:21
  56. Lesson 48: Apply Resource Protection Techniques
    1. Learning objectives 00:00:23
    2. 48.1 Media Management 00:12:18
    3. 48.2 Mobile Device Management 00:14:36
  57. Lesson 49: Conduct Incident Management
    1. Learning objectives 00:00:28
    2. 49.1 Incident Management Planning 00:12:19
    3. 49.2 Incident Response 00:12:33
    4. Lesson 46-49 Assessment 00:15:58
  58. Lesson 50: Operate and Maintain Detective and Preventative Measures
    1. Learning objectives 00:00:33
    2. 50.1 Detective and Preventative Solutions 00:09:13
    3. 50.2 Firewalls and Filters 00:17:33
    4. 50.3 IDS/IPS 00:12:00
    5. 50.4 Anti-Malware Techniques 00:08:31
  59. Lesson 51: Implement and Support Patch and Vulnerability Management
    1. Learning objectives 00:00:29
    2. 51.1 Vulnerability Management 00:12:26
    3. 51.2 Patch Management 00:07:40
    4. 51.3 Threat Intelligence and Information Sharing 00:10:01
  60. Lesson 52: Understand and Participate in Change Management Processes
    1. Learning objectives 00:00:20
    2. 52.1 Change Management 00:08:31
  61. Lesson 53: Implement Recovery Strategies
    1. Learning objectives 00:00:35
    2. 53.1 Site Recovery Strategies 00:09:07
    3. 53.2 Data Backup and Restoration 00:14:24
    4. 53.3 Resiliency and Fault Tolerance 00:13:36
    5. Lesson 50-53 Assessment 00:17:13
  62. Lesson 54: Implement Disaster Recovery (DR) Processes
    1. Learning objectives 00:00:21
    2. 54.1 DR Planning and Response 00:13:20
  63. Lesson 55: Test Disaster Recovery Plans (DRP)
    1. Learning objectives 00:00:22
    2. 55.1 DRP Training and Testing 00:09:31
  64. Lesson 56: Participate in Business Continuity (BC) Planning and Exercises
    1. Learning objectives 00:00:23
    2. 56.1 BCP Relationship 00:09:57
  65. Lesson 57: Implement and Manage Physical Security
    1. Learning objectives 00:00:22
    2. 57.1 Perimeter and Internal Security Controls 00:12:20
  66. Lesson 58: Address Personnel Safety and Security Concerns
    1. Learning objectives 00:00:31
    2. 58.1 Personnel and Workplace Safety 00:07:22
    3. Lesson 54-58 Assessment 00:16:11
  67. Module 8 Domain 8 Software Development Security
    1. Module introduction 00:00:55
  68. Lesson 59: Understand and Integrate Security in the Software Development Life Cycle (SDLC)
    1. Learning objectives 00:00:26
    2. 59.1 Software Development Life Cycle 00:15:49
    3. 59.2 Secure DevOps 00:10:14
  69. Lesson 60: Identify and Apply Security Controls in Development Environments
    1. Learning objectives 00:00:21
    2. 60.1 Staging and Deployment Strategies 00:11:02
  70. Lesson 61: Assess the Effectiveness of Software Security
    1. Learning objectives 00:00:21
    2. 61.1 Assessing the Effectiveness of Software Security 00:11:58
  71. Lesson 62: Assess Security Impact of Acquired Software
    1. Learning objectives 00:00:21
    2. 62.1 Software Procurement and Acquisition 00:15:07
  72. Lesson 63: Define and Apply Secure Coding Guidelines and Standards
    1. Learning objectives 00:00:36
    2. 63.1 Source Code Weaknesses 00:13:25
    3. 63.2 Secure Coding Techniques 00:12:16
    4. Lesson 59-63 Assessment 00:12:32
  73. Module 9 Becoming a CISSP
    1. Module introduction 00:00:35
  74. Lesson 64: Acing Your Exam
    1. Learning objectives 00:00:22
    2. 64.1 Understanding the Exam Structure 00:01:59
    3. 64.2 Test Taking Strategies 00:04:15
    4. 64.3 Preparing for Test Day 00:02:13
  75. Lesson 65: Certification Process
    1. Learning objectives 00:00:23
    2. 65.1 What to Expect at the Testing Center 00:03:40
    3. 65.2 Attaining and Maintaining Your CISSP Certification 00:01:40
  76. Summary
    1. CISSP: Summary 00:01:01