O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CISSP Video Course Domain 1 – Information Security and Risk Management

Video Description

The fast, powerful way to prepare for your CISSP exam!

30+ hours of personal video training from leading security expert Shon Harris

Achieving the (ISC)2’s globally recognized CISSP can give your IT career a lift. In this DVD, the world’s #1 CISSP trainer brings her legendary five-day boot camp to your computer screen. Packed with over 30 hours of instruction adapted from Shon’s classes, this video course includes realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-word settings. Preparing for the CISSP has never been this easy or convenient.

Master the skills and concepts you need for all ten CISSP common body of knowledge domains:

  • Access Control

  • Application Security

  • Business Continuity and Disaster Recovery Planning

  • Cryptography

  • Information Security and Risk Management

  • Legal, Regulations, Compliance, and Investigations

  • Operations Security

  • Physical (Environmental) Security

  • Security Architecture and Design

  • Telecommunications and Network Security

  • System Requirements

    OPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4 (Tiger) or later
    MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card with speakers
    COMPUTER: 500MHz or higher CPU; 128MB RAM or more

    Table of Contents

    1. Course Introduction 00:07:24
    2. Domain 1 – Information Security and Risk Management 00:01:32
    3. Mainframe Days 00:03:17
    4. Today's Environment 00:01:36
    5. Security Definitions 00:02:01
    6. Examples of Some Vulnerabilities that Are Not Always Obvious 00:02:10
    7. Risk – What Does It Really Mean? 00:02:10
    8. Relationships 00:02:02
    9. Who Deals with Risk? 00:03:32
    10. AIC Triad 00:03:33
    11. Who Is Watching? 00:02:05
    12. Social Engineering 00:04:06
    13. What Security People Are Really Thinking 00:01:14
    14. Security Concepts 00:01:00
    15. Security? 00:04:57
    16. The Bad Guys Are Motivated 00:02:38
    17. Open Standards 00:01:56
    18. Without Standards 00:01:04
    19. Controls 00:04:42
    20. Holistic Security 00:03:38
    21. Different Types of Law 00:03:22
    22. How Is Liability Determined? 00:01:22
    23. Due Diligence and Due Care 00:02:01
    24. Prudent Person Rule 00:05:14
    25. Risk Management 00:06:34
    26. Planning Stage –Scope 00:02:04
    27. Planning Stage – Analysis Method 00:01:01
    28. Risk Management Tools 00:01:50
    29. Defining Acceptable Levels 00:02:24
    30. Acceptable Risk Level 00:00:52
    31. Collecting and Analyzing Data Methods 00:01:04
    32. What Is a Company Asset? 00:00:48
    33. Data Collection – Identify Assets 00:01:01
    34. Data Collection – Assigning Values 00:01:34
    35. Asset Value 00:01:03
    36. Data Collection – Identify Threats 00:01:20
    37. Data Collection – Calculate Risks 00:01:38
    38. Scenario Based – Qualitative 00:00:43
    39. Risk Approach 00:00:40
    40. Qualitative Analysis Steps 00:00:56
    41. Want Real Answers? 00:00:53
    42. Qualitative Risk Analysis 00:03:17
    43. ARO Values 00:07:46
    44. Can a Purely Quantitative Analysis Be Accomplished? 00:01:25
    45. Risk Types 00:00:39
    46. Losses 00:01:25
    47. Cost/Benefit Analysis 00:00:58
    48. Cost of a Countermeasure 00:01:21
    49. Cost/Benefit Analysis Countermeasure Criteria 00:02:55
    50. Calculating Cost/Benefit 00:01:01
    51. Controls II 00:02:01
    52. Quantitative Analysis 00:02:58
    53. Can You Get Rid of All Risk? 00:02:34
    54. Uncertainty Analysis 00:01:11
    55. Dealing with Risk 00:01:20
    56. Management's Response to Identified Risks 00:01:51
    57. Risk Acceptance 00:01:42
    58. Risk Analysis Process Summary 00:01:09
    59. Components of Security Program 00:00:49
    60. A Layered Approach 00:01:22
    61. In Security, You Never Want Any Surprises 00:00:52
    62. Building Foundation 00:00:46
    63. Security Roadmap 00:03:30
    64. Functional and Assurance Requirements 00:00:56
    65. Most Organizations 00:04:14
    66. Silo Security Structure 00:02:27
    67. Security Is a Process 00:01:06
    68. Approach to Security Management 00:01:05
    69. Result of Battling Management 00:00:27
    70. Industry Best Practices Standards 00:01:29
    71. Pieces and Parts 00:00:54
    72. Numbering 00:01:11
    73. New ISO Standards 00:01:27
    74. COBIT 00:02:23
    75. Measurements 00:00:29
    76. Information Technology Infrastructure Library 00:01:54
    77. Security Governance 00:05:00
    78. Security Program Components 00:00:28
    79. Policy Framework 00:05:13
    80. Standards 00:03:32
    81. Data Collection for Metrics 00:02:26
    82. Tying Them Together 00:01:45
    83. Entity Relationships 00:00:13
    84. Senior Management's Role 00:01:05
    85. Security Roles 00:04:07
    86. Information Classification 00:00:55
    87. Data Leakage 00:00:45
    88. Do You Want to End Up In the News? 00:00:53
    89. Types of Classification Levels 00:00:47
    90. Data Protection Levels 00:00:53
    91. Classification Program Steps 00:03:04
    92. Classification Levels 00:03:14
    93. Information Owner Requirements 00:00:50
    94. Clearly Labeled 00:01:01
    95. Testing Classification Program 00:00:59
    96. Employee Management 00:00:18
    97. Employee Position and Management 00:00:47
    98. Hiring and Firing Issues 00:02:36
    99. Unfriendly Termination 00:02:13
    100. Security Awareness and Training 00:01:52
    101. Training Characteristics 00:01:13
    102. Security Enforcement Issues 00:00:53
    103. Answer This Question 00:02:19
    104. Domain 1 Review 00:03:12