O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Learning Path: Preparation for CISSP Certification, Domains 1–4

Video Description

CISSP (Certified Information Systems Security Professional) certification is considered by many to be the must-have certification for information security practitioners. With this Learning Path you'll prepare for a crucial requirement of your certification—the CISSP exam. You'll work through the first 4 of 8 Domains included on the exam: Security and Risk Management, Asset Security, Security Engineering, and Communication and Network Security. It includes the newest topics and content included in the most recent release of the (ISC)2 Exam Outline for the CISSP exam (released April,2015).

Table of Contents

  1. CISSP Course Introduction
    1. CISSP Course Introduction 00:01:24
    2. CISSP Certification 00:08:27
    3. CISSP Certification Requirements 00:03:40
  2. Security Concepts
    1. Information Assets - Part 1 00:06:03
    2. Information Assets - Part 2 00:03:30
    3. The CIA Triad - Part 1 00:08:56
    4. The CIA Triad - Part 2 00:07:11
    5. Risk - Part 1 00:05:15
    6. Risk - Part 2 00:08:27
    7. Threats To Data 00:06:26
    8. Threat Of Litigation 00:07:34
    9. Countermeasures 00:05:57
    10. Roles And Responsibilities 00:05:45
  3. Security Governance
    1. Security Governance 00:06:31
    2. The Security Program - Part 1 00:08:50
    3. The Security Program - Part 2 00:06:37
    4. Policies - Part 1 00:05:14
    5. Policies - Part 2 00:06:21
    6. Policies - Part 3 00:06:48
    7. Control Frameworks 00:06:21
    8. Compliance 00:07:30
    9. Privacy And Legal Systems 00:05:42
    10. Common Legal System And Export Controls 00:06:39
    11. Trans-Border Information Flow 00:05:54
    12. Intellectual Property Protection 00:04:45
    13. DRM, IRM, And Licensing 00:06:19
    14. Piracy And PCI DSS 00:08:40
    15. Auditing, Reporting, And Metrics 00:07:38
    16. Ethics 00:07:09
    17. Cybercrime 00:08:45
    18. Cybercrime Attackers 00:07:24
    19. Prosecuting Cybercrime And Third Party Governance 00:08:31
  4. Risk Management
    1. Risk Management Project Initiation 00:08:00
    2. Risk Management Framework NIST SP800-37 00:07:46
    3. Assets 00:07:20
    4. Quantitative Qualitative Value 00:07:41
    5. Asset Classification 00:08:25
    6. Threat Analysis 00:06:24
    7. ALE 00:05:03
    8. Countermeasures - Part 1 00:06:39
    9. Countermeasures - Part 2 00:08:19
    10. Cost Justification 00:07:22
    11. Dealing With Risk 00:07:20
    12. Approvals 00:06:08
    13. Completing The Risk Management Project 00:07:00
    14. BCP And DRP 00:07:54
    15. BCP, DRP, BIA, And MTD 00:08:07
    16. RPO And RTO 00:07:22
  5. Personnel Security
    1. Personnel Security 00:06:47
    2. Separation Of Duties 00:07:37
    3. Fraud Prevention And Detection 00:08:57
    4. Monitoring And Enforcement 00:07:14
    5. Pre-Hire Screening And Agreements 00:07:38
    6. Onboarding 00:06:45
    7. Account Provisioning 00:07:40
    8. Monitoring And Termination 00:07:34
    9. Termination 00:04:39
  6. Security Awareness Training
    1. Security Awareness Training 00:05:58
    2. Security Awareness Training Topics - Part 1 00:08:44
    3. Security Awareness Training Topics - Part 2 00:06:17
    4. Privileged Users 00:08:15
    5. Enforcement 00:03:45
  7. Wrap Up
    1. Wrap Up 00:03:49
  8. Asset Security - Introduction
    1. Introduction 00:02:18
  9. The Information Lifecycle
    1. Information Lifecycle 00:09:38
    2. Information Assets 00:08:27
    3. Location Of Information Assets 00:08:23
    4. Access Control And CIA 00:10:13
    5. CIA 00:02:25
  10. Roles And Responsibilities
    1. Senior Management 00:06:41
    2. Security Professional 00:06:00
    3. Data Owner, System Custodian, And User 00:08:25
    4. Third Party Service Providers 00:06:45
  11. Data Classification
    1. Data Classification - Part 1 00:06:14
    2. Data Classification - Part 2 00:06:58
    3. The Data Classification Process 00:08:34
    4. Inventory 00:07:07
    5. Asset Value And Criteria 00:08:50
    6. Protections 00:06:35
    7. Labeling 00:06:40
    8. Technologies 00:09:30
    9. Monitoring And Training 00:07:31
  12. Data Retention
    1. Data Retention - Part 1 00:09:47
    2. Data Retention - Part 2 00:04:31
  13. Security Controls
    1. ATP - Part 1 00:10:15
    2. ATP - Part 2 00:06:59
    3. ATP - Part 3 00:12:17
    4. Baselines - Part 1 00:07:43
    5. Baselines - Part 2 00:11:08
    6. Baselines - Part 3 00:03:45
    7. Configuration Management - Part 1 00:08:41
    8. Configuration Management - Part 2 00:08:42
    9. Configuration Management - Part 3 00:09:50
    10. Data And Media Handling 00:08:09
    11. Data Remanence 00:08:32
    12. Secure Deletion - Part 1 00:06:37
    13. Secure Deletion - Part 2 00:09:00
  14. Wrap Up
    1. Conclusion 00:04:41
  15. Security Engineering - Introduction
    1. Introduction 00:05:45
  16. Security Models
    1. Introduction To Security Models 00:07:12
    2. Bell-Lapadula 00:09:21
    3. Biba 00:10:11
    4. Applying The Models 00:08:20
    5. Clark-Wilson 00:06:47
    6. Clark-Wilson Brewer-Nash 00:04:57
    7. TCB 00:09:45
    8. TCSEC 00:07:33
    9. ITSEC 00:04:05
    10. Common Criteria 00:05:39
  17. Computer Hardware Architecture
    1. Overview 00:06:58
    2. CPU 00:07:04
    3. Motherboard 00:05:29
    4. Memory 00:07:06
    5. Virtual Memory 00:10:00
    6. Memory 00:07:52
    7. TPM 00:09:32
  18. Operating System Architecture
    1. Overview 00:09:14
    2. Four Ring Architecture 00:06:05
    3. Kernel Mode 00:07:16
    4. Features 00:06:29
    5. Processes Threads And Buffers 00:09:04
    6. Process And Memory Management 00:08:59
    7. Reference Monitor 00:06:20
    8. System Self Protection 00:06:52
    9. Hardened Server 00:07:57
  19. Virtualization
    1. Virtualization Overview - Part 1 00:08:57
    2. Virtualization Overview - Part 2 00:08:28
  20. Information Systems And Application Architecture
    1. Architecture - Part 1 00:06:31
    2. Architecture - Part 2 00:04:51
    3. Architecture - Part 3 00:07:23
    4. Cloud Computing - Part 1 00:05:16
    5. Cloud Computing - Part 2 00:04:29
    6. IoT And Industrial Controls 00:05:11
    7. Application Architecture 00:05:52
    8. Databases - Part 1 00:06:00
    9. Databases - Part 2 00:04:47
    10. Database Issues - Part 1 00:05:12
    11. Database Issues - Part 2 00:09:19
    12. Middleware 00:09:01
    13. Mining Databases 00:05:51
    14. Web Applications 00:07:26
    15. Mobile Code Cookies 00:06:04
    16. Mobile Code XSS 00:07:33
    17. Mobile Code Java ActiveX 00:07:10
    18. Web Applications Browser Email 00:04:43
    19. Web Applications Input Validation 00:03:21
    20. Web Applications OWASP 00:01:57
  21. Introduction To Cryptography
    1. Cryptography - Part 1 00:05:34
    2. Cryptography - Part 2 00:04:22
    3. Cryptographic Algorithms 00:03:46
    4. Strong Cryptography 00:04:50
    5. Cryptographic Keys 00:03:49
    6. Key Management 00:06:02
  22. Hashing Algorithms
    1. Introduction To Hashing Algorithms 00:06:19
    2. How Hashing Works 00:04:29
    3. Hashing Algorithms 00:06:53
    4. Strong Hashing Algorithms 00:03:12
    5. Hashing Services 00:06:08
  23. Symmetric Key Algorithms
    1. Symmetric Key Cryptography 00:05:45
    2. Symmetric Key Services 00:08:43
    3. Symmetric Key Algorithms 00:06:50
    4. Cracking Symmetric Key Algorithms 00:03:10
    5. Vigenere Symmetric Key Algorithm 00:06:52
    6. Boolean Logic XOR 00:06:27
    7. Kerckhoffs And Gilbert Vernam 00:05:17
    8. Hebern, Enigma, Feistel, S And T 00:05:14
    9. Block Ciphers And Stream Ciphers 00:05:12
    10. DES And 3DES 00:06:55
    11. AES, Block Ciphers And Variables 00:06:56
    12. Block Cipher Modes - ECB And CBC 00:05:47
    13. Block Cipher Modes - OFB And CFB 00:07:40
    14. Block Cipher Modes - CTR 00:03:11
    15. Message Authentication Code 00:03:19
    16. MAC And HMAC 00:06:44
    17. CBC-MAC And Symmetric Summary 00:04:01
  24. Asymmetric Key Algorithms
    1. Asymmetric Key Cryptography 00:05:31
    2. Asymmetric Key Services 00:06:48
    3. Asymmetric Key Management 00:06:12
    4. Key Distribution And Digital Signature 00:05:53
    5. Digital Signature 00:05:09
    6. Confidentiality And Digital Signature 00:06:54
    7. Multiple Recipients 00:03:19
    8. SSL And TLS 00:08:06
    9. Asymmetric Key Algorithms - Diffie Hellman Merkle 00:07:10
    10. RSA, ELGamal, ECC And DSS 00:07:03
    11. Asymmetric Key Cryptography Review 00:06:21
  25. Cryptography In Use
    1. Link End-To-End PKI 00:06:47
    2. PKI - Part 1 00:07:56
    3. PKI - Part 2 00:05:21
    4. PGP And S/MIME 00:05:13
    5. Set 00:04:49
    6. VPN, SSL, TLS And Protocols 00:06:01
  26. Attacks On Cryptography
    1. Introduction To Attacks On Cryptography 00:05:35
    2. Brute Force, Dictionary, Hybrid And Rainbow 00:06:06
    3. Plaintext, Ciphertext And Adaptive 00:07:38
  27. Physical Security
    1. Introduction To Physical Security 00:06:13
    2. Goals And Facility 00:06:40
    3. Perimeter Defense And Access Control 00:06:05
    4. Security Zones And Environment 00:05:43
    5. Electrical Issues 00:06:13
    6. Fire Safety 00:04:28
    7. Fire Detectors 00:04:04
    8. Fire Extinguishers And Sprinklers 00:05:26
    9. Gas Suppressants And Fire Training 00:05:46
  28. Conclusion
    1. Wrap Up 00:06:58
  29. Introduction
    1. CISSP Introduction 00:08:21
  30. The Open Systems Interconnection Model
    1. Introduction To The OSI Model 00:07:38
    2. OSI Layers 7 And 6 00:06:05
    3. OSI Layer 5 00:07:34
    4. OSI Layer 4 00:07:52
    5. OSI Layer 4 - TCP And UDP 00:07:58
    6. OSI Layer 4 - Port Numbers 00:12:26
    7. OSI Layer 3 00:10:29
    8. OSI Layer 3 IPv4 Header And Addressing 00:08:13
    9. OSI Layer 3 IPv4 Addressing 00:10:20
    10. OSI Layer 3 IPv6 Addressing 00:07:34
    11. OSI Layer 3 IPv6 IPconfig RIRs 00:07:09
    12. OSI Layer 3 Routing Decision 00:05:25
    13. OSI Layer 2 - Part 1 00:07:35
    14. OSI Layer 2 - Part 2 00:09:21
    15. OSI Layer 2 MAC Addresses And ARP 00:08:27
    16. OSI Layer 2 ARP Cache Poisoning And Error Detection 00:09:59
    17. OSI Layer 1 And IEEE 802 00:08:19
  31. Transmission Media And Technologies
    1. Transmission Media And Technologies 00:08:21
    2. Media And Fiber Optic Cable 00:07:26
    3. Media Coax UTP STP 00:07:19
    4. Media UTP STP 00:07:13
    5. Media Wireless 00:04:31
    6. Modulation And Encoding 00:06:39
    7. Modulation Encoding And Multiplexing 00:07:10
    8. Network Topologies 00:07:04
    9. Network Types And Sizes 00:07:29
    10. Transmission Types 00:08:39
    11. Circuit Switching 00:05:54
    12. Packet Switching 00:07:51
    13. Media Access Polling 00:06:04
    14. Media Access Token Passing 00:07:31
    15. Media Access CSMA CA 00:09:41
    16. Media Access CSMA CD 00:08:39
  32. Network Infrastructures And Application Architecture
    1. Network Infrastructure And App Architecture 00:07:29
    2. Mainframes 00:03:40
    3. Endpoint Systems 00:09:07
    4. Network Services 00:11:02
    5. Segments Subnets And Domains - Part 1 00:07:28
    6. Segments Subnets And Domains - Part 2 00:06:38
    7. Layer 1 Devices 00:05:26
    8. Layer 2 Devices - Part 1 00:07:28
    9. Layer 2 Devices - Part 2 00:07:39
    10. Layer 3 Devices - Introduction 00:08:30
    11. Layer 3 Dynamic Routing Protocols 00:08:41
    12. Firewalls - Generations 1 And 2 00:09:45
    13. Firewalls - Generations 3, 4, And 5 00:07:23
    14. Firewall Security 00:09:13
    15. DHCP 00:08:56
    16. Name Resolution Services 00:07:16
    17. DNS - Part 1 00:06:53
    18. DNS - Part 2 00:09:06
    19. DNS - Part 3 00:08:28
    20. Authentication Services 00:09:15
    21. SAN And SDN 00:05:52
    22. Network Access Control 00:07:23
  33. Wireless Networking
    1. Wireless Networking - Part 1 00:08:52
    2. Wireless Networking - Part 2 00:08:12
    3. Wireless Security 00:07:22
    4. Wireless Security - 802.11i 00:09:51
    5. Wireless Security - Review 00:08:17
    6. MIMO And Attacks On Wireless Networks 00:07:32
    7. Cellular Networks 00:07:49
  34. Protocols
    1. IGMP 00:07:12
    2. ICMP 00:08:04
    3. NAT And PAT 00:10:35
    4. Telnet, SSH, FTP, And SNMP 00:07:16
    5. Email Protocols 00:07:10
    6. IM, HTTP, And HTTPS 00:06:43
    7. File And Print And QoS 00:03:49
    8. VPN, SSH, And PPTP 00:04:58
    9. IPsec VPN 00:07:16
    10. IPsec VPN - IKE, SA, SPI, And DH 00:07:25
    11. IPsec VPN - AH, ESP, Transport Tunnel 00:07:35
    12. VPN - L2TP, SSTP, SSL, TLS 00:07:21
    13. SCADA DNP3 Ports 00:04:48
  35. Network Technologies
    1. PAN And LAN 00:06:42
    2. MAN 00:06:50
    3. MAN, SONET, And WAN 00:06:55
    4. WAN - ISDN, PBX, X.25, FR 00:07:28
    5. WAN - ATM, MPLS, VOIP 00:07:50
    6. WAN - VoIP Satellite 00:05:50
  36. Attacks On Networks
    1. Untargeted And Targeted 00:09:01
    2. Vectors And DoS 00:07:01
    3. DoS And DDoS 00:07:51
    4. APT 00:04:24
    5. Info Theft And Cellular 00:09:12
  37. Wrap Up
    1. Wrap Up 00:02:20