CISSP® - Security Engineering
By Evan Morgan
Deep dive into the Security Engineering domain of the Certified Information Systems Security Professional (CISSP®) certification.
Course info
Rating
Level
Intermediate
Updated
Jan 27, 2016
Duration
2h 29m
Table of contents
Introduction
Secure Design Principles and Processes
Design Phase
2m
NIST Security Engineering Principles
2m
Security Foundation Principles
4m
Risk Based Principles
6m
Integration and Testing Phase
1m
Increase Resilience Principles
8m
Transition to Operations Phase
1m
Reduce Vulnerabilities Principles
5m
Summary and What’s Next
1m
Introduction to Secure Design Principles and Processes
1m
Design with Network in Mind Principles
4m
Requirements Phase
1m
Implementation Phase
1m
Ease of Use Principles
4m
Software/System Design Lifecycle
2m
Fundamental Concepts of Security Models
Information Flow Security Model
1m
Graham-Denning Security Model
1m
Common Security Model Examples
1m
Zachman Framework
1m
Sherwood Applied Business Security Architecture (SABSA)
1m
Multi-level Lattice Security Model
1m
Introduction to Fundamental Concepts of Security Models
1m
Biba Integrity Security Model
2m
Brewer-Nash (The Chinese Wall) Security Model
1m
Summary and What’s Next
1m
Security Architecture Frameworks
1m
The Open Group Architecture Framework (TOGAF)
1m
Matrix-based Security Model
1m
Non-interference Security Model
1m
State Machine Security Model
1m
Bell-LaPadula Confidentiality Security Model
3m
Type of Security Models
1m
Clark Wilson Security Model
1m
Security Evaluation Models
Introduction to Security Evaluation Models
1m
Product Evaluation Models
1m
Trusted Computer System Evaluation Criteria (TCSEC)
5m
ISO/IEC 27001 and 27002 Security Standards
3m
Summary and What’s Next
1m
Payment Card Industry Data Security Standard (PCI-DSS)
2m
Security Implementation Guidelines
1m
Control Objects for Information and Related Technology (COBIT)
2m
Certification and Accreditation
1m
The Common Criteria
2m
Information Technology Security Evaluation Criteria (ITSEC)
4m
Security Capabilities of Information Systems
Access Control Mechanisms
1m
Cryptographic Protections
1m
Summary and What’s Next
1m
Host Firewalls and Intrusion Prevention
1m
Introduction to Security Capabilities of Information Systems
1m
Auditing and Monitoring Controls
1m
Virtualization
1m
State and Layering
1m
Secure Memory Management
2m
Vulnerabilities in Security Architecture and Technology Components
Vulnerability Types
3m
The CIA Triad
1m
Technology Component Vulnerabilities
4m
Security Architecture Vulnerabilities
3m
Completely Secure Any System
1m
Introduction to Vulnerabilities in Security Architecture and Technology Components
2m
Summary and What’s Next
1m
Cryptography
Triple DES (3DES)
1m
Forms of Cryptography
1m
Advanced Encryption Standard (Rijndael)
1m
Cryptographic Lifecycle
1m
Cryptography Law
1m
Summary and What’s Next
1m
Double DES (2DES)
0m
Hashing Functions
1m
Hashing Attacks
1m
Methods of Cryptanalytic Attacks
1m
Cryptography Isn’t New!
2m
Data Encryption Standard (DES)
3m
Key Length
1m
Asymmetric Cryptography
3m
The CIA Triad
1m
Basic Concept of Cryptography
5m
Introduction to Cryptography
1m
Symmetric Cryptography
1m
Cryptography Is Typically Bypassed, Not Penetrated
1m
Cipher Types
1m
Site and Facility Secure Design
Facility Access
2m
Physical Security Control Design
2m
Key Facility Protection Points
0m
Summary and What’s Next
1m
Introduction to Site and Facility Secure Design
1m
Server and Technology Component Rooms
1m
Physical Security Requirements and Resources
2m
Restricted Work Areas
1m
Support Equipment Rooms
1m
Crime Prevention Through Environmental Design
1m
Description
Course info
Rating
Level
Intermediate
Updated
Jan 27, 2016
Duration
2h 29m
Description
Deep dive into the Security Engineering domain of the Certified Information Systems Security Professional (CISSP®) certification, including Secure Design Principles and Processes, Fundamental Concepts of Security Models, Security Evaluation Models, Security Capabilities of Information Systems, Vulnerabilities in Security Architecture and Technology Components, Cryptography, and Site and Facility Secure Design
About the author
About the author
Evan is an engineer by nature and a security professional by trade with over a decade of experience in technology and security. He enjoys learning new technologies and how to get more out of existing technologies through integration, enrichment, and innovation of new use cases.