CISSP® - Security Engineering
By Evan Morgan
Deep dive into the Security Engineering domain of the Certified Information Systems Security Professional (CISSP®) certification.
Course info
Rating
Level
Intermediate
Updated
Jan 27, 2016
Duration
2h 30m
Table of contents
Introduction
Secure Design Principles and Processes
Introduction to Secure Design Principles and Processes
1m
Software/System Design Lifecycle
2m
Requirements Phase
1m
Design Phase
2m
Implementation Phase
1m
Integration and Testing Phase
1m
Transition to Operations Phase
1m
NIST Security Engineering Principles
2m
Security Foundation Principles
4m
Risk Based Principles
6m
Ease of Use Principles
4m
Increase Resilience Principles
8m
Reduce Vulnerabilities Principles
5m
Design with Network in Mind Principles
4m
Summary and What’s Next
1m
Fundamental Concepts of Security Models
Introduction to Fundamental Concepts of Security Models
1m
Type of Security Models
1m
Information Flow Security Model
1m
Matrix-based Security Model
1m
Multi-level Lattice Security Model
1m
Non-interference Security Model
1m
State Machine Security Model
1m
Common Security Model Examples
1m
Bell-LaPadula Confidentiality Security Model
3m
Biba Integrity Security Model
2m
Brewer-Nash (The Chinese Wall) Security Model
1m
Clark Wilson Security Model
1m
Graham-Denning Security Model
1m
Security Architecture Frameworks
1m
The Open Group Architecture Framework (TOGAF)
1m
Zachman Framework
1m
Sherwood Applied Business Security Architecture (SABSA)
1m
Summary and What’s Next
1m
Security Evaluation Models
Introduction to Security Evaluation Models
1m
Certification and Accreditation
1m
Product Evaluation Models
1m
Trusted Computer System Evaluation Criteria (TCSEC)
5m
Information Technology Security Evaluation Criteria (ITSEC)
4m
The Common Criteria
2m
Security Implementation Guidelines
1m
ISO/IEC 27001 and 27002 Security Standards
3m
Control Objects for Information and Related Technology (COBIT)
2m
Payment Card Industry Data Security Standard (PCI-DSS)
2m
Summary and What’s Next
1m
Security Capabilities of Information Systems
Introduction to Security Capabilities of Information Systems
1m
Access Control Mechanisms
1m
Secure Memory Management
2m
State and Layering
1m
Cryptographic Protections
1m
Host Firewalls and Intrusion Prevention
1m
Auditing and Monitoring Controls
1m
Virtualization
1m
Summary and What’s Next
1m
Vulnerabilities in Security Architecture and Technology Components
Introduction to Vulnerabilities in Security Architecture and Technology Components
2m
Completely Secure Any System
1m
Vulnerability Types
3m
The CIA Triad
1m
Security Architecture Vulnerabilities
3m
Technology Component Vulnerabilities
4m
Summary and What’s Next
1m
Cryptography
Introduction to Cryptography
1m
Cryptography Is Typically Bypassed, Not Penetrated
1m
Basic Concept of Cryptography
5m
Cryptography Isn’t New!
2m
The CIA Triad
1m
Key Length
1m
Cipher Types
1m
Forms of Cryptography
1m
Symmetric Cryptography
1m
Data Encryption Standard (DES)
3m
Double DES (2DES)
0m
Triple DES (3DES)
1m
Advanced Encryption Standard (Rijndael)
1m
Asymmetric Cryptography
3m
Hashing Functions
1m
Hashing Attacks
1m
Methods of Cryptanalytic Attacks
1m
Cryptographic Lifecycle
1m
Cryptography Law
1m
Summary and What’s Next
1m
Site and Facility Secure Design
Introduction to Site and Facility Secure Design
1m
Physical Security Control Design
2m
Crime Prevention Through Environmental Design
1m
Physical Security Requirements and Resources
2m
Key Facility Protection Points
0m
Facility Access
2m
Support Equipment Rooms
1m
Server and Technology Component Rooms
1m
Restricted Work Areas
1m
Summary and What’s Next
1m
Description
Course info
Rating
Level
Intermediate
Updated
Jan 27, 2016
Duration
2h 30m
Description
Deep dive into the Security Engineering domain of the Certified Information Systems Security Professional (CISSP®) certification, including Secure Design Principles and Processes, Fundamental Concepts of Security Models, Security Evaluation Models, Security Capabilities of Information Systems, Vulnerabilities in Security Architecture and Technology Components, Cryptography, and Site and Facility Secure Design
About the author
About the author
Evan is an engineer by nature and a security professional by trade with over a decade of experience in technology and security. He enjoys learning new technologies and how to get more out of existing technologies through integration, enrichment, and innovation of new use cases.