Time
8 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Description

This lesson covers what is necessary to know in order to pass the exam, some things needed are being able to recognize different types of technical attacks and motives of malicious users. Participants also need to know about different types of encryption. [toggle_content title="Transcript"] Alright, that gets us to the end of the module. So let's cover our exam essentials for module 5. First thing we need to think about is being able to verify the effectiveness of our logical controls, or our technical controls. Then we talked about the various mechanisms that are used for the perimeter defense. We looked at different kinds of technical attacks. We talked a little bit about the motives of attackers and hackers and why they do what they do. We also covered some details about various forms of biometrics to provide enhanced authentication. We talked about the difference between the physical access controls and logical or technical controls versus management controls. They all have their roles to play and we need to understand where those different controls are appropriate to be used. Then we talked about public key and private key encryption. Remember, this is symmetric versus asymmetric encryption. Symmetric uses the same key to encrypt and decrypt. Whereas asymmetric has a public and private key pair. We know that management has to control the encryption, or the crypto system, managing the distribution of key pairs, managing the crypto keys, perhaps using a key escrow device, or a system. We also talked a little bit about VPNs and why that's important for having a secure method for remote access. If you remember, we had IPSec VPNS with transport mode and tunnel mode. Then lastly we spoke a little bit about IDS systems. These could be network-based, host-based, neural-based or statistical. Okay, the last task for the module, then, is to do all of your review questions. Good luck on the test. [/toggle_content]

Video Transcription

00:04
all right, that gets us to the end of the module. So let's cover our exam essentials for module five.
00:10
First thing we need to think about is being able to verify the effectiveness of our logical controls or our technical controls.
00:18
Then we talked about the various mechanisms mechanisms that are used for
00:23
the perimeter defense.
00:26
We looked at different kinds of technical attacks.
00:29
We talked a little bit about the motives of Attackers and hackers and why they do what they do.
00:36
We also covered some details about various forms of biometrics
00:41
to provide enhanced authentication.
00:44
We talked about
00:45
the difference between the physical access controls and logical or technical controls versus management controls.
00:53
They all have their roles to play,
00:55
and we need to understand where those different controls are appropriate to be used. And we talked about ah, public. He and private key encryption. Remember, this is symmetric versus asymmetric encryption. Symmetric uses the same key to encrypt and decrypt
01:10
was asymmetric, has a public and private key pair.
01:12
We know that management has to control the encryption
01:17
or the crypto system, managing the distribution of key pairs, managing the crypto keys, perhaps using a key escrow device or system.
01:27
We also talked a little bit about VP ends and why that's important for having a secure method
01:34
for remote access.
01:37
Remember, we had a i p second VP ends with transport mode and tunnel mode.
01:42
And then lastly, we spoke a little bit about I. D s systems.
01:47
These could be network based,
01:48
host based,
01:49
neural based or statistical.
01:53
Okay. The last task for the module then, is to do all of your review questions. Good luck on the test.

Certified Information System Auditor (CISA)

In order to face the dynamic requirements of meeting enterprise vulnerability management challenges, CISA course covers the auditing process to ensure that you have the ability to analyze the state of your organization and make changes where needed.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor