Time
12 hours 41 minutes
Difficulty
Advanced
CEU/CPE
13

Video Description

Congratulations on completing the CISSP Exam Preparation Course! In this video we review the modules (chapters) presented in the course. It's important to note that the material in the course should not serve as your sole source of study material. - Chapter 1: Security and risk management along with disaster recovery and business continuity. Most testable chapter! - Chapter 2: Asset security. Short chapter on classifying data and its various states. - Chapter 3: Security engineering. Architecture and design, security models, cryptography, security protocols and PKI. Very testable! - Chapter 4: Communications and network security. Layers and threats. - Chapter 5: Identity and access management. Authentication protocols and Kerberos. - Chapter 6: Security assessment and testing. Vulnerability and penetration testing. - Chapter 7: Security operations. Redundancy, clustering, RAID. - Chapter 8: Software development security. Secure software design, databases. Good luck!

Video Transcription

00:04
All right. Congratulations on completing the course. We have covered all eight domains of C I S S P. We started out with Chapter one, which was security and risk management. Also, in this chapter, we covered business continuity and disaster recovery planning.
00:22
By far, this one chapter is the most testable out of all the other eights who make sure you spend plenty of time
00:31
in Chapter one. Chapter two was kind of short and sweet assets security. We talked about classifying data. We talked about data in its various stages, at rest in process and in motion or in transit on the network
00:46
and really focusing in on individual assets and how we keep them safe.
00:51
Chapter three, security engineering
00:54
and Chapter three really was divided into two main parts. The concepts of security, architecture and design where we looked at security models like Bella Padula, Deborah Clark Wilson and we talked about a component by component level.
01:11
And we also looked at some evaluation criteria, like the orange Wilken common criteria.
01:17
All right, then we moved into the cryptography section and in the cryptography section
01:23
we cover cryptography. And there's a lot of information about cryptography. Crypto is very testable on the exam. Lots of information, from understanding the historical uses of cryptography to looking at symmetric versus asymmetric and how they come together in a hybrid
01:42
means and technologies like S S L T l s.
01:45
Ah. We also talked about protocols that use photography like I p sec. Ah, we looked at, um, non repudiation. And then that led us into a discussion on public key infrastructure. Don't forget, crypto, even though it's now part of another chapter.
02:04
Um, it's still
02:06
extremely testable.
02:07
Our Chapter four communications and network security. We looked at the O S I model and then we talked about from layer by layer. What protocols and devices function of each layer. And then we also looked at some security threats and we talked about some mitigating strategies.
02:24
We moved into chapter five, where we talked about identity and access management.
02:30
We talked about the I triple a identify, authenticate, authorized and then accounting. We looked at different types of authentications, something you had no something. You have something you are. And then we moved over to talking about network authentication protocols and specifically
02:49
talked about Kerberos.
02:52
Then we moved into security assessment and testing. We looked at vulnerability assessments versus pen tests and the steps that we would go through in order to conduct either of thes. Then security operations led us into a discussion on redundancy, whether it came from clustering or raid
03:10
or,
03:13
uh uh, Elektronik vaulting, moat, journaling and so on. And then last but not least, we got to the point where, um
03:23
really we realize all of these security measures that we put in place are all about protecting our software. So let's look at some means that we can use to to create secure software as opposed to a having all these periphery devices provide security. Let's just write good code. And that's what Chapter eight was about.
03:45
So we've covered a lot of material. You have great perseverance for sticking through all eight domains, as I hope you have. And remember, this is this'll. Class is not meant to be your soul.
03:58
Sources study material. But hopefully I've given you some ideas about the things to really focus on. I hope you've enjoyed the classes and we look forward to seeing you with additional classes here on side. Very thanks so much

ISC2 CISSP

Our free online CISSP (8 domains) training covers topics ranging from operations security, telecommunications, network and internet security, access control systems and methodology and business continuity planning.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor