Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Transcription

00:01
welcome back to CyberRays is. Of course. I'm your instructor, Brad Roads.
00:04
We're starting with domain one systems
00:08
security engineering foundations, for is it? This is module two of 10.
00:14
Where we in our course outline? Well, we've completed module one. The overview, the level set you as to where we're going with the s, of course. And now we're gonna jump into pretty good detail. Um, domain one of Aesop, which is our foundations.
00:30
So
00:31
our first lesson is going to cover the objectives of the module, and we're gonna introduce system security engineer.
00:39
So what we're gonna cover here? We're gonna look at the module objectives for is it domain one? Our foundations. Now we're gonna do a brief overview of system security engineering. Andi, that's gonna come directly out of NIST National, the National Institutes for Standards and Technology. That is going to give you a good feel For what system? Security engineering kind of looks like.
00:59
All right, So what are our objectives for? Is up to Maine one. Well, we're gonna cover the fundamentals. You can't, you know, jump into a complex thing like systems engineering or system security engineering without some of the fundamentals we're gonna review processes related to that. We're gonna talk about development methodologies. And so this is development methodologies that you might ascribe to
01:19
software engineering, but they are also applicability to large scale systems engineering. In fact, those development methodologies
01:26
were originally built to handle systems engineering, but they have since been transformed and used for multiple things.
01:33
We're gonna talk about the technical management process.
01:37
You do as an ISI, a lot of technical management. That is a huge part of your work.
01:41
So you need to know that we're gonna talk about acquisition, which is really the Bible decision points. Uh, sometimes as an ISI, you have to make a recommendation. Am I going to buy something or am I gonna build it myself? I'll tell you, if you build it yourself, you all in the zero days, that's kind of one of my mantra is. But
01:56
sometimes sometimes you have to buy it because it's cheaper. You're going to get to market with whatever product you're working on faster.
02:02
Now we're gonna talk about trusted systems networks and why they're so important, especially as it relates to the U. S. Government on the U. S. Department of defense. That's where you're gonna see the conversation about cots and guts Initially, eso just keep that in mind, but we're going to get there.
02:19
All right, So from this, the National Institute of Standards and Technologies, we have this great overview and this is you can see built by in cozy. And we've talked about in cozy before. So systems engineering is the top level
02:36
management process or top level engineering process for putting together complex systems
02:42
one off the specialties off systems engineering. It's system security, engineering or information systems security, engineering, you see, which is what we're talking about in this course. And so ah, system security engineer, what do they do? They apply the Matthey engineering that the concepts methods, right.
03:00
So they standardize
03:02
what happens. A zit gets integrated into the system as a whole.
03:07
The system security engineer helps with other specialty. So, for example, if you're doing a system and you're exercising or executing defense in depth, so think the onion layers of security, right? You're going to have security specialists in host based systems. So computers you're gonna have security specialists in network
03:28
based security systems.
03:30
You're going to have specialists in data loss prevention. And so those air, the security specialties and other specialties that roll up into what we do in system security engineering that ultimately air, then morph module early into the system as a whole from a systems engineering perspective. And so
03:46
systems engineering and system security engineering are both
03:50
multi disciplinary processes to integrate pieces and parts into a system as a whole. And that's a basic overview of system security engineering.
04:00
So what do we cover in this lesson? We looked at the module objectives for module to which is our domain, one of Aesop's foundations. And then we did a brief overview of the system security engineering processes framed by NIST. We'll see you next time.

Up Next

Information Systems Security Engineering Professional (ISSEP)

This ISSEP course provides students with the foundational knowledge of the concentration area of the CISSP certification that includes a focus on the processes used to develop secure systems. Students will learn key concepts and skills of the five ISSEP domains.

Instructed By

Instructor Profile Image
Brad Rhodes
Head of Cybersecurity, zvelo & Lieutenant Colonel, Cyber Warfare
Instructor