Certified Information Systems Security Professional, CISSP, Part 9 of 9: Systems Professional
Interactive

Certified Information Systems Security Professional, CISSP, Part 9 of 9: Systems Professional

Biz Library
Updated Jan 21, 2020

This course covers security fundamentals, risk management, threat modeling. governance, compliance, ethics, policies, and personnel security. When complete you'll have a comprehensive understanding of how security integrates with all of these key areas of knowledge. This course contains the following lessons:

Lesson 1:

  • Overview
  • Confidentiality, Integrity, and Availability
  • Security Governance Principles
  • Compliance
  • Legal and Regulatory Issues
  • Ethics
  • Business Continuity Requirements
  • Personnel Security Policies
  • Risk Management Concepts
  • Threat Modeling
  • Security Risk Considerations
  • Education, Training, and Awareness
  • Summary.

Lesson 2:

  • Overview
  • Classify Information and Supporting Assets
  • Determine and Maintain Ownership
  • Protect Privacy
  • Ensure Appropriate Retention
  • Determine Data Security Controls
  • Establish Handling Requirements
  • Summary.

Lesson 3:

  • Overview
  • Engineering Processes
  • Fundamental Concepts of Security Models
  • Controls and Countermeasures
  • Security Capabilities of Information Systems
  • Mitigate Vulnerabilities
  • Cryptography
  • Security Principles
  • Physical Security.

Lesson 4:

  • Overview
  • Secure Network Architecture Design Principles
  • Secure Network Components
  • Secure Communications Channels
  • Prevent or Mitigate Network Attacks.

Lesson 5:

  • Overview
  • Physical and Logical Access to Assets
  • Identification and Authorization
  • Identity Services
  • Authorization Mechanisms
  • Access Control Attacks
  • Summary.

Lesson 6:

  • Overview
  • Assessment and Test Strategies
  • Security Control Testing
  • Security Process Data
  • Analyze and Report Test Outputs
  • Summary.

Lesson 7:

  • Overview
  • Understanding Investigations
  • Requirements for Investigation Types
  • Logging and Monitoring Activities
  • Resource Provisioning
  • Foundational Security Operations Concepts
  • Resource Protection Techniques
  • Incident Management
  • Preventative Measures
  • Support Patch and Vulnerability Management
  • Implement Recovery Strategies
  • Disaster Recovery Processes
  • Disaster Recovery Plans
  • Business Continuity Planning.

Lesson 8:

  • Overview
  • Security in the Software Development Lifecycle
  • Security Controls in Development Environment
  • Software Security Effectiveness.