Certified Information Systems Security Professional, CISSP, Part 3 of 9: Cryptography and Operations
Interactive

Certified Information Systems Security Professional, CISSP, Part 3 of 9: Cryptography and Operations

Biz Library
Updated Jan 21, 2020

Operations security is where all the theory and policies are put into action. Topics in this course will include Administration responsibilities, Redundancy and Fault tolerance, and threats to operations. Also, an overview of cryptography and how it can be used in something like access will be discussed. This course contains the following lessons:

Lesson 1:

  • Operations Issues
  • Role of Operations
  • Administrator Access
  • Computer Operations: System Administrators
  • Security Administrator
  • Operational Assurance
  • Audit and Compliance
  • Some Threats to Computer Operations
  • Specific Operations Tasks
  • Agenda
  • Product Implementation Concerns
  • Logs and Monitoring
  • Records Management
  • Change Control
  • Resource Protection
  • Contingency Planning
  • System Controls
  • Trusted Recovery.

Lesson 2:

  • Fault-Tolerance Mechanisms
  • Duplexing, Mirroring, And Checkpointing
  • Redundant Array of Independent Disks
  • Fault Tolerance
  • Redundancy Mechanism
  • Backups
  • Backup Types.

Lesson 3:

  • Remote Access
  • Facsimilia Security
  • Email Security
  • Before Carrying out Vulnerability Testing
  • Vulnerability Assessments
  • Methodology
  • Penetration Testing
  • Ethical Hacking
  • Hack and Attack Strategies
  • Protection Mechanism: Honeypot.

Lesson 4:

  • Threats to Operations
  • Data Leakage: Social Engineering
  • Data Leakage - Object Reuse
  • Object Reuse
  • Why Not Just Delete the File or Format the Disk
  • Data Leakage: Keystroke Logging
  • Data Leakage: Emanation
  • Controlling Data Leakage: TEMPEST
  • Controlling Data Leakage: Control Zone
  • Controlling Data Leakage: White Noise
  • Summary.

Lesson 5:

  • Cryptography Objectives
  • Cryptographic Definitions
  • A Few More Definitions
  • Some More Definitions
  • Symmetric Cryptography: Use of Secret Keys.

Lesson 6:

  • Cryptography Uses Yesterday and Today
  • Historical Uses of Symmetric Cryptography
  • Scytale Cipher
  • Substitution Cipher
  • Caesar Cipher Example
  • Vigenere Cipher
  • Polyalphabetic Substitution and Vigenere Example
  • Enigma Machine
  • Vernam Cipher
  • Running Key and Concealment.

Lesson 7:

  • One-Time Pad Characteristics
  • Binary Mathematical Faction
  • Key and Algorithm Relationship
  • 128-Bit Keys vs. 64-Bit Keys
  • Breaking Cryptosystems: Brute Force
  • Breaking Cryptosystems: Frequency Analysis
  • Determining Strength in a Cryptosystem
  • Characteristics of Strong Algorithms
  • Open or Closed.

Lesson 8:

  • Types of Ciphers Used Today
  • Encryption/Decryption Methods
  • Symmetric Ciphers: Block Cipher
  • S-Boxes Used in Block Ciphers
  • Symmetric Ciphers: Stream Cipher
  • Encryption Process and Symmetric Characteristics
  • Strength of a Stream Cipher
  • Let's Dive in Deeper
  • Symmetric Key Cryptography
  • Symmetric Key Management Issue. Lesson 9:
  • Symmetric Algorithms Examples
  • Symmetric Downfalls
  • Secret vs. Session Keys
  • Symmetric Algorithms: DES
  • Evolution of DES
  • Block Cipher Modes: CBC
  • Block Cipher Modes: ECB, CFB, and OFB
  • Symmetric Ciphers: AES
  • Other Symmetric Algorithms
  • Agenda
  • MAC- Sender
  • Hashing Algorithms
  • Protecting the Integrity of Data
  • Data Integrity Mechanisms
  • Weakness in Using Only Hash Algorithms
  • More Protection in Data Integrity
  • Security Issues in Hashing
  • Birthday Attack
  • Summary.