Certified Information Systems Security Professional, CISSP, Part 7 of 9: Malware and Business Continuity

Malicious software exists in many forms. This course will cover many types of malware including worms, trojans, viruses along with rootkits and back-doors. It then will cover business continuity, hot and cold sites, redundancy, and backups. Finally it will look at specifics of how to recover from disasters and how it ties into risk management. This course contains the following lessons:

Lesson 1:

• Database Models
• Database Models: Hierarchical and Distributed
• Database Models: Relational
• Database Systems
• Database Models: Relational Components
• Foreign Key
• Database Component
• Database Security Mechanisms
• Database Data Integrity Controls
• Add-On Security
• Database Security Issues
• Controlling Access
• Database Integrity
• Data Warehousing
• Data Mining.

Lesson 2:

• Artificial Intelligence
• Expert System Components
• Artificial Neural Networks
• Software Development Models
• Project Development: Phases III, IV, and V
• Project Development: Phases VI and VII
• Verification vs. Validation
• Evaluating the Resulting Product
• Controlling How Changes Take Place
• Change Control Process
• Administrative Controls.

Lesson 3:

• Malware Attacks
• Virus
• More Malware
• Rootkits and Backdoors
• DDoS Attack Types
• Escalation of Privilege
• DDoS Issues
• Buffer Overflow
• Mail Bombing and Email Links
• Phishing
• Replay Attack
• Cross-Site Scripting Attack
• Timing Attacks
• More Advanced Attacks
• Summary.

Lesson 4:

• Phases of Plan
• Pieces of the BCP
• BCP Development
• Where Do We Start
• Why Is BCP a Hard Sell to Management
• Understanding the Organization
• BCP Committee.

Lesson 5:

• BCP Risk Analysis
• Identifying Threats and Vulnerabilities
• Categories
• How to Identify the Critical Company Functions
• Loss Criteria
• Interdependencies
• Choosing Offsite Services
• Functions' Resources
• Calculating MTD
• Recovery Point Objective
• Recovery Strategies
• What Items Need to Be Considered in a Recovery
• Facility Backups
• Compatibility Issues with Offsite Facility
• Which Do We Use?
• Choosing Site Location
• Other Offsite Approaches
• BCP Plans Become out of Date
• Summary.

Lesson 6:

• Proper Planning
• Executive Succession Planning
• Preventing a Disaster
• Preventative Measures
• Backup/Redundancy Options
• Disk Shadowing
• Hierarchical Storage Management
• SAN
• Co-Location
• Other Options.

Lesson 7:

• Review: Results from the BIA
• Now What
• Priorities
• Plan Objectives
• Defining Roles
• The Plan
• Types of BC Plans
• Recovery
• Damage Assessment
• Coordination Procedures
• Sequence of Recovery Options
• Relocate to the Alternate Facility
• Restoration of Primary Site
• Return to Normal Operations.

Lesson 8:

• Environment
• Operational Planning
• Emergency Response
• Reviewing Insurance
• When Is the Danger Over
• Testing and Drills
• Types of Tests
• What Is Success
• Summary.