Certified Information Systems Security Professional, Part 7 of 9: Malware and Business Continuity
Interactive

Certified Information Systems Security Professional, Part 7 of 9: Malware and Business Continuity

LearnNow Online
Updated Aug 21, 2018

Course description

Malicious software exists in many forms. This course will cover many types of malware including worms, Trojans, viruses along with rootkits and back-doors. It then will cover business continuity, hot and cold sites, redundancy, and backups. Finally it will look at specifics of how to recover from disasters and and how it ties into risk management. This course is part of a series covering the ISC(2) Certified Information Systems Security Professional (CISSP).

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.


Prerequisites

This series assumes a good understanding of enterprise networking and networking security. This is part 7 of a 9 part series.


Meet the expert

Kevin Henry

Kevin is an international author, consultant and international
speaker. He is the official course development writer for ISC2 CISSP, ISACA CRISC and mile2’s C)ISSO. Kevin has been educating IT professionals for over 30 years. He also provides cyber security consulting and support services for organizations around the world. Assisting them with setting up Information Security programs and addressing areas ranging from in-depth risk analysis to policy creation and security awareness.

Video Runtime

153 Minutes

Time to complete

213 Minutes

Course Outline

Database Security and System Development

Database Models (18:47)

  • Introduction (00:09)
  • Database Models (00:38)
  • Database Models: Hierarchical and Distributed (01:12)
  • Database Models: Relational (00:44)
  • Database Systems (01:01)
  • Database Models: Relational Components (00:52)
  • Foreign Key (01:31)
  • Database Component (01:49)
  • Database Security Mechanisms (01:14)
  • Database Data Integrity Controls (01:58)
  • Add-On Security (01:23)
  • Database Security Issues (01:14)
  • Controlling Access (01:43)
  • Database Integrity (00:51)
  • Data Warehousing (01:05)
  • Data Mining (01:10)
  • Summary (00:08)

Software Development (17:31)

  • Introduction (00:08)
  • Artificial Intelligence (02:33)
  • Expert System Components (00:45)
  • Artificial Neural Networks (01:03)
  • Software Development Models (03:17)
  • Project Development: Phases III, IV, and V (01:56)
  • Project Development: Phases VI and VII (00:36)
  • Verification vs. Validation (00:45)
  • Evaluating the Resulting Product (01:27)
  • Controlling How Changes Take Place (01:05)
  • Change Control Process (01:45)
  • Administrative Controls (01:58)
  • Summary (00:08)

Malware Attacks (23:11)

  • Introduction (00:08)
  • Malware Attacks (00:42)
  • Virus (02:08)
  • More Malware (02:44)
  • Rootkits and Backdoors (02:14)
  • DDoS Attack Types (01:05)
  • Escalation of Privilege (01:23)
  • DDoS Issues (02:21)
  • Buffer Overflow (02:55)
  • Mail Bombing and Email Links (00:54)
  • Phishing (02:22)
  • Replay Attack (00:23)
  • Cross-Site Scripting Attack (01:21)
  • Timing Attacks (01:14)
  • More Advanced Attacks (00:32)
  • Summary (00:29)
  • Summary (00:08)
Business Continuity

Project Initiation (14:12)

  • Introduction (00:05)
  • Phases of Plan (00:56)
  • Pieces of the BCP (00:47)
  • BCP Development (02:55)
  • Where Do We Start (02:46)
  • Why Is BCP a Hard Sell to Management (02:22)
  • Understanding the Organization (02:01)
  • BCP Committee (02:08)
  • Summary (00:08)

Business Impact Analysis (27:35)

  • Introduction (00:06)
  • BCP Risk Analysis (01:25)
  • Identifying Threats and Vulnerabilties (00:55)
  • Categories (01:04)
  • How to Identify the Critical Company Functions (01:24)
  • Loss Criteria (00:54)
  • Interdependencies (00:26)
  • Choosing Offsite Services (00:36)
  • Functions' Resources (02:51)
  • Calculating MTD (01:05)
  • Recovery Point Objective (02:22)
  • Recovery Strategies (01:33)
  • What Items Need to Be Considered in a Recovery (02:24)
  • Facility Backups (02:30)
  • Compatibility Issues with Offsite Facility (00:48)
  • Which Do We Use? (02:36)
  • Choosing Site Location (00:54)
  • Other Offsite Approaches (01:53)
  • BCP Plans Become out of Date (01:11)
  • Summary (00:22)
  • Summary (00:08)
Disaster Recovery

Disaster Preparation (14:08)

  • Introduction (00:11)
  • Proper Planning (01:16)
  • Executive Succession Planning (00:33)
  • Preventing a Disaster (01:11)
  • Preventative Measures (03:18)
  • Backup/Redundancy Options (01:00)
  • Disk Shadowing (02:18)
  • Hierarchical Storage Management (01:53)
  • SAN (00:52)
  • Co-Location (00:35)
  • Other Options (00:48)
  • Summary (00:08)

Development Plan (23:59)

  • Introduction (00:12)
  • Review: Results from the BIA (07:01)
  • Now What (01:35)
  • Priorities (00:18)
  • Plan Objectives (02:10)
  • Defining Roles (02:28)
  • The Plan (01:04)
  • Types of BC Plans (01:15)
  • Recovery (00:56)
  • Damage Assessment (01:31)
  • Coordination Procedures (01:10)
  • Sequence of Recovery Options (00:35)
  • Relocate to the Alternate Facility (01:17)
  • Restoration of Primary Site (01:19)
  • Return to Normal Operations (00:56)
  • Summary (00:08)

Emergency Response (14:03)

  • Introduction (00:06)
  • Environment (01:56)
  • Operational Planning (01:10)
  • Emergency Response (00:49)
  • Revieing Insurance (00:58)
  • When Is the Danger Over (01:22)
  • Testing and Drills (02:04)
  • Types of Tests (04:13)
  • What Is Success (00:49)
  • Summary (00:23)
  • Summary (00:08)