Certified Information Systems Security Professional, Part 9 of 9: Systems Professional
Interactive

Certified Information Systems Security Professional, Part 9 of 9: Systems Professional

LearnNow Online
Updated Aug 21, 2018

Course description

This course covers security fundamentals, risk management, threat modeling. governance, compliance, ethics, policies, and personnel security. When complete you'll have a comprehensive understanding of how security integrates with all of these key areas of knowledge. This course is part of a series covering the ISC(2) Certified Information Systems Security Professional (CISSP).

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.


Prerequisites

This series assumes a good understanding of enterprise networking and networking security. This is part 9 of a 9 part series.


Meet the expert

Kevin Henry

Kevin is an international author, consultant and international
speaker. He is the official course development writer for ISC2 CISSP, ISACA CRISC and mile2’s C)ISSO. Kevin has been educating IT professionals for over 30 years. He also provides cyber security consulting and support services for organizations around the world. Assisting them with setting up Information Security programs and addressing areas ranging from in-depth risk analysis to policy creation and security awareness.

Video Runtime

134 Minutes

Time to complete

174 Minutes

Course Outline

Security Overview

Security and Risk Management (24:43)

  • Introduction (00:32)
  • Overview (03:08)
  • Confidentiality, Integrity, and Availability (01:15)
  • Security Governance Principles (03:53)
  • Compliance (00:31)
  • Legal and Regulatory Issues (02:33)
  • Ethics (01:48)
  • Business Continuity Requirements (00:55)
  • Personnel Security Policies (02:24)
  • Risk Management Concepts (02:58)
  • Threat Modeling (01:21)
  • Security Risk Considerations (01:29)
  • Education, Training, and Awareness (01:13)
  • Summary (00:29)
  • Summary (00:08)

Asset Security (12:30)

  • Introduction (00:11)
  • Overview (01:32)
  • Classify Information and Supporting Assets (01:25)
  • Determine and Maintain Ownership (02:18)
  • Protect Privacy (02:30)
  • Ensure Appropriate Retention (00:56)
  • Determine Data Security Controls (02:11)
  • Establish Handling Requirements (00:38)
  • Summary (00:36)
  • Summary (00:08)

Security Engineering (15:30)

  • Introduction (00:14)
  • Overview (02:25)
  • Engineering Processes (00:30)
  • Fundamental Concepts of Security Models (00:45)
  • Controls and Countermeasures (00:46)
  • Security Capabilites of Information Systems (01:42)
  • Mitgate Vulnerabilities (03:56)
  • Cryptography (03:01)
  • Security Principles (00:22)
  • Physical Security (01:36)
  • Summary (00:08)

Communication and Network Security (10:17)

  • Introduction (00:14)
  • Overview (01:10)
  • Secure Network Architecture Design Principles (03:20)
  • Secure Network Components (01:41)
  • Secure Communications Channels (03:07)
  • Prevent or Mitigate Network Attacks (00:35)
  • Summary (00:08)

Identity and Access Management (09:54)

  • Introduction (00:10)
  • Overview (02:09)
  • Physical and Logical Access to Assets (00:54)
  • Identification and Authorization (02:54)
  • Identity Services (00:34)
  • Authorization Mechanisms (01:47)
  • Access Control Attacks (00:58)
  • Summary (00:18)
  • Summary (00:08)
Enacting Security

Security Assessment Testing (12:33)

  • Introduction (00:11)
  • Overview (02:10)
  • Assessment and Test Strategies (00:37)
  • Security Control Testing (04:40)
  • Security Process Data (02:59)
  • Analyze and Report Test Outputs (01:02)
  • Summary (00:44)
  • Summary (00:08)

Security Operations (36:25)

  • Introduction (00:14)
  • Overview (03:30)
  • Understanding Investigations (03:24)
  • Requirements for Investigation Types (01:09)
  • Logging and Monitoring Activities (03:00)
  • Resource Provisioning (03:23)
  • Foundational Security Operations Concepts (04:37)
  • Resource Protection Techniques (00:57)
  • Incident Management (01:56)
  • Preventative Measures (04:04)
  • Support Patch and Vulnerability Management (02:03)
  • Implement Recovery Strategies (02:44)
  • Disaster Recovery Processes (00:42)
  • Disaster Recovery Plans (02:22)
  • Business Continuity Planning (02:07)
  • Summary (00:08)

Software Development Security (13:02)

  • Introduction (00:56)
  • Overview (00:47)
  • Security in the Software Development Lifecycle (04:04)
  • Security Controls in Development Environment (04:29)
  • Software Security Effectiveness (01:55)
  • Summary (00:48)