Author
Released
11/8/2016Members who take all eight courses in the series will be prepared to take and pass the CISSP exam. Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Understanding security and evaluation models
- Cloud computing and virtualization
- Securing hardware
- Client and server vulnerabilities
- Web security vulnerabilities
- Securing mobile and smart devices
- Understanding encryption
- Key management and public key infrastructure
- Physical security
Skill Level Advanced
Duration
Views
- Hi, I'm Mike Chapple, and I'd like to welcome you to our CISSP Security engineering course. The certified information systems security professional or CISSP certification, is the gold standard for information security certification. You'll find that it's a core requirement for many mid and senior level information security positions. Earning the CISSP requires demonstrating that you have sufficient work experience, and passing an exam covering the eight domains of information security.
This course covers the third of those eight domains, security engineering. I have two decades of experience as an information security professional and I've been involved in CISSP training and certification for most of those. As you work your way through this course, you might find it helpful to have two books that I've written by your side. The first is the Official CISSP Study Guide, available from Sybex. This book is approved by the International Information System Security Certification Consortium as the official study guide for the exam, and it contains context that supplements this course and will help you be prepared when you take the exam.
The second book you'll want is the Official CISSP Practice Tests, also available from Sybex. This book contains 1300 practice exam questions designed to mimic those on the actual exam. It has an entire chapter dedicated to questions from each domain, along with two full length practice tests to help you assess your progress. As we work our way through this course, we will focus on each topic covered by domain three. We'll review how to select security controls that balance business needs and security requirements.
We'll also do a deep dive into cryptography, one of the most important data protection tools at the disposal of a security professional. You'll learn about physical security topics, including site design and monitoring. And that's just a small sampling of the many topics covered in this course. These topics, combined with the information you learn in our other CISSP courses, will help you pass the CISSP exam and also provide a critical foundation for your career in information security.
All right, let's get rolling!
Related Courses
-
Learning Cryptography and Network Security
with Lisa Bock1h 45m Intermediate -
CISSP Cert Prep: 2 Asset Security (2015)
with Mike Chapple58m 11s Advanced
-
Introduction
-
Welcome2m 15s
-
-
1. Security Engineering
-
Secure design principles5m 18s
-
Security models4m 14s
-
Evaluation models3m 24s
-
-
2. Cloud Computing and Virtualization
-
Virtualization4m 20s
-
Cloud computing models3m 44s
-
Public cloud tiers5m 35s
-
-
3. Hardware Security
-
Memory protection3m 20s
-
Interface protection4m 10s
-
-
4. Client and Server Vulnerabilities
-
Client security issues6m 16s
-
Server security issues4m 25s
-
NoSQL databases6m 53s
-
-
5. Web Security
-
OWASP top 10 vulnerabilities4m 52s
-
SQL injection prevention5m 20s
-
Fuzz testing6m 44s
-
Session hijacking3m 50s
-
-
6. Mobile Security
-
Mobile device security2m 35s
-
Mobile device management6m 14s
-
Mobile device tracking3m 14s
-
Mobile application security4m 23s
-
Bring your own device (BYOD)4m 47s
-
-
7. Smart Device Security
-
Industrial control systems4m 36s
-
Smart home technology3m 6s
-
-
8. Encryption
-
Understanding encryption3m 24s
-
Goals of cryptography2m 49s
-
Codes and ciphers3m 20s
-
The cryptographic life cycle2m 49s
-
Digital rights management2m 17s
-
-
9. Symmetric Cryptography
-
Data encryption standard3m 19s
-
3DES3m 35s
-
AES, Blowfish, and Twofish6m 40s
-
RC42m 23s
-
Steganography4m 55s
-
-
10. Asymmetric Cryptography
-
Rivest-Shamir-Adleman (RSA)3m 26s
-
PGP and GnuPG11m 9s
-
-
11. Key Management
-
Key exchange3m 4s
-
Diffie-Hellman key exchange5m 12s
-
Key escrow3m 13s
-
Key stretching1m 55s
-
-
12. Public Key Infrastructure
-
Trust models3m 1s
-
PKI and digital certificates4m 28s
-
Hash functions9m 11s
-
Digital signatures4m 4s
-
Create a digital certificate4m 33s
-
Revoke a digital certificate1m 48s
-
-
13. Cryptanalytic Attacks
-
Brute-force attacks3m 12s
-
Knowledge-based attacks2m 10s
-
-
14. Physical Security
-
Site and facility design2m 44s
-
Physical access control4m 6s
-
Visitor management1m 35s
-
-
Conclusion
-
Next Steps38s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Welcome