Learn about security assessment and testing practices, and prepare for the sixth domain of the Certified Information Systems Security Professional (CISSP) exam.
- [Mike] Hi, I'm Mike Chapple, and I'd like to welcome you to our CISSP Security Assessment and Testing course. The certified information system security professional or CISSP certification is the gold standard for information security certification. You'll find that CISP is a core requirement for many mid and senior level information security positions. Earning the CISSP requires demonstrating that you have sufficient work experience, and passing an exam covering the eight domains of information security.
This course covers the sixth of those eight domains. Security Assessment and Testing. 12% of the questions on the CISSP exam come from this domain. I have two decades of experience as an information security professional, and I've been involved in CISSP training and certification for most of those. As you work your way through this course, you might find it helpful to have two books that I've written by your side. The first is the Official CISSP study guide, available from Sybex.
This book is approved by (ISC)² as the official study guide for the exam, and it contains context that supplements this course. And will help you be prepared when you take the CISSP exam. The second book that you'll want is the official CISSP practice tests, also available from Sybex. This book contains over 1300 practice exam questions designed to mimic those on the actual CISSP exam. The book has an entire chapter dedicated to questions from each domain, along with two full length practice tests to help you assess your progress.
As we work our way through this course, we will focus on each topic covered by domain six. We'll review how to design and validate assessment and testing strategies. We'll also cover conducting security control testing and analyzing those test results. You'll learn how you can facilitate internal and external audits. But that's just a small sampling of the many topics covered in this course. These topics, combined with the information that you learn in our other CISSP courses will help you pass the CISSP exam.
And also provide a critical foundation for your career in information security. In addition to using this course and the companion books to prepare for the exam, I encourage you to visit my website at certmike.com and sign up for my free CISSP study group. I'll send you weekly emails guiding you through the exam preparation process and offer you test taking tips to help you get ready for the exam. Alright, let's get rolling.
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Using security assessment tools
- Scanning for vulnerabilities
- Threat assessment techniques
- Performing penetration testing
- Reviewing monitor logs
- Performing code reviews
- Performing fuzz testing and misuse case testing
- Analyzing coverage
- Assessing disaster recovery sites and backups
- Testing BC/DR plans
- Collecting security process data and metrics
- Auditing and control management