CISSP Module 09 – Final Course Review

security

We came to an end of the CISSP tutorial! Let’s take a look what we learned in our CISSP training online!

The 8 domains of CISSP:

-In chapter 1 we learned about Security and Risk Management; CIA and IAAA, tenets of secure design, risk assessment, analysis and mitigation, governance vs management, framework and senior management’s role, policies procedures standards and guidelines, knowledge transfer, types of laws and specific laws, BCP and BIA, BC phases, roles and responsibilities and BCP sub plans and remaining phases.

In the second, Asset Security; roles and responsibilities, clarification, the states of data and the configuration management.

-Chapter 3: Security Engineering; trusted computing, computer architecture CPU, memory, security models and access, common architectures, cryptography (history, symmetric and asymmetric, hybrid), RSA Diffie Hellman and ECC, hashing, digital signatures MACs and hashes, PKI, IPSec and attacks on cryptography.

-Chapter 4: Communications and Network Security; OSI and the seven layers, TCP IP model, common attacks, Firewall, Proxies, and NAT, WAN, Wireless and Cloud Computing.

-In chapter 5: Identity and Access Management; ID, defining identity and access, core security environments, access control methods, authentication types 1-3, SSO and Kerberos, access control methods, RADIUS and emanations.

-Chapter 6: Security Assessment and Testing; vulnerability and pen testing, penetration testing, NIDS vs HIDS, analysis engines and honeypots.

-Chapter 7: Security Operations; incident response, intro to forensics, types of evidence, Spared and RAID, clustering and web farms, backups and additional data redundancy.

-And in the final one, chapter 8: Software Development Security; Why is software unsecure?, development methodologies, common architectures, monitoring and auditing, adversaries and review, OWASP 10, defensive coding, change management, vulnerability scans and penetration testing, DB intro and models and relational databases.

We hope you learned a bit from this CISSP course and wish you all the best with becoming a CISSP!