Cissp - Certified Information System Security Professional

Full CISSP Training - 2023

What you'll learn

Understand the eight domains of the CISSP Common Body of Knowledge (CBK) and their relationship to information security.

Gain a comprehensive understanding of information security principles, concepts, and practices, including access control, cryptography, network security.

Learn how to apply security and risk management principles to protect an organization's assets and resources.

Understand the different types of threats and vulnerabilities that can impact an organization's information security.

Learn how to design and implement secure network architectures and communication channels.

Understand the principles of identity and access management and how to implement them in an organization.

Learn how to assess and test security controls and processes to ensure their effectiveness.

Understand the principles of security operations, including incident management and disaster recovery planning.

Learn how to design and implement secure software development processes and controls.

Prepare for the CISSP certification exam and become a certified information security professional.

Requirements

To enroll in this course, you should have a basic understanding of information security concepts and practices. There are no other prerequisites for this course.

Description

Welcome to the Certified Information Systems Security Professional (CISSP) course on Udemy! In this landing page, we will provide you with all the details you need to know about the course.Course Overview:The CISSP course is designed to provide you with a comprehensive understanding of the eight domains of information security, as defined by the International Information System Security Certification Consortium (ISC)². These domains include Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.In this course, you'll learn about the principles, concepts, and practices of information security, including access control, cryptography, network security, and more. You will also be prepared to take the CISSP certification exam, which will test your knowledge of the eight domains.Course Details:Course Name: Certified Information Systems Security Professional (CISSP)Course Curriculum:The course is divided into the following eight domains:Security and Risk ManagementSecurity Governance PrinciplesComplianceLegal and Regulatory IssuesProfessional EthicsAsset SecurityInformation and Asset ClassificationOwnershipProtect PrivacyRetentionSecurity EngineeringEngineering Processes using Secure Design PrinciplesSecurity Models and ArchitectureSecurity Evaluation ModelsCommunication and Network SecuritySecure Network Architecture DesignSecure Network ComponentsSecure Communication ChannelsIdentity and Access ManagementPhysical and Logical Access to AssetsIdentity Management ImplementationAuthenticationSecurity Assessment and TestingAssessment and Test StrategiesSecurity Process DataSecurity Control TestingSecurity OperationsUnderstand and Support InvestigationsIncident ManagementDisaster Recovery PlanningSoftware Development SecurityDevelopment Environment Security ControlsSoftware Security EffectivenessAcquired Software Security ImpactBenefits of Taking This Course:Comprehensive coverage of the eight domains of information securityPreparation for the CISSP certification examIn-depth understanding of information security principles, concepts, and practicesReal-world examples and case studiesInteractive quizzes and assessmentsLifetime access to course materialsInstructor Bio:Nour is CISSP Trainer for more than 10 years, he work as Information Security SME at one of the biggest organisations.Enrollment and Requirements:To enroll in this course, you should have a basic understanding of information security concepts and practices. There are no other prerequisites for this course. To enroll, simply visit the course landing page on Udemy and click on the "Enroll Now" button.The CISSP course on Udemy is an excellent choice for anyone who wants to learn about information security principles, concepts, and practices. With comprehensive coverage of the eight domains of information security, interactive quizzes and assessments, and preparation for the CISSP certification exam, this course will help you become a skilled information security professional. Enroll now and start your journey towards a successful career in information security!

Overview

Section 1: CISSP Course Introduction

Lecture 1 CISSP Course Introduction

Section 2: Domain 1 - Security and Risk Management

Lecture 2 Domain 1 Key Concepts

Lecture 3 Security Threats

Lecture 4 Vulnerabilities and Cyber Attacks

Lecture 5 Man in the middle attack

Lecture 6 Cyber Kill Chain, the Process of Hacking into systems

Lecture 7 The Security Objective and CIA Triad

Lecture 8 Privacy Requirements and regulations

Lecture 9 Security Controls

Lecture 10 Example for Security Controls

Lecture 11 Selection of controls and best practices in implementing

Lecture 12 Security Control Assessment and Defense in depth

Lecture 13 AAA

Lecture 14 Security Strategy - Abstraction

Lecture 15 Protection Mechanisms - Data Hiding and Security through obscurity

Lecture 16 Security Manager Roles

Lecture 17 Organizational Structure

Lecture 18 Security Program and Strategy

Lecture 19 Security Governance

Lecture 20 Security Policies

Lecture 21 Security Standards

Lecture 22 Procedures and Guidelines

Lecture 23 Review of Policies and Standards

Lecture 24 Risk Management Overview

Lecture 25 Types of Risk and RA and Risk Response

Lecture 26 Risk Reporting and Monitoring

Lecture 27 Metrics and Key Performance Indicators

Lecture 28 Key Risk Indicators - KRI

Lecture 29 Risk Management Frameworks

Lecture 30 Maturity Assessment Process

Lecture 31 Law and Legal Regulations

Lecture 32 ISC2 Code of Ethics

Section 3: Domain 2 - Asset Security

Lecture 33 Domain 2 Key Concepts

Lecture 34 Data Lifecycle

Lecture 35 Sensitive Data

Lecture 36 Data Classification Levels

Lecture 37 Data Security Measures 1

Lecture 38 Data Security Measures 2

Lecture 39 Asset life cycle

Lecture 40 Roles in Data and Assets Protection

Lecture 41 Data Destruction

Lecture 42 RACI Matrix

Lecture 43 Privacy Regulation Rules

Lecture 44 Social Engineering

Lecture 45 Security Awareness Program

Lecture 46 Personnel Security Measures

Lecture 47 Due Care vs Due Dillegence

Lecture 48 Third Party and Vendor Risk

Lecture 49 Securing Supply chain Risk Management

Section 4: Domain 3 - Security Architecture and Engineering

Lecture 50 Domain 3 Key Concepts

Lecture 51 Cryptography overview

Lecture 52 Cryptography Design Concepts

Lecture 53 Symmetric Encryption Overview

Lecture 54 Asymmetric Encryption

Lecture 55 Benefits of Asymmetric Encryption

Lecture 56 Integrity and Hashing and Salting

Lecture 57 Encryption and Hashing and Encoding

Lecture 58 Digital Signature

Lecture 59 PKI

Lecture 60 Digital Certificate

Lecture 61 Applications of Encryption

Lecture 62 Emerging Cryptographic technologies

Lecture 63 Secure Design Principals

Lecture 64 Security Models, Take Grant, BLP, Biba, Clark Wilson

Lecture 65 Brewer Nash and HRU Security Models

Lecture 66 TCSEC, ITSEC and Common Criteria

Lecture 67 Security Facility Design

Lecture 68 Physical Access Control

Lecture 69 Badges and Smart Cards and PACs

Lecture 70 Motion Detectors

Lecture 71 Security Cameras

Lecture 72 Data and Perimeter Security

Lecture 73 Securing Power Sources

Lecture 74 Fire Suppression System

Section 5: Domain 4 - Communication and Network Security

Lecture 75 Domain 4 Key Concepts

Lecture 76 Network Introduction

Lecture 77 OSI and TCPIP

Lecture 78 OSI Model Explaining

Lecture 79 Explaining Layers 1,2,3

Lecture 80 Explaining Layers 4,5,6,7

Lecture 81 Routing and Routed Protocols

Lecture 82 Domain Name System Overview

Lecture 83 Address Resolution Protocol

Lecture 84 VoIP and QoS

Lecture 85 Layer 2 Attacks

Lecture 86 Network Segmentation

Lecture 87 NAC and dot1x and Port Security

Lecture 88 Wireless Security

Lecture 89 DMZ and Screened Subnet

Lecture 90 Firewalls

Lecture 91 Proxy, Load Balance devices, Email Security

Lecture 92 VPN Service

Lecture 93 IP Security Protocol (IPSEC)

Section 6: Domain 5 - Identity and Access Management (IAM)

Lecture 94 Domain 5 Key Concepts

Lecture 95 AAA Overview

Lecture 96 Authentication

Lecture 97 MFA and Bio-metric Authentication

Lecture 98 Passwordless Authentication Methods

Lecture 99 SSO and RSO

Lecture 100 Authorization and Access control Models

Lecture 101 Accounting and Auditing

Lecture 102 Identity Access Management Solutions

Lecture 103 Password Attacks

Lecture 104 LDAP Server - Active Directory

Lecture 105 Manage Privileged Account

Lecture 106 Least Privilege and Two Person Control

Lecture 107 SoD and Need to Know

Lecture 108 Job Rotation and Mandatory Vacation

Section 7: Domain 6 - Security Assessment and Testing

Lecture 109 Domain 6 Key Concepts

Lecture 110 Security Testing and assessment and Auditing

Lecture 111 System Auditing

Lecture 112 Security Testing - PT, SAST, SCA

Lecture 113 Vulnerability Assessment

Lecture 114 VA Scanning Tool

Lecture 115 Penetration Testing

Lecture 116 Software Use Case Test and Abuse Case

Lecture 117 Threat Modelling overview

Lecture 118 Threat Model STRIDE & DREAD

Lecture 119 Threat Model - PASTA

Lecture 120 Service Organization Controls - SOC Audit

Section 8: Domain 7 - Security Operations

Lecture 121 Domain 7 Key Concepts

Lecture 122 Change Management Process

Lecture 123 Types of Changes

Lecture 124 Configuration Management

Lecture 125 Patch Management

Lecture 126 Release Management

Lecture 127 Incident Management

Lecture 128 Collecting digital Evidences and Forensic

Lecture 129 Incident Response Training

Lecture 130 Incident Response Plan Testing

Lecture 131 SOC Team

Lecture 132 SIEM

Lecture 133 EDR, NDR

Lecture 134 XDR,SOAR

Lecture 135 Threat Intel and MITRE Framework

Lecture 136 What is Disaster and BIA

Lecture 137 What is the DRP

Lecture 138 What is the BCP

Lecture 139 BCP Considerations

Lecture 140 RPO & RTO

Lecture 141 AIW,SDO,MTO and Relation

Lecture 142 Linking RPO, RTO, AIW, SDO, MTO

Lecture 143 Recovery Strategies

Lecture 144 Reciprocal Agreement

Lecture 145 BCP Testing and Evaluation

Lecture 146 Data Backup

Lecture 147 Storage Redundancy using RAID

Section 9: Domain 8 - Software Development Security

Lecture 148 Domain 8 Key Concepts

Lecture 149 What is Programming

Lecture 150 Software development methodologies

Lecture 151 DevOps

Lecture 152 DevSecOps

Lecture 153 Software Testing

Lecture 154 Software UAT Testing

Lecture 155 Version Control System and Code Repository

Lecture 156 Secure Code Practices

Lecture 157 Certification vs Accreditation and Authorize to Operate

Lecture 158 Software Project Acquisition Steps

Lecture 159 Project Management Tools - GANTT, PERT, CPM, TIMEBOX

Lecture 160 Database Overview

Lecture 161 Database Security

Lecture 162 Database Resiliency

Lecture 163 Architectual Concepts, SOA, VDI, SDP

Lecture 164 Virtualization and SDDC

Lecture 165 SDN and SDWAN

Lecture 166 Containers and Functions

Lecture 167 CDN - Content Delivery Network

Lecture 168 Cloud Computing

Information security professionals who want to enhance their knowledge and skills,IT professionals who want to transition to a career in information security,Security consultants who want to expand their expertise,Project managers who want to understand the security aspects of project management,Anyone who wants to prepare for the CISSP certification exam and become a certified information security professional