Certified Information Systems Security Professional (CISSP) is the gold standard in IT security certification. Prepare for domain three of the exam-Security Architecture and Engineering-in this installment of CISSP Cert Prep. Security engineering ensures systems are designed to deal with all sorts of risks and disruptions, from hackers and database meltdowns to electrical outages. In this course, security expert Mike Chapple covers everything you need to know to balance business needs with security risks and design more secure systems. He covers cloud computing, as well as hardware, web, and mobile security; client and server vulnerabilities; smart device security; and physical security, such as site design and monitoring. Plus, get a deep dive into cryptography, one of the most powerful tools that IT pros can use to secure data and accounts.
Topics include:
Understanding security design principles and models
Cloud computing and virtualization
Hardware security
Client and server vulnerabilities
Web security vulnerabilities
Securing mobile devices and smart devices
Understanding encryption
Symmetric and asymmetric cryptography
Key management and public key infrastructure
Physical security
0. Introduction
|
|
|
||
|
01. Welcome
|
02. What you should know
|
1. Security Engineering
|
|
|
|
|
|
03. Secure design principles
|
04. Security models
|
05. Security requirements
|
3. Hardware Security
|
|
|
|
|
|
09. Memory protection
|
10. Interface protection
|
11. High availability and fault tolerance
|
4. Client and Server Vulnerabilities
|
|
|
|
|
|
12. Client security issues
|
13. Server security issues
|
14. NoSQL databases
|
15. Large-scale parallel and distributed systems
|
5. Web Security
|
|
|
|
|
|
16. OWASP top ten
|
17. SQL Injection prevention
|
18. Cross-site scripting prevention
|
19. Cross-site request forgery prevention
|
|
|
|
||
|
20. Fuzz testing
|
21. Session hijacking
|
6. Mobile Security
|
|
|
|
|
|
22. Mobile device security
|
23. Mobile device management
|
24. Mobile device tracking
|
25. Mobile application security
|
|
|
|||
|
26. Bring your own device (BYOD)
|
7. Smart Device Security
|
|
|
|
|
|
27. Industrial control systems
|
28. Smart home technology
|
29. Securing the Internet of Things
|
30. Secure networking for the Internet of Things
|
8. Encryption
|
|
|
=
|
|
|
31. Understanding encryption
|
32. Symmetric and asymmetric cryptography
|
33. Goals of cryptography
|
34. Codes and ciphers
|
|
|
|
|
|
|
35. Choosing encryption algorithms
|
36. The perfect encryption algorithm
|
37. The cryptographic life cycle
|
38. Digital rights management
|
9. Symmetric Cryptography
|
|
|
|
|
|
39. Data Encryption Standard (DES)
|
40. 3DES
|
41. AES, Blowfish, and Twofish
|
42. RC4
|
|
|
|||
|
43. Steganography
|