CISSP Certification: Domains 1, 2, 3 & 4 Video Training-2020
3.8 (27 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
172 students enrolled

CISSP Certification: Domains 1, 2, 3 & 4 Video Training-2020

Invest in the CISSP Certification (Domain 1, 2, 3 & 4) Training Course: Video, downloadable slides & practice questions
3.8 (27 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
172 students enrolled
Created by Shon Gerber
Last updated 6/2019
English
English [Auto]
Current price: $51.99 Original price: $74.99 Discount: 31% off
5 hours left at this price!
30-Day Money-Back Guarantee
This course includes
  • 9.5 hours on-demand video
  • 38 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Prepare for the of the 2018 Certified Information Systems Security Processionals (CISSP) exam
  • Full understanding of the objectives that relate to Domain 1 (Security and Risk Management) of the CISSP exam
  • Full understanding of the objectives that relate to Domain 2 (Asset Security) of the CISSP exam
  • Full understanding of the objectives that relate to Domain 3 (Security Architecture and Engineering) of the CISSP exam
  • Full understanding of the objectives that relate to Domain 4 (Communication and Network Security) of the CISSP exam
  • Security management perspectives from the view of a Chief Information Security Officer (CISO)
  • How to begin on the CISSP certification journey along with practical real-world experiences providing knowledge and context
  • Learn the benefits and rewards for gaining your CISSP certification, and what it will provide to your career
Requirements
  • Desire to pass the Information Systems Security Professional CISSP Certification Exam and not sure how to do it
  • Desire to gain more insight and knowledge around IT, Information, and Cyber Security from a management/senior leader perspective
Description

In this CISSP Domain 1, 2, 3, and 4 video training course, I will provide you the knowledge, experience and practical skills you need to pass the CISSP certification. In addition, you will get my years of experience (Over 18 years) as I translate CISSP training requirements into real-world examples.

Included in this course:

CISSP Domain 1 Videos

  • 13 Sections - 31 Videos

  • Slides available to download for Domain 1

  • 10 CISSP practice questions

CISSP Domain 2 Videos

  • 5 Sections - 9 Videos

  • Slides available to download for Domain 2

  • 10 CISSP practice questions

CISSP Domain 3 Videos

  • 11 Sections - 16 Videos

  • Slides available to download for Domain 3

  • 10 CISSP practice questions

CISSP Domain 4 Videos

  • 3 Sections - 7 Videos

  • Slides available to download for Domain 4

  • 10 CISSP practice questions

The curriculum in this course covers the content that will be on the most current CISSP exam (April 2018). Each objective that is required for the CISSP exam will be covered in varying degrees of complexity and competency. The next upgrade to the CISSP curriculum/exam will occur in 2021.

In Domain 1 we will cover:

  • Introduction

    • Introduction

    • Purpose

    • ISC2

  • Understand and apply concepts of confidentiality, integrity and availability

    • Confidentiality

    • Integrity

    • Availability

  • Evaluate and apply security governance principles

    • Alignment of security function to business strategy, goals, mission, and objectives

    • Organizational processes (e.g., acquisitions, divestitures, governance committees

    • Organizational roles and responsibilities

    • Security control frameworks

    • Due care/due diligence

  • Determine compliance requirements

    • Contractual, legal, industry standards, and regulatory requirements

    • Privacy requirements

  • Understand legal and regulatory issues that pertain to information security in a global context

    • Cyber crimes and data breaches

    • Licensing and intellectual property requirements

    • Import/export controls

    • Trans-border data flow

    • Privacy

  • Understand, adhere to, and promote professional ethics

    • (ISC)² Code of Professional Ethics

    • Organizational code of ethics

  • Develop, document, and implement security policy, standards, procedures, and guidelines

  • Identify, analyze, and prioritize Business Continuity (BC) requirement

    • Develop and document scope and plan

    • Business Impact Analysis (BIA)

  • Contribute to and enforce personnel security policies and procedures

    • Candidate screening and hiring

    • Employment agreements and policies

    • Onboarding and termination processes

    • Vendor, consultant, and contractor agreements and controls

    • Compliance policy requirements

    • Privacy policy requirements

  • Understand and apply risk management concepts

    • Identify threats and vulnerabilities

    • Risk assessment/analysis

    • Risk response

    • Countermeasure selection and implementation

    • Applicable types of controls (e.g., preventive, detective, corrective)

    • Security Control Assessment (SCA)

    • Monitoring and measurement

    • Asset valuation

    • Reporting

    • Continuous improvement

    • Risk frameworks

  • Understand and apply threat modeling concepts and methodologies

    • Threat modeling methodologies

    • Threat modeling concepts

  • Apply risk-based management concepts to the supply chain

    • Risks associated with hardware, software, and services

    • Third-party assessment and monitoring

    • Minimum security requirements

    • Service-level requirements

  • Establish and maintain a security awareness, education, and training program

    • Methods and techniques to present awareness and training

    • Periodic content reviews

    • Program effectiveness evaluation

In Domain 2 we will cover:

  • Identify and classify information and assets

    • Data Classification

    • Asset Classification

  • Determine and maintain information and asset ownership

  • Protect privacy

    • Data owners

    • Data processors

    • Data remanence

    • Collection limitation

  • Ensure appropriate asset retention

  • Determine data security controls

    • Understand data states

    • Scoping and tailoring

    • Standards selection

    • Data protection methods

  • Establish information and asset handling requirements

In Domain 3 we will cover:

  • Implementation and management of engineering processes using secure design principles

    • Asset Retention

    • Confinement

  • Understanding of the fundamental concepts of security models

  • Selection of controls based upon systems security requirements

  • Security capabilities of information systems

  • Assessment and mitigation of vulnerabilities within a security architecture

    • Client-based systems

    • Server-based systems

    • Database systems

    • Cryptographic systems

    • Industrial Control Systems (ICS)

    • Cloud-based systems

    • Distributed systems

    • Internet of Things (IoT)

  • Assessment and mitigation in web-based systems

  • Assessment and mitigation in mobile-based systems

  • Assessment and mitigation in embedded devices

  • Apply cryptographic methods

    • Cryptographic life-cycle

    • Cryptographic methods

    • Public Key Infrastructure

    • Key management practices

    • Digital Signatures

    • Non-repudiation

    • Integrity (e.g. Hashing)

    • Cryptographic attacks

    • Digital Rights Management (DRM)

  • Application of security principles to sites and facility design

  • Implementation of site and facility security controls

    • Wiring closets/intermediate distribution facilities

    • Server rooms/data centers

    • Media storage facilities

    • Evidence storage

    • Restricted and work area security

    • Utilities and Heating, Ventilation, and Air Conditioning (HVAC)

    • Environmental issues

    • Fire prevention, detection, and suppression

In Domain 4 we will cover:

  • Implement secure design principles in network architectures

    • Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models

    • Internet Protocol (IP) networking

    • Implications of multil-ayer protocols

    • Converged protocols

    • Software-defined networks

    • Wireless networks

  • Secure network components

    • Operation of hardware

    • Transmission media

    • Network Access Control (NAC) devices

    • Endpoint security

    • Content-distribution networks

  • Implement secure communication channels according to design

    • Voice

    • Multimedia collaboration

    • Remote access

    • Data communications

    • Virtualized networks


Notes / Disclaimers:

  • In order for you to pass the CISSP test you need to have the substantial knowledge through experience and knowledge.

  • The test was originally written in English, but there are other language versions available

  • Answering the questions you need to consider the "perfect world" scenario and that work around options may be technically correct, but they may not meet (ISC)2 point of view

  • You need to be able to spot the keywords (DR, BCP, Policy, Standards, etc.) as well as the indicators (First, Best, Last, Least, Most)

  • Understand and answer every question from the Manager, CISO, or Risk Advisers Point of View (PoV). Answering the questions from a CIO or technical perspective will place your thinking too high or down in the weeds too far.

  • Understand that you are to answer the questions based on being proactive within your environment. Enable a Vulnerability Management Program before you have vulnerability issues.

  • The English version of the CISSP exam, utilizes the Computerized Adaptive Testing (CAT) format and is 3 hours long with 100-150 questions

  • Most people studying for CISSP certification will various media sources, test banks, and various books to enhance their test taking experience.

  • Don’t rely on one source to teach you all that you need to know for the CISSP….Invest in multiple training opportunities. The future payoff is worth the time and energy.

Who this course is for:
  • Individuals who are preparing for the ISC2 CISSP Certification Exam
  • Individuals wanting lean and gain knowledge on the CISSP certification
  • People wanting to grow their IT Security and Cyber Security knowledge
  • New and experienced IT Security professionals
  • Anyone wanting to break into IT Security
  • Students wanting to learn and grow their understanding on the CISSP Domain curriculum
Course content
Expand all 63 lectures 09:31:45
+ Domain 1: Understand and apply concepts of CIA
3 lectures 29:58
Confidentiality
11:24
Integrity
08:44
Availability
09:50
+ Domain 1: Determine compliance requirements
2 lectures 18:28
Compliance and Regulations
12:37
Privacy Requirements
05:51
+ Domain 1: Understand legal and regulatory issues
4 lectures 33:38
Legislation
07:55
Patent and Trademarks
09:03
Import / Export
09:47
Privacy
06:53
+ Domain 1: Contribute to and enforce personnel security policies and procedures
2 lectures 23:16
Candidate Screening and Hiring
13:56
Vendor, consultant, and contractor agreements and controls
09:20
+ Domain 1: Understand and apply risk management concepts
4 lectures 29:40
Risk Management
07:26
Risk Assessment / Analysis
07:46
Security Control Assessment (SCA)
08:25
Continuous Improvement
06:03