CISSP Certification Domain 5 & 6: The Complete Course
4.0 (13 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
96 students enrolled

CISSP Certification Domain 5 & 6: The Complete Course

CISSP: Learn Domain 5 - Identity and Access Management & Domain 6 - Security Assessment and Testing in this course.
4.0 (13 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
96 students enrolled
Created by CISSP Educator
Last updated 2/2020
English
English [Auto]
Current price: $119.99 Original price: $199.99 Discount: 40% off
2 days left at this price!
30-Day Money-Back Guarantee
This course includes
  • 9.5 hours on-demand video
  • 1 article
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to 4,000+ top Udemy courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Domain 5 - Identity and Access Management
  • Domain 6 - Security Assessment and Testing
  • Controlling physical and logical access
  • Identification and authentication
  • Identity as a Service
  • Third-party identity services
  • Authorization methods
  • Access control attacks
  • Assessment and testing strategies
  • Penetration Testing
  • Testing security controls
  • Vulnerability Testing
  • Collecting security process data
  • Analyzing and reporting results
  • Security Control Testing Strategies
  • Conducting and facilitating audits
Requirements
  • Internet Access
  • A PC or Mac
Description

Welcome to this course: CISSP Certification Domain 5 & 6: The Complete Course. Access is one of the most exploited aspects of security because it is the gateway that leads to critical assets. This course covers provisioning and managing identities, and the access used in the interaction between humans and information systems. Access controls need to be applied in a layered defense-indepth method, and an understanding of how these controls are exploited is extremely important. The core concepts of identification, authentication, authorization and accountability are covered in detail here. In this course, we will explore access control conceptually and then dig into the technologies the industry puts in place to enforce these concepts. We will also look at the common methods the bad guys use to attack these technologies. This course also covers some of the most important elements of security assessments and testing. It is divided into five sections. We start by discussing audit strategies, particularly the pros and cons of using our own internal auditors or bringing in external contractors. We then move on to approaches to testing our technical security controls. The third major section deals with testing our administrative controls, which are mostly implemented through polices. Finally, after we have enough empirical data to assess our posture, we discuss how to report our findings and how those findings play into the executive decision making within the organization.

Who this course is for:
  • Security Consultant
  • Security Analyst
  • Security Manager
  • Security Auditor
  • Security Architect
  • IT Director/Manager
  • Director of Security
  • Network Architect
  • Security Systems Engineer
Course content
Expand all 101 lectures 09:34:27
+ Getting Started With This Course
2 lectures 14:04
Getting Started: The Triple A Services - AAA
07:05
Getting Started: Identity and Access Management
06:59
+ Understanding Identification and Authentication
27 lectures 02:35:29
Introduction
03:48
Learning Identification and Authentication: Getting Accounts Provisioned
04:23
Learning Identification and Authentication: Control Access to System
02:03
Learning Identification and Authentication: Fraud Prevention, Detection - 1
04:58
Learning Identification and Authentication: Fraud Prevention, Detection - 2
09:37
Learning Identification and Authentication: The Identification Process
02:31
Learning Identification and Authentication: Learn About Authentication
07:09
Learning Identification and Authentication: Personal Identification Number
07:43
Learning Identification and Authentication: Passphrase - 1
08:14
Learning Identification and Authentication: Passphrase - 2
08:02
Learning Identification and Authentication: Assisted Password Reset
03:39
Learning Identification and Authentication: Automated Password Reset
04:46
Learning Identification and Authentication: Brute Force - Exhaustive Attacks
04:42
Learning Identification and Authentication: Rainbow Attack
05:18
Learning Identification and Authentication: Replay Attack
08:03
Identification and Authentication: Understanding Authentication Protocols
07:47
Learning Identification and Authentication: Authentication - Token Device
07:02
Learning Identification and Authentication: Two Different Types of Access Device
06:37
Identification and Authentication: Devices Generate One-Time Passwords
02:12
Learning Identification and Authentication: Synchronous Token Device
04:41
Learning Identification and Authentication: Learn More About Token Device
03:32
Learning Identification and Authentication: Public Key Certificates
05:48
Identification and Authentication: Authentication - Learning Biometrics
06:27
Learning Identification and Authentication: Fingerprint and Finger Scan
07:47
Identification and Authentication: Identification - One to One & One to Many
06:11
Learning Identification and Authentication: Learn About Errors
06:09
Section Outro
06:20
+ Identity as a Service and Federation
12 lectures 01:11:21
Introduction
07:59
Identity as a Service and Federation: Learn About Directory Services - 1
06:40
Identity as a Service and Federation: Learn About Directory Services - 2
07:39
Identity as a Service and Federation: Authentication Services - 1
02:59
Identity as a Service and Federation: Authentication Services - 2
05:10
Identity as a Service and Federation: Authentication Services - 3
05:07
Identity as a Service and Federation: Authentication Services - 4
04:33
Identity as a Service and Federation: User Authentication to Resource Server
02:49
Identity as a Service and Federation: Security Concerns
03:40
Identity as a Service and Federation: Secure European System For Applications
06:21
Identity as a Service and Federation: Federation
09:08
Section Outro
09:16
+ Understanding Authorization and Accountability
27 lectures 02:38:12
Introduction
03:45
Learning Authorization and Accountability: Learning Access Controls
07:05
Learning Authorization and Accountability: Administrative, Technical, Physical
05:25
Learning Authorization and Accountability: A Second Layer of Criteria
10:27
Learning Authorization and Accountability: Learn About Examples
08:09
Learning Authorization and Accountability: Security Through Obscurity
07:49
Learning Authorization and Accountability: Different Access Control Models
02:38
Learning Authorization and Accountability: Mandatory Access Control
06:53
Learning Authorization and Accountability: Mandatory Access Control Models
06:00
Learning Authorization and Accountability: Discretionary Access Control
08:30
Learning Authorization and Accountability: Discretionary Access Control Models
03:01
Learning Authorization and Accountability: DAC Vulnerabilities
05:27
Learning Authorization and Accountability: Learn About ACM
04:46
Learning Authorization and Accountability: Role-Based Access Control
07:35
Learning Authorization and Accountability: Rule-Based Access Control
06:51
Learning Authorization and Accountability: Access Control Architectures
08:44
Learning Authorization and Accountability: More About DAC
02:32
Authorization and Accountability: Understanding Distributed Access Control
03:27
Learning Authorization and Accountability: Learn About AAA Services
04:15
Authorization and Accountability: Remote Authentication Dial-In User Services
05:23
Learning Authorization and Accountability: Radius Server
06:41
Terminal Access Controller Access Control System
07:51
Learning Authorization and Accountability: Learn About Credential Management
08:32
Temporal Access Controls and Constrained Interfaces
03:17
Section Outro
03:30
+ Identity and Access Management Summary
1 lecture 04:51
Identity and Access Management Summary
04:51
+ Getting Started
1 lecture 08:02
Getting Started - Our Goals
08:02
+ Learn About Vulnerability and Penetration Testing
23 lectures 02:14:21
Introduction
03:19
Performing Security Control Testing Assessment
07:07
Vulnerability and Penetration Testing: Understanding Security Assessment
06:02
Vulnerability and Penetration Testing: Testing - Identifies Weaknesses
04:50
Vulnerability and Penetration Testing: Getting Approval Before Testing
03:32
Vulnerability and Penetration Testing: Internal Scanning and External Scanning
07:51
Vulnerability and Penetration Testing: CVE and CVSS
04:19
Vulnerability and Penetration Testing: Mitigating Vulnerability
06:41
Vulnerability and Penetration Testing: Learn About Penetration Testing - 1
06:17
Vulnerability and Penetration Testing: Learn About Penetration Testing - 2
04:03
Vulnerability and Penetration Testing: Learn About Passive Reconnaissance
09:04
Vulnerability and Penetration Testing: Intro to Active Reconnaissance
03:11
Vulnerability and Penetration Testing: Learning Active Reconnaissance
01:34
Vulnerability and Penetration Testing: Passive and Active Reconnaissance
02:52
Vulnerability and Penetration Testing: Exploit - gaining access
04:56
Vulnerability and Penetration Testing: More About Penetration Testing
11:18
Vulnerability and Penetration Testing: Testing Users Awareness
07:58
Learn About Social Engineering Awareness Skills
09:13
Auditing Technical Controls - Code Reviews
07:23
Testing - Performed on Compiled Applications
09:11
Vulnerability and Penetration Testing: User Awareness Testing
05:04
Section Outro
03:24
+ Learn About Security Information
2 lectures 10:40
Introduction
01:24
Security Information Must Be Collected and Processed
09:16