Cissp Bootcamp Course - Domain 5 & 6

What you'll learn
Protection of data and resources
Authentication and Authorization
Cryptography
Public key infrastructure (PKI)
Security Assessment and Testing
Requirements
A fundamental grasp and knowledge of computers, networks, information technology, and cyber security.
Description
This is an ideal course for any student who is preparing for CISSP. The course content covers Domain 5 and Domain 6 in detail.Design and validate assessment, test, and audit strategiesInternalExternalThird-partyConduct security control testingVulnerability assessmentPenetration testingLog reviewsSynthetic transactionsCode review and testingMisuse case testingTest coverage analysisInterface testingBreach attack simulationsCompliance checksCollect security process data (e.g., technical and administrative)Account managementManagement review and approvalKey performance and risk indicatorsBackup verification dataTraining and awarenessDisaster Recovery (DR) and Business Continuity (BC)Analyze test output and generate reportsRemediationException handlingEthical disclosureConduct or facilitate security auditsInternalExternalThird-partyControl physical and logical access to assetsInformationSystemsDevicesFacilitiesApplicationsManage identification and authentication of people, devices, and servicesIdentity Management (IdM) implementationSingle/Multi-Factor Authentication (MFA)AccountabilitySession managementRegistration, proofing, and establishment of identityFederated Identity Management (FIM)Credential management systemsSingle Sign On (SSO)Just-In-Time (JIT)Federated identity with a third-party serviceOn-premisesCloudHybridImplement and manage authorization mechanismsRole Based Access Control (RBAC)Rule based access controlMandatory Access Control (MAC)Discretionary Access Control (DAC)Attribute Based Access Control (ABAC)Risk based access controlManage the identity access provisioning lifecycleAccount access review (e.g., user, system, service)Provisioning and deprovisioning (E.g., on/off boarding and transfers)Role definition (e.g., people assigned to new roles)Privilege escalation (e.g., manage service accounts, use of sudo, minimizing its use)Implement authentication systemsOPENid Connect (OIDC)/Open Authorization (Oauth)Security Assertion Markup Language (SAML)KerberosRemote Authentication Dial-In User Service (RADIUS)/Terminal Access Controller Access Control System Plus (TACACS+)The CISSP exam is governed by the International Information Systems Security Certification Consortium (ISC) . (ISC) is a global not-for-profit organization. It has four primary mission goals:Maintain the Common Body of Knowledge (CBK) for the field of information systems security.Provide certification for information systems security professionals and practitioners.Conduct certification training and administer the certification exams.Oversee the ongoing accreditation of qualified certification candidates through continued education.The (ISC)2 is operated by a board of directors elected from the ranks of its certified practitioners.Subscribe now! The CISSP exam is governed by the International Information Systems Security Certification Consortium (ISC) . (ISC) is a global not-for-profit organization.
Overview
Section 1: Introduction
Lecture 1 Introduction
Section 2: Domain 5 - Identity and Access Management
Lecture 2 Understanding IDAM, Authentication Types and Methods
Lecture 3 Identity and Access Mechanisms, SSO, Kerberos
Lecture 4 AAA services, Radius, TACACS, TACACS+ and Diameter
Lecture 5 Managing System and User Accounts, IAM lifecycle
Lecture 6 Biometric authentication and errors
Lecture 7 Centralised and De-centralised Access Controls, ABAC, RBAC, DAC models
Section 3: Domain 6 - Security Assessment and Testing
Lecture 8 Planning a Security Assessment, Types of Assessments
Lecture 9 Software security assessments, Test coverage analysis
Lecture 10 Testing web based applications, Security Architecture
Lecture 11 IOT, Security Architecture Best Practices
Lecture 12 Vulnerability Assessment considerations, Penetration testing and its types
Lecture 13 Other important topics for CISSP exam
Managers,Information Security Managers


Homepage