Description
In this CISSP Domain 5, 6, 7 and 8 video training course, I will provide you the knowledge, experience and practical skills you need to pass the CISSP certification. In addition, you will get my years of experience (Over 21 years) as I translate CISSP training requirements into real-world examples. Included in this course: CISSP Domain 5 VideosFull CISSP Domain 5 Videos 10 CISSP practice questionsCISSP Domain 6 VideosFull CISSP Domain 6 Videos 10 CISSP practice questionsCISSP Domain 7 VideosFull CISSP Domain 7 Videos 10 CISSP practice questionsCISSP Domain 8 VideosFull CISSP Domain 8 Videos10 CISSP practice questionsThe curriculum in this course covers the content that will be on the most current CISSP exam (April 2021). Each objective that is required for the CISSP exam will be covered in varying degrees of complexity and competency. The next upgrade to the CISSP curriculum/exam will occur in 2023. In Domain 5 we will cover: Control Physical and Logical Access to AssetsInformationSystemsDevicesFacilitiesManage Identification and Authentication of People, Devices, and ServicesIdentity management implementationSingle/multi-factor authenticationAccountabilitySession managementRegistration and proofing of identityFederated Identity Management (FIM)Credential management systemsIntegrate Identity as a Third-party ServiceOn-premiseCloudFederatedImplement and Manage Authorization MechanismsRole Based Access Control (RBAC)Rule-based Access controlMandatory Access Control (MAC)Discretionary Access Control (DAC)Attribute Based Access Control (ABAC)Manage the Identity and Access Provisioning LifecycleUser access reviewSystem account access reviewProvisioning and deprovisioningIn Domain 6 we will cover: Design and Validate Assessment, Test, and Audit StrategiesInternalExternalThird PartyConduct Security Control TestingVulnerability AssessmentPenetration TestingLog ReviewsSynthetic TransactionsCode Review and TestingMisuse Case TestingTest Coverage AnalysisInterface TestingCollect Security Process Data (e. g., Technical and Administrative)Account ManagementManagement Review and ApprovalKey Performance and Risk IndicatorsBackup Verification DataTraining and AwarenessDisaster Recovery (DR) and Business Continuity (BC)Analyze Test Output and Generate ReportConduct or Facilitate Security AuditsInternalExternalThird-PartyIn Domain 7 we will cover: Understand and Support InvestigationsEvidence Collection and HandlingReporting and DocumentationInvestigative TechniquesDigital Forensics Tools, Tactics, and ProceduresUnderstand Requirements for Investigation TypesAdministrativeCriminalCivilRegulatoryIndustry StandardsConduct Logging and Monitoring ActivitiesIntrusion Detection and PreventionSecurity Information and Event ManagementContinuous MonitoringEgress MonitoringSecurely Provisioning ResourcesAsset InventoryAsset ManagementConfiguration ManagementUnderstand and Apply Foundational Security Ops ConceptsNeed-To-Know / Least PrivilegesSeparation of Duties and ResponsibilitiesPrivileged Account ManagementJob RotationInformation LifecycleService Level Agreements (SLA)Apply Resource Protection TechniquesMedia ManagementHardware and Software Asset ManagementConduct Incident ManagementDetectionResponseMitigationReportingRecoveryRemediationLessons LearnedOperate and Maintain Detective and Preventative MeasuresFirewallsIntrusion Detection and Prevention SystemsWhitelisting/BlacklistingThird-Party Provided Security ServicesSandboxingImplement and Support Patch and Vulnerability ManagementUnderstand and Participate in Change Management ProcessesImplement Recovery StrategiesBackup Storage StrategiesRecovery Site StrategiesMultiple Processing SitesSystem Resilience, High Availability, Quality of Service (QOS), and Fault ToleranceImplement Disaster Recovery (DR) ProcessesResponsePersonnelCommunicationsAssessmentRestorationTraining and AwarenessTest Disaster Recovery Plans (DRP)Read-Through/ChecklistStructured Walk-Through (Table-Top)Simulation TestParallel TestFull Interruption TestParticipate in Business Continuity (BC) Planning and ExercisesImplement and Manage Physical SecurityPerimeter Security ControlsInternal Security ControlsAddress Personnel Safety and Security ConcernsTravelSecurity Training and AwarenessEmergency ManagementDuressIn Domain 8 we will cover: Design and Validate Assessment, Test, and Audit StrategiesInternalExternalThird PartyConduct Security Control TestingVulnerability AssessmentPenetration TestingLog ReviewsSynthetic TransactionsCode Review and TestingMisuse Case TestingTest Coverage AnalysisInterface TestingCollect Security Process Data (e. g., Technical and Administrative)Account ManagementManagement Review and ApprovalKey Performance and Risk IndicatorsBackup Verification DataTraining and AwarenessDisaster Recovery (DR) and Business Continuity (BC)Analyze Test Output and Generate ReportConduct or Facilitate Security AuditsInternalExternalThird-PartyNotes / Disclaimers: In order for you to pass the CISSP test you need to have the substantial knowledge through experience and knowledge. The test was originally written in English, but there are other language versions availableAnswering the questions you need to consider the perfect world scenario and that work around options may be technically correct, but they may not meet (ISC)2 point of viewYou need to be able to spot the keywords (DR, BCP, Policy, Standards, etc.) as well as the indicators (First, Best, Last, Least, Most)Understand and answer every question from the Manager, CISO, or Risk Advisers Point of View (PoV). Answering the questions from a CIO or technical perspective will place your thinking too high or down in the weeds too far. Understand that you are to answer the questions based on being proactive within your environment. Enable a Vulnerability Management Program before you have vulnerability issues. The English version of the CISSP exam, utilizes the Computerized Adaptive Testing (CAT) format and is 3 hours long with 100-150 questionsMost people studying for CISSP certification will various media sources, test banks, and various books to enhance their test taking experience. Don't rely on one source to teach you all that you need to know for the CISSP…. Invest in multiple training opportunities. The future payoff is worth the time and energy.
