CISSP® - Security Engineering
Deep dive into the Security Engineering domain of the Certified Information Systems Security Professional (CISSP®) certification.
What you'll learn
Deep dive into the Security Engineering domain of the Certified Information Systems Security Professional (CISSP®) certification, including Secure Design Principles and Processes, Fundamental Concepts of Security Models, Security Evaluation Models, Security Capabilities of Information Systems, Vulnerabilities in Security Architecture and Technology Components, Cryptography, and Site and Facility Secure Design
Table of contents
- Introduction to Secure Design Principles and Processes 1m
- Software/System Design Lifecycle 2m
- Requirements Phase 1m
- Design Phase 2m
- Implementation Phase 1m
- Integration and Testing Phase 1m
- Transition to Operations Phase 1m
- NIST Security Engineering Principles 2m
- Security Foundation Principles 4m
- Risk Based Principles 6m
- Ease of Use Principles 4m
- Increase Resilience Principles 8m
- Reduce Vulnerabilities Principles 5m
- Design with Network in Mind Principles 4m
- Summary and What’s Next 1m
- Introduction to Fundamental Concepts of Security Models 1m
- Type of Security Models 1m
- Information Flow Security Model 1m
- Matrix-based Security Model 1m
- Multi-level Lattice Security Model 1m
- Non-interference Security Model 1m
- State Machine Security Model 1m
- Common Security Model Examples 1m
- Bell-LaPadula Confidentiality Security Model 3m
- Biba Integrity Security Model 2m
- Brewer-Nash (The Chinese Wall) Security Model 1m
- Clark Wilson Security Model 1m
- Graham-Denning Security Model 1m
- Security Architecture Frameworks 1m
- The Open Group Architecture Framework (TOGAF) 1m
- Zachman Framework 1m
- Sherwood Applied Business Security Architecture (SABSA) 1m
- Summary and What’s Next 1m
- Introduction to Security Evaluation Models 1m
- Certification and Accreditation 1m
- Product Evaluation Models 1m
- Trusted Computer System Evaluation Criteria (TCSEC) 5m
- Information Technology Security Evaluation Criteria (ITSEC) 4m
- The Common Criteria 2m
- Security Implementation Guidelines 1m
- ISO/IEC 27001 and 27002 Security Standards 3m
- Control Objects for Information and Related Technology (COBIT) 2m
- Payment Card Industry Data Security Standard (PCI-DSS) 2m
- Summary and What’s Next 1m
- Introduction to Cryptography 1m
- Cryptography Is Typically Bypassed, Not Penetrated 1m
- Basic Concept of Cryptography 5m
- Cryptography Isn’t New! 2m
- The CIA Triad 1m
- Key Length 1m
- Cipher Types 1m
- Forms of Cryptography 1m
- Symmetric Cryptography 1m
- Data Encryption Standard (DES) 3m
- Double DES (2DES) 0m
- Triple DES (3DES) 1m
- Advanced Encryption Standard (Rijndael) 1m
- Asymmetric Cryptography 3m
- Hashing Functions 1m
- Hashing Attacks 1m
- Methods of Cryptanalytic Attacks 1m
- Cryptographic Lifecycle 1m
- Cryptography Law 1m
- Summary and What’s Next 1m
- Introduction to Site and Facility Secure Design 1m
- Physical Security Control Design 2m
- Crime Prevention Through Environmental Design 1m
- Physical Security Requirements and Resources 2m
- Key Facility Protection Points 0m
- Facility Access 2m
- Support Equipment Rooms 1m
- Server and Technology Component Rooms 1m
- Restricted Work Areas 1m
- Summary and What’s Next 1m
About the author
Evan is an engineer by nature and a security professional by trade with over a decade of experience in technology and security. Evan's professional experience has provided him with multiple perspectives on his trade, including roles in the military, technology services, Big 4 consulting, Fortune 100 financial services, Fortune 50 retailers, and university professor. Evan has a Master of Science in Information Systems, Master of Business Administration, and Bachelor of Information Technology degr... more