Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
CISSP Cert Prep (2021): 3 Security Architecture and Engineering

CISSP Cert Prep (2021): 3 Security Architecture and Engineering

5h 48mAdvanced2022-02-28

Authors

Mike Chapple

Mike Chapple

Teaching Professor at the University of Notre Dame

Course details

Certified Information Systems Security Professional (CISSP) is the gold standard in IT security certification. Prepare for domain three of the exam—Security Architecture and Engineering—in this installment of CISSP Cert Prep. Security engineering ensures systems are designed to deal with all sorts of risks and disruptions, from hackers and database meltdowns to electrical outages. In this course, security expert Mike Chapple covers everything you need to know to balance business needs with security risks and design more secure systems. He covers cloud computing, as well as hardware and web security; server vulnerabilities; smart device security; and physical security, such as site design and monitoring. Plus, get a deep dive into cryptography, one of the most powerful tools that IT pros can use to secure data and accounts.

Skills covered

Vulnerability ManagementCybersecurityCert Prep

Concepts

0. Introduction

  • 01 - Security engineering
  • 02 - What you need to know
  • 03 - Study resources

1. Secure Design

  • 04 - Secure design principles
  • 05 - Security models
  • 06 - Security evaluation models
  • 07 - Separation of duties
  • 08 - Selecting security controls
  • 09 - Privacy by design
  • 10 - Secure defaults

2. Virtualization and Cloud Computing

  • 11 - What is the cloud
  • 12 - Cloud computing roles
  • 13 - Drivers for cloud computing
  • 14 - Multitenant computing
  • 15 - Virtualization
  • 16 - Desktop and application virtualization
  • 17 - Cloud compute resources
  • 18 - Containerization
  • 19 - Cloud activities and the Cloud Reference Architecture
  • 20 - Cloud deployment models
  • 21 - Cloud service categories
  • 22 - Edge and fog computing

3. Hardware Security

  • 23 - Memory protection
  • 24 - Hardware encryption
  • 25 - Hardware and firmware security

4. Server Security Issues

  • 26 - Server and database security
  • 27 - NoSQL databases
  • 28 - Distributed and high performance computing

5. Web Security Issues

  • 29 - OWASP Top 10
  • 30 - SQL injection prevention
  • 31 - Cross-site scripting prevention
  • 32 - Cross-site request forgery prevention
  • 33 - Defending against directory traversal
  • 34 - Overflow attacks
  • 35 - Session hijacking
  • 36 - Privilege escalation

6. Embedded Systems Security

  • 37 - Industrial control systems
  • 38 - Internet of Things
  • 39 - Securing smart devices
  • 40 - Secure networking for smart devices
  • 41 - Embedded systems
  • 42 - Communications for embedded devices

7. Encryption

  • 43 - Understanding encryption
  • 44 - Symmetric and asymmetric cryptography
  • 45 - Goals of cryptography
  • 46 - Codes and ciphers
  • 47 - Cryptographic math
  • 48 - Choosing encryption algorithms
  • 49 - The perfect encryption algorithm
  • 50 - The cryptographic lifecycle

8. Symmetric Cryptography

  • 51 - Data Encryption Standard
  • 52 - 3DES
  • 53 - AES, Blowfish, and Twofish
  • 54 - RC4
  • 55 - Cipher modes
  • 56 - Steganography

9. Asymmetric Cryptography

  • 57 - Rivest, Shamir, Adelman (RSA)
  • 58 - PGP and GnuPG
  • 59 - Elliptic-curve and quantum cryptography

10. Key Management

  • 60 - Key exchange
  • 61 - Diffie-Hellman
  • 62 - Key escrow
  • 63 - Key stretching
  • 64 - Hardware security modules

11. Public Key Infrastructure

  • 65 - Trust models
  • 66 - PKI and digital certificates
  • 67 - Hash functions
  • 68 - Digital signatures
  • 69 - Digital signature standard
  • 70 - Create a digital certificate
  • 71 - Revoke a digital certificate
  • 72 - Certificate stapling
  • 73 - Certificate authorities
  • 74 - Certificate subjects
  • 75 - Certificate types
  • 76 - Certificate formats

12. Cryptanalytic Attacks

  • 77 - Brute force attacks
  • 78 - Knowledge-based attacks
  • 79 - Eavesdropping attacks
  • 80 - Implementation attacks
  • 81 - Limitations of encryption algorithms
  • 82 - Ransomware

13. Physical Security

  • 83 - Site and facility design
  • 84 - Data center environmental controls
  • 85 - Data center environmental protection
  • 86 - Power control
  • 87 - Physical access control
  • 88 - Visitor management
  • 89 - Physical security personnel

14. Threat Modeling

  • 90 - Threat intelligence
  • 91 - Managing threat indicators
  • 92 - Intelligence sharing
  • 93 - Threat research
  • 94 - Identifying threats
  • 95 - Automating threat intelligence
  • 96 - Threat hunting

15. Software Security Architecture

  • 97 - SOAP and REST
  • 98 - SOA and microservices

Conclusion

  • 99 - Continuing your preparation

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal