CISSP Cert Prep (2021): 6 Security Assessment and Testing
2h 4mAdvanced2021-04-16
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
Are you getting ready for the Certified Information Systems Security Professional (CISSP) exam, or are you perhaps an experienced information security professional who wants to learn more about security assessment and testing? In this course, instructor Mike Chapple provides you with the detailed information you need to prepare for the Security Assessment and Testing domain of the 2021 CISSP exam. Mike explains information security and risk management practices, especially the practices you need to complete the CISSP exam. He covers security governance, compliance, and policy issues. Mike discusses business continuity, personnel security, threat modeling, vendor management, and security training and awareness topics.
Skills covered
Security TestingGovernance, Risk, and ComplianceCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Security assessment and testing
- 02 - What you need to know
- 03 - Study resources
1. Vulnerability Scanning
- 04 - What is vulnerability management
- 05 - Identify scan targets
- 06 - Scan configuration
- 07 - Scan perspective
- 08 - Analyzing scan reports
- 09 - Correlating scan results
2. Penetration Testing
- 10 - Penetration testing
- 11 - Ethical disclosure
- 12 - Bug bounty
- 13 - Cybersecurity exercises
3. Log Reviews
- 14 - Logging security information
- 15 - Security information and event management
4. Code Testing
- 16 - Code review
- 17 - Code tests
- 18 - Fuzz testing
- 19 - Interface testing
- 20 - Misuse case testing
- 21 - Test coverage analysis
5. Business Continuity Planning
- 22 - Business continuity planning
- 23 - Business continuity controls
- 24 - High availability and fault tolerance
6. Disaster Recovery Planning
- 25 - Disaster recovery
- 26 - Backups
- 27 - Restoring backups
- 28 - Disaster recovery sites
- 29 - Testing BC DR plans
- 30 - After action reports
7. Assessing Security Processes
- 31 - Collect security process data
- 32 - Management review and approval
- 33 - Security metrics
- 34 - Audits and assessments
- 35 - Control management
Continuing Your Preparation
- 36 - Continuing your preparation
Related courses
- CISSP Cert Prep (2021): 4 Communication and Network Security
- CISSP Cert Prep (2021): 1 Security and Risk Management
- CISSP Cert Prep (2021): 2 Asset Security
- CISSP Cert Prep (2021): 3 Security Architecture and Engineering
- CISSP Cert Prep (2021): 5 Identity and Access Management
- CISSP Cert Prep (2021): 7 Security Operations
- CISSP Cert Prep (2021): The Basics
- CISSP Cert Prep (2021): 8 Software Development Security