CISSP Certification: Domains 5, 6, 7 & 8 Video Training-2021
Invest in the CISSP Certification (Domain 5, 6, 7 & 8) Training Course: Video, downloadable slides & practice questions
What you will learn
Prepare for the of the 2021 Certified Information Systems Security Processionals (CISSP) exam
Full understanding of the objectives that relate to Domain 5 (Identity and Access Management) of the CISSP exam
Full understanding of the objectives that relate to Domain 6 (Security Assessment and Testing) of the CISSP exam
Full understanding of the objectives that relate to Domain 7 (Security Operations) of the CISSP exam
Full understanding of the objectives that relate to Domain 8 (Software Development Security) of the CISSP exam
Security management perspectives from the view of a Chief Information Security Officer (CISO)
How to begin on the CISSP certification journey along with practical real-world experiences providing knowledge and context
Learn the benefits and rewards for gaining your CISSP certification, and what it will provide to your career
Why take this course?
In this CISSP Domain 5, 6, 7 and 8 video training course, I will provide you the knowledge, experience and practical skills you need to pass the CISSP certification. In addition, you will get my years of experience (Over 21 years) as I translate CISSP training requirements into real-world examples.
Included in this course:
CISSP Domain 5 Videos
Full CISSP Domain 5 Videos
10 CISSP practice questions
CISSP Domain 6 Videos
Full CISSP Domain 6 Videos
10 CISSP practice questions
CISSP Domain 7 Videos
Full CISSP Domain 7 Videos
10 CISSP practice questions
CISSP Domain 8 Videos
Full CISSP Domain 8 Videos
10 CISSP practice questions
The curriculum in this course covers the content that will be on the most current CISSP exam (April 2021). Each objective that is required for the CISSP exam will be covered in varying degrees of complexity and competency. The next upgrade to the CISSP curriculum/exam will occur in 2023.
In Domain 5 we will cover:
Control Physical and Logical Access to Assets
Information
Systems
Devices
Facilities
Manage Identification and Authentication of People, Devices, and Services
Identity management implementation
Single/multi-factor authentication
Accountability
Session management
Registration and proofing of identity
Federated Identity Management (FIM)
Credential management systems
Integrate Identity as a Third-party Service
On-premise
Cloud
Federated
Implement and Manage Authorization Mechanisms
Role Based Access Control (RBAC)
Rule-based Access control
Mandatory Access Control (MAC)
Discretionary Access Control (DAC)
Attribute Based Access Control (ABAC)
Manage the Identity and Access Provisioning Lifecycle
User access review
System account access review
Provisioning and deprovisioning
In Domain 6 we will cover:
Design and Validate Assessment, Test, and Audit Strategies
Internal
External
Third Party
Conduct Security Control Testing
Vulnerability Assessment
Penetration Testing
Log Reviews
Synthetic Transactions
Code Review and Testing
Misuse Case Testing
Test Coverage Analysis
Interface Testing
Collect Security Process Data (e.g., Technical and Administrative)
Account Management
Management Review and Approval
Key Performance and Risk Indicators
Backup Verification Data
Training and Awareness
Disaster Recovery (DR) and Business Continuity (BC)
Analyze Test Output and Generate Report
Conduct or Facilitate Security Audits
Internal
External
Third-Party
In Domain 7 we will cover:
Understand and Support Investigations
Evidence Collection and Handling
Reporting and Documentation
Investigative Techniques
Digital Forensics Tools, Tactics, and Procedures
Understand Requirements for Investigation Types
Administrative
Criminal
Civil
Regulatory
Industry Standards
Conduct Logging and Monitoring Activities
Intrusion Detection and Prevention
Security Information and Event Management
Continuous Monitoring
Egress Monitoring
Securely Provisioning Resources
Asset Inventory
Asset Management
Configuration Management
Understand and Apply Foundational Security Ops Concepts
"Need-To-Know" / Least Privileges
Separation of Duties and Responsibilities
Privileged Account Management
Job Rotation
Information Lifecycle
Service Level Agreements (SLA)
Apply Resource Protection Techniques
Media Management
Hardware and Software Asset Management
Conduct Incident Management
Detection
Response
Mitigation
Reporting
Recovery
Remediation
Lessons Learned
Operate and Maintain Detective and Preventative Measures
Firewalls
Intrusion Detection and Prevention Systems
Whitelisting/Blacklisting
Third-Party Provided Security Services
Sandboxing
Implement and Support Patch and Vulnerability Management
Understand and Participate in Change Management Processes
Implement Recovery Strategies
Backup Storage Strategies
Recovery Site Strategies
Multiple Processing Sites
System Resilience, High Availability, Quality of Service (QOS), and Fault Tolerance
Implement Disaster Recovery (DR) Processes
Response
Personnel
Communications
Assessment
Restoration
Training and Awareness
Test Disaster Recovery Plans (DRP)
Read-Through/Checklist
Structured Walk-Through (Table-Top)
Simulation Test
Parallel Test
Full Interruption Test
Participate in Business Continuity (BC) Planning and Exercises
Implement and Manage Physical Security
Perimeter Security Controls
Internal Security Controls
Address Personnel Safety and Security Concerns
Travel
Security Training and Awareness
Emergency Management
Duress
In Domain 8 we will cover:
Design and Validate Assessment, Test, and Audit Strategies
Internal
External
Third Party
Conduct Security Control Testing
Vulnerability Assessment
Penetration Testing
Log Reviews
Synthetic Transactions
Code Review and Testing
Misuse Case Testing
Test Coverage Analysis
Interface Testing
Collect Security Process Data (e.g., Technical and Administrative)
Account Management
Management Review and Approval
Key Performance and Risk Indicators
Backup Verification Data
Training and Awareness
Disaster Recovery (DR) and Business Continuity (BC)
Analyze Test Output and Generate Report
Conduct or Facilitate Security Audits
Internal
External
Third-Party
Notes / Disclaimers:
In order for you to pass the CISSP test you need to have the substantial knowledge through experience and knowledge.
The test was originally written in English, but there are other language versions available
Answering the questions you need to consider the "perfect world" scenario and that work around options may be technically correct, but they may not meet (ISC)2 point of view
You need to be able to spot the keywords (DR, BCP, Policy, Standards, etc.) as well as the indicators (First, Best, Last, Least, Most)
Understand and answer every question from the Manager, CISO, or Risk Advisers Point of View (PoV). Answering the questions from a CIO or technical perspective will place your thinking too high or down in the weeds too far.
Understand that you are to answer the questions based on being proactive within your environment. Enable a Vulnerability Management Program before you have vulnerability issues.
The English version of the CISSP exam, utilizes the Computerized Adaptive Testing (CAT) format and is 3 hours long with 100-150 questions
Most people studying for CISSP certification will various media sources, test banks, and various books to enhance their test taking experience.
Don’t rely on one source to teach you all that you need to know for the CISSP….Invest in multiple training opportunities. The future payoff is worth the time and energy.
Screenshots
Reviews
Charts
Price
Rating
Enrollment distribution
