Professional Documents
Culture Documents
CISSP Exam Cram Full Course (All 8 Domains) UPDATED - 2022 EDITION!
CISSP Exam Cram Full Course (All 8 Domains) UPDATED - 2022 EDITION!
Vasudha Kota
1 month ago (edited)
5:17:40 Security Controls : Mechanisms for Defense in Depth
5:18:26 Types -provide CIA reference & enforce it
- preventive, detective, corrective, compensative, directive, recovery, deterrent
5:21:32 Risk - asset valuation, threat modeling, vulnerability analysis
5:22:50 Access Control Attacks - dictionary, brute force, spoofed logon screen,
sniffer, spoofing, social engineering, phishing (spear phishing, whaling, vishing)
5:27:20 Access Aggregation attack
5:28:11 Preventing Access Control Attacks -password policies, security end points
5:28:58 Other attacks -Tempest, White noise
5:29:51 Asset Management: preventive measure for theft - RFID, Barcoding,
Inventory; Kerberos can be compromised with Replay attacks; in the past there was a
similar one called Hash attack.
Domain 6 Security Assessment and Testing
5:32:08 Tools used to validate controls in Security Assessment & Testing Programs
5:33:16 Vulnerability Assessments vs Penetration Tests
5:34:31 Penetration Test Strategies
5:35:33 Security Processes
5:36:47 Software Testing
5:38:29 Static vs Dynamic Software Testing
5:39:51 Application Fuzzing - synthetic inputs & generational fuzzing
5:41:29 Security Management Oversight
5:43:26 Internal & External Audits
Domain 7: Security Operations
5:47:54 modern firewalls - WAF, NGFW 5:49:09 UEBA - User & Entity Behaviour
Analytics
5:49:58 Threat Intelligence,
5:50:39 (Domain 3: Access Control) AI & ML
5:52:34 Preventive measures to limit access & damage - to limit the scope of
incidents & extent of damage
5:53:26 Preventing Fraud & Collusion (arising due to misuse of access)- Need to
know, principle of least privilege, spearation of duties, job rotation, mandatory
vacations
5:55:08 Monitoring Privileged Operations (as a detective measure)
5:56:20 Information Life Cycle - creation, classification, storage, usage, archive,
destruction
5:58:48 SLA
5:59:29 Secure Provisioning - for PCs, Virtual Machines, application that runs in a
docker
6:00:10 Virtual Assets 6:00:43 Hypervisor
6:01:20 Security in cloud-based assets - CASB in shadow IT 6:02:48 CSP
6:03:09 Shared Responsibility Model - Hypervisor in VMs (On premises), IaaS, PaaS,
SaaS
6:04:40 Configuration & Change Management - Baselining eg imaging for configuration
mgt, versioning for change mgt
6:07:24 Patch management or Update Management avoids certain attacks like SQL
slamming (hammering)
6:08:48 Patch Management Life Cycle
6:09:30 Vulnerability Management, Vulnerability Scanners, Vulnerability Assessment
6:11:10 Managing Incident Response
6:13:26 DoS attacks - SYN Flood, DDoS -smurf (also an implification attack), ping-
of-death,
botnets, controllers, bot herders
6:16:47 Honeypot - pseudo flaws & fake data, padded cell- hardened honeypot
6:18:09 Blocking Malicious Code
6:20:22 Penetration Tests - Three varieties
6:23:05 IDS vs IPS Response
6:24:09 HIDS vs NIDS
6:25:25 Espionage & Sabotage
6:26:24 Zero-day Exploits
6:27:26 Log Files
6:29:01 Monitoring - activity 6:09:22 negative activity
6:30:33 Audit Trails
6:32:36 Sampling vs Statistical Sampling vs Clipping
6:33:31 Maintaining Accountability
6:34:27 Security Audits & Reviews - prevent violations employing 'least-privilege'
& 'need-to-know' principles, performed in the following programs & areas of:
6:35:40 Frequency of IT Security Audits
6:37:32 Auditing & ue Care
6:38:31 Controlling Access to Audit Reports
6:40:05 User Entitlements & Access Reviews
6:41:28 Audit Access Controls
6:43:20 Computer Crime
6:44:43 eDiscovery
6:46:10 Gathering info & preserving evidence requires possession, without
modification
6:47:12 Acquiring evidence(Alternatives to confiscating) - Voluntary Surrender,
subpoena, search warrant
6:48:21 Retaining Investigatory Data
6:49:44 Evidence - types, characteristics, qualities
6:52:00 Evidence admissibility - types - requirements
6:53:37 Collecting evidence
6:54:29 Natural Disasters 6:55:04 Man-made disasters
6:55:23 Disaster Recovery : Recovery Sites - Cold, warm, hot
6:55:54 Other sites - service bureau, mobile site, multiple sites
6:58:02 RPO & RTO
6:58:40 Mutual Assistance Agreements (MAA)
6:59:58 BCP
7:00:43 BCP Definitions - COOP, DRP, BRP, MTBF, MTTR, MTD
7:02:06 Goals of DR & BCP
7:03:01 5 types of DRP Tests - rea thru, structured walk thru, simulation,
parallel, full interruption
7:05:52 Terms related to DRP: Recovery Team(recover) & Salvage Team(restore)
7:06:19 Backup Strategies - Electronic Vaulting, Remote Journaling, Remote
Mirroring
7:07:03 Categories of Disruption - non-disaster, disaster, catastrophe
*Domain 8: Software Development Security *
7:08:50 DEVOPS/DEVSECOPS - Code Repositories 7:10:14 Code Libraries, 7:11:04
Runtime, 7:12:57 CI/CD
7:15:24 Configuration Management - SCM
7:17:19 Static & Dynamic App Security Testing
7:19:06 Basic Architecture of RDBS
7:23:58 Aggregation & Inference Attack
7:26:13 Types of Storage - Primary/real memory, Secondary storage, Virtual memory,
Virtual Storage, Random Access Storage, Sequential access storage, Volatile
Storage, Non volatile Storage
7:30:35 Machine Learning, Neural Networks, Expert Systems
7:31:17 System Development Modules - Agile, Waterfall, Spiral
7:36:30 Software Development Maturity Models - SW-CMM, IDEAL(implements many of the
SW-CMM attributes),
7:39:34 Change & Configuration Management - request, change & release control
7:40:47 Software Testing
7:42:01 Virus Propagation Techniques - file/Boot sector/macro infection, Service
injection
7:43:09 Antivirus Software
7:44:32 Techniques to compromise Password Security - password crackers, dictionary
attacks, social engineering, rootkit(escalation of privilege)
7:47:07 Application Attacks (that exploit poorly written software) - Buffer
overflow, Backdoor, TOCTTOU, rootkit (escalation of privilege)
7:48:42 Web Application Vulnerabilities - used to compromise front/back-end
vulnerabilities - XSS, SQL injection attacks
7:50:10 Network Reconnaisance Techniques (used by attackers preparing to attack
network) - IP Probes, Port Scans, Vulnerability Scans
7:51:32 Protection Rings (aka hierarchical protection domains) are mechanisms that
safeguard data & functionality against fault & malicious behaviour (each ring
stands for a hierarchy ranging from most privileged that is most trusted to least
privileged which is least trusted) - Eg Ring 0 would be Kernel, Ring 1 is evice
drivers, Ring 3 for applications.
On most operating systems, Ring 0 is the level with the most privileges and
interacts most directly with the physical hardware such as the CPU and memory.
Programs such as web browsers running in higher numbered rings must request access
to the network, a resource restricted to a lower numbered ring.
7:51:49 Special call gates between rings provide an outer ring to access an inner
ring's resources in a predefined manner, as opposed to allowing arbitrary usage.
7:52:09 Software Development Life Cycle
7:53:07 Concentric Circle Security
7:54:34 Security Impact of a Acquired Sotware - OS, App, Shrink Wrap Code,
Misconfiguration