Dest Cert Print Able Mind Maps 2023

CISSP
Security
and Risk
Management
Enable Business
Security
Focus of
Increase Value
Accountability
Responsibility
Due Care
Responsibilities
Due Diligence Clearly Defined Roles &
ITAR & EAR

Import/export controls
Wassenaar
Arrangement
Transborder data flow
Privacy
© Destination Certification
Security Governance
Corporate Governance
(ISC)2 Code of
Ethics
Professional Ethics
Standards
Procedures
Baselines
Policies
Security
Functional
Overarching
Security Policy
Guidelines
Corporate Laws
Risk Management
Contracts & SLAs Procurement

Alignment of Security Function to Business Strategy
Awareness, Training &

Education
Privacy policy
Baselines
Standards
Guidelines
Procedures
PI
PII
SPI
PHI
Direct Identifiers
Trade Secret
Indirect Identifiers
Online Identifiers
Personal Data
Creation / Update
Store
Use
Patent
Share
Archive
Data Lifecycle
Destroy
Collection Limitation
Privacy
Data Quality
Purpose
Specification
Copyright
Intellectual Property
Use Limitation
Security Safeguards
Openness
OECD Guidelines
Individual
Participation
Accountability
Supervisory
Authority (SA)
GDPR
Trademark
Breaches reported within

72 hours
Cannot Achieve Privacy
State or condition of being free from being observed or disturbed by other people
without Security
Quantitative
1. Asset
Qualitative
Valuation
STRIDE
PASTA Threats
Threat
Modeling
DREAD
Vuln. Assessment & Pen.
Testing
Vulnerabilities
Likelihood
Impact
2. Risk Analysis
ALE = SLE(Value x
Quantitative
Exposure) x ARO
Qualitative
Avoid
Transfer
Directive
Deterrent
Safeguards
Preventative
Detective
Risk Management
Physical
Assurance
Functional Corrective
Mitigate
3. Treatment
Administrative
Technical / Logical
Recovery
Compensating
Countermeasures
Accept
RMF
3. Select
5. Assess
1. Prepare
7. Monitor
6. Authorize
2. Categorize
NIST 800-37
4. Implement
ISO 31000
COSO
Risk Frameworks
ISACA Risk IT
Asset
Security
Asset Inventory
Assign Ownership
Data classification
policy
Baselines
Standards
Guidelines
Procedures
System Readable Security Label
Classification
Human Readable Security Marking
based on Value
Classify
Categorization
Data Owner / Controller
Data Processor
Data Custodian
Roles
Data Steward
Data Subject
Encryption
Access Control
Rest
Backups
End-to-End
Link
Motion
Onion
Use
Retention Period Archive
Asset Classification
Media Destruction
Protect
Shred / Disintegrate
based on Classification
/ Incinerate / Drill
Degauss
Destruction Purging
Crypto shredding
Overwrite / Wipe /
Erasure
Defensible Destruction
Clearing
Format
DRM
DLP
Assess & Review

Security
Architecture
and Engineering
Threat Modeling
Zachman
Least Privilege
Defense in Depth
Security
Enterprise
Secure Defaults
Architecture
Sabsa TOGAF
Fail Securely
Separation of Duties (SoD) Confidentiality
Keep it Simple Simple Security

Property
Zero Trust
Star Property
Trust But Verify
Bell- LaPadula
Strong Star
Privacy by Design Property
Secure Design Principles

Shared Responsibility
Integrity
Lattice Based
ISO 27001 Simple Integrity

Property
Biba
Models
ISO 27002 Star Integrity

Property
NIST
800-53
COBIT
Lipner
Security Models
Implementation
ITIL 3 goals of
integrity
HIPAA
3 Clark-Wilson
rules
Clark-Wilson
SOX
Prevent conflicts
of interest
FedRAMP
Rule Based
Security Frameworks
Brewer Graham
FISMA
Cyber Kill Chain

-Nash Denning Ullman
Harrison
–Ruzzo–
Confidentiality only
Single Box only
D1 – failed or not tested
C1 – Weak protection mechanisms
C2 – Strict login procedures
B1 - Security labels
B2 - Security labels and verification of no covert
channels
B3 - Security labels, verification of no covert channels,
and must stay secure during start-up
TCSEC (Orange Book)
Functional Levels
A1 – Verified design
Confidentiality +
Integrity
Networked
devices
Same Functional
levels as TCSEC
E0
E1
ITSEC
E2
E3
E4
Levels
E5
Assurance
E6
Certification
ISO 15408
Protection
Profile
Target of
Evaluation
Evaluation Criteria
Security Targets
Functional &
Assurance
Requirements
EAL1 – Functionally tested
EAL2 – Structurally tested
EAL3 – Methodically tested & checked

Common Criteria
EAL4 – Methodically designed, tested & reviewed
EAL5 – Semi formally designed & tested

Assign EAL
EAL6 – Semi formally verified designed & tested
EAL7 – Formally verified designed and tested
Accreditation
Completeness Subject
Rules
Isolation Mediation
Logging & Monitoring Reference
Security Kernel
Verifiability Object
Monitor Concept
Processor
Primary
Secondary Storage
Hardware
Components
Virtual Memory
System Kernel
Firmware
Software
Middleware
Components
Memory
Segmentation
Process Isolation
Time Division
Multiplexing
Problem
Processor States
Supervisor
User Mode
Operating System
Modes
Kernel Mode
Trusted Computing Base (TCB)
Protection
Ring 3: User Programs

Mechanisms
Ring Protection
Model
Ring 0: System Kernel
Secure Memory
Management
Data Hiding
Defence in depth
Redundancy Single Point of Failure
Bypass Controls
Stored
Mitigating Controls
(Persistent)
Increase frequency of TOCTOU
Re-authentication (Race Conditions)
Shielding
(TEMPEST)
Reflected
White Noise
(Most common)
Emanations
Control Zones
DOM
Analysis & Design Covert Channels
Cross Site Scripting (XSS)

Aggregation &
Polyinstantiation
Inference
Policy, training & procedures
Target of
Remote access security
Attack: Client
End-point security
M1: Improper
Platform Usage
(CSRF)
Target of
Cross Site
M2: Insecure Data
Attack: Server
Request Forgery Storage
M3: Insecure
Communication
M4: Insecure
SQL
Authentication
Injection
M5: Insufficient
Vulnerabilities in Systems
Web-based Vulnerabilities
Cryptography
M6: Insecure
Authorization
Mobile Devices
M7: Client Code

Server Side
Quality
Client Side vs.
M8: Code Tampering

M9: Reverse
OWASP Mobile Top 10
Engineering
Input Validation
Deny Lists
M10: Extraneous
Allow Lists vs.
Functionality
On-Demand Self Service
Broad Network Access
Resource Pooling
Rapid Elasticity
Characteristics
Measured Service
IaaS
PaaS
Service
Models
SaaS
Public
Private
Models
Community
Deployment
Hybrid
Hypervisor Virtual Machine
Container Engine
Virtualized
Containers
Compute
Serverless
Local
Identity Provider
Cloud
Cloud
Linked
Cloud
Synced
identity
Federated
Cloud Consumer
Cloud Computing
Owner / Controller Accountable

Cloud Provider /
Processor
Roles
Cloud Broker
Responsible
Cloud Auditor
SPML
SAML
Protocols
OpenID
OAuth
Data Centric
Migration
SLA
Snapshot, Virtual Disk, Image Forensics
Crypto Shredding / Crypto Erase Data Destruction
Cryptographic Services Cryptographic terminology
Confidential Authentici Access
vector/Nonce
Key clustering
Key / Crypto
Integrity Non-Repudiation
Initialization
Work factor
ity ty Control
Avalanche
Confusion
Diffusion
Plaintext
Decrypt
variable
Encrypt
= Hashing Origin Delivery
Secret Writing
Hidden Scrambled (Cryptography)
Steganography Null Cipher One-way Two-way Substitution Transposition
Hashing Symmetric Asymmetric Caesar Cypher
Monoalphabetic Spartan
Discrete
MD5 Block Stream Factoring Scytale
Log
Digital Certificates
Digital Signatures
Polyalphabetic
SHA-1 Rail Fence
DES Block RC4 RSA Running (zigzag)
SHA-2 Modes: Diffie-
3DES Hellmann One-time Pads
SHA-3 ECB (key exchange)
AES
(Rijndael)
CBC
CAST-128 Elliptic
CFB
SAFER Curve
OFB
Blowfish (ECC)
CTR
Twofish El Gamal
RC5/RC6
DSA
Digital Signatures Digital Certificates
Integrity Authenticity Non-repudiation Verify the owner of a Public Key
Origin Delivery X.509 Replacement Revocation Pinning
CRL OCSP
PKI
Certificate Authority Intermediate / Issuing Certificate DB Certificate Store
Registration Authority
(Root of Trust) CA (Revocation List) (Local)
Key Management
Kerchhoff’s
Generation Distribution Storage Rotation Disposition Recovery
Principle
Diffie-Hellmann Crypto- Split Knowledge

TPM
Out-of-band shredding Dual Control
HSM
Hybrid Key Destruction Key Escrow
Cryptanalysis
Cryptanalytic Attacks
Linear &
Brute Force Ciphertext Only Known Plaintext Chosen Plaintext Chosen Ciphertext Factoring
Differential
Cryptographic Attacks
Man-in- Birthday
the- Pass the Temporary Impleme- Dictionary Rainbow
Replay Hash Files ntation Side Channel Tables Attack Social Engineering
Attack
middle
Radiation Purchase Rubber

Power Timing Emissions Hose
Key
Deter
Delay
Assess
Detect
Respond
Categories
of Controls
Landscape
Perimeter
Grading
Cameras
Passive Infrared Devices
Lighting
Card Readers / Badges
Doors / Mantraps
Mechanical
Locks
Digital
Shock
Windows
Glass break
Walls
Skimming
Network
UPS
Generator
Power Outages
Power
Safety of people
Power Degradation
Layered Defense
Temperature
Infrastructure
Physical Security
Humidity
HVAC
Air Quality
Flame (Infrared)
Ionization
Photo-electric Smoke
Fire
Dual
Detection
Heat (Thermal)
Water
Dry
Wet
Pre-
action
Deluge
N
Gas
Aero-K
Fire
INERGE
Argonite
FM-200
Extinguisher
Suppression
CO2
Communication
and Network
Security
Wired: Twisted Pair, Coaxial,
Fiber Optic
Media
Wireless: Radio Frequency,
Infrared, Microwave
Bus
Tree
Star
Topologies
1.
Mesh
Physical
Ring
CSMA/CA
Collisions
CSMA/CD
Hubs, Repeaters,
Concentrators Devices
802.1x Protocols
MAC Address
2.
Switches & Bridges Devices

Datalink
ARP, PPTP, PPP, PAP, CHAP,

EAP Protocols
IP Address
Routers & Packet Filtering
3.
Firewalls Devices
Network
ICMP (Ping), IPSec, IGMP Protocols
Common Ports Ports = Services

4.
TCP/UDP, SSL/TLS & BGP Protocols
Circuit Proxy Firewall Devices

5.
NetBIOS & RPC Protocols

Transport Session
Open Systems Interconnection (OSI) Model
6. Presentation
Application Firewalls Devices

7.
HTTP/S, DNS, SSH, SNMP,

Appl.
LDAP, DHCP Protocols

X.25
Frame Relay
ATM
WAN
MPLS
802.11a, b, g, n, ac, ax Protocols
WEP
Wi-Fi
TKIP Encryption
WAP / WPA2
802.16 WiMMax
Wireless
GSM / CDMA
Microwave
IPv4 vs. IPv6
Internet Protocol (IP)
IPv4 Network Classes
Addresses
Private IPv4 Addresses
VoIP
Converged Protocols
iSCSI, FCoE
PAP
CHAP Network
EAP Authentication
PEAP
Reconnaissance
Enumeration
Networking
Vulnerability Analysis
Phases
Exploitation
Eavesdropping
SYN Flooding
IP Spoofing
DoS / DDoS
Man-in-the-Middle
Network Attacks
ARP poisoning
VLAN
Virtualization
Northbound & Southbound APIs SDN
ipconfig
ping
traceroute
Common
whois
Commands
dig
Defense in Depth
Network Perimeter
DMZ
Bastion Host
Network
Proxy Partitioning
Segmentation /
NAT / PAT
Packet Filtering
Stateful Packet
Filtering Types
Circuit Proxy
Firewalls
Application
IDS IPS
Host Based
In-line
IDS/IPS
Location
Mirror, Span,
Based
Network
Promiscuous
Signature analysis Pattern
Network Defense
Stateful matching
Statistical
Anomaly
Inspection
Protocol
Traffic
White & Black Lists

IDS / IPS Detection Methods
Sandbox
Honeypots &
honeynets
Ingress vs. Egress
Endpoint Security
GRE
PPTP
L2TP
Split
Tunneling
Authentication Header
Encapsulating Security
Payload
Transport mode
Tunnel Mode
IPSec
Tunneling
IKE
VPN
Security Association
Encryption
(Tunneling + Encryption)
Mutual Authentication SSL/TLS
Remote Access
SOCKS
SSH
RADIUS
TACACS+
Remote
Authentication
Diameter
SNMP
Remote
Access /
Telnet
Management
Identity
and Access
Management
Separation of Duties
Need to Know
Access
Control
Principles
Least Privilege
Centralized
Administration
Decentralized Approaches
Hybrid
Identification
Password
Passphrase
Questions
Knowledge
Hard Tokens
Soft Tokens One-time
Synchronous Passwords
Asynchronous
Ownership
Smart / Memory
Cards
Fingerprint
Hand Geometry
Vascular Pattern
Physiological
Facial
Iris
Retina
Voice
Authentication
Signature
Behavioural
Characteristic
Key Stroke
Access Control
Gait
Templates
Type 1:
False Reject
Type 2:
Access Controls Services
False Accept
Crossover Error Rate
Single / Multifactor
Authenticator
Assurance Levels
(AAL)
Just-in-time Access
Rule
Types of RBAC Role Discretionary
Attribute / Content Authorization
Non-discretionary
Mandatory
Principle of Access
Control Accountability
Session Hijacking Session Management
User / Client
Key Distribution
Center
Authentication
Service
Ticket Granting
Ticket (TGT)
Components
Ticket Granting
Service
Kerberos
Service Tickets
Single Sign-on
Service
Symmetric
encryption only
Symmetric &
Access systems within the same organization
Asymmetric Sesame
encryption
Principal / User
Identity Provider
Trust
Relying Party /
Relationship
Service Provider
Tokens
Assertions
written in XML
Single Sign-on / Federated Access
Profiles
SAML
Bindings
Protocol
Components
Assertion
Allows users to access multiple systems with a single set of credentials
WS-Federation
Access systems across multiple entities
OpenID
Federated Identity Management (FIM)
OAuth
Security
Assessment
and Testing
Validation
Verification
Rigour
Unit
Interface
Integration System
System
Testing a
Manual
Methods & Tools
Automated
Static
Dynamic
Mutation
Fuzz
Runtime
Generation
White
Access to Code
Black
Positive
Negative
Misuse
Decision table analysis
Techniques
State-based analysis
Testing Techniques
Boundary Value Analysis

Efficiency
Equivalence Partitioning
Real User Monitoring
Synthetic Performance Monitoring Operational
Regression Testing
Internal
External
SOC 1
Type 1
SOC 2
Type 2
Party
Third-
SOC 3
Security Assessment and Testing
Executive Management
Audit Committee
Security Officer
Compliance Manager
Roles
Testers / Assessors
Internal Auditors
External Auditors
Focus
KPIs
Metrics
KRIs
Vulnerability
Assessment
Penetration Testing
Reconnaissance
Enumeration
Process
Execution
Document Findings
Internal
Perspective
External
Blind
Approach
Double-blind
Zero (black)
Partial (gray) Knowledge

Testing Techniques
Full (white)
Credentialed /
Authenticated
Identifying Vulnerabilities
Types of Scans
Uncredentialed /
Unauthenticated
Banner grabbing &
Fingerprinting
CVE
Interpreting &
understanding results
CVSS
SCAP
False positive vs. False
negative
Log Review & Analysis
Monitor Continuous
for Security Information and Event Management (SIEM) Monitoring
Normalization
Transmission
Modification
Aggregation
Collection /
Retention
Breaches
Disposal
Analysis
Errors
Generation
Limiting log file

Time Stamps
size
Circular Overwrite
Clipping Levels
Protocol (NTP)
Network Time
Consistent
Security
Operations
Secure the
Scene
Locard’s
Principle
MOM
Oral / Written
statements
Documents
Live Evidence
(Volatile)
Secondary Storage
(HD)
Sources
Digital
VM Instance / Virtual
Forensics
Disk
E Discovery
Collect & Control Evidence
Chain of Custody
Real Evidence
Direct Evidence
Secondary Evidence
Types of
Evidence
Best Evidence Rule
Authentic
Accurate
Investigations
Complete
Convincing /
Rules of Evidence
Admissible
Media Analysis
Software Analysis
Techniques
Network Analysis
Investigative
Criminal
Civil
Regulatory
Types of
Investigations
Administrative
Document & Report

Incident Response
Action /
Prep. Triage Recovery
Investigation
Mitigation Remediation Lessons

Response Reporting Recovery
Detection IR Team
Deployed
Containment Relevant
Stakeholders
Return to
normal
Prevention
Learned
Improve
Process
Sources:
SIEM, IDS/IPS
DLP, Fire Event Incident
detectors
Etc.
Virus
Worm
Companion
Macro
Multipartite
Polymorphic
Trojan
Botnets
Boot Sector
Hoaxes / Pranks
Logic Bombs
Stealth
Types of Malware
Ransomware
Rootkit
Malware
Spyware / Adware
Data Diddler / Salami
Attack
Zero Day
Training & Awareness Policy
Allow List
Prevention
Network Segmentation
Signature Based Scanners
Heuristic Scanners
Activity Monitors
Anti-Malware
Detection
Change Detection
Continuous Updates
Patching
Determine if Patch is available Implement through Change Management
Threat Vendor
Pro-actively checking Timing Deploy
Intelligence Notification
Agent Agentless Passive Automated Manual
Change Management
Change Assess Version &

Approval Build & Test Notification Implement Validation
Request Impact Baseline
Emergency CCB
Based on
Change vs. Test New Regression
impact, CAB
Standard Functionality Testing
severity, etc.
process ECAB
Archive Bit
Mirror
Full
Incremental
Backups
Types of
Differential
Checksums / CRC Validation
Offsite
Backup Storage
Data
Tape Rotation
Storage
RPO
Cold
Warm
Hot
RAID 0
Striping
RAID 1
Mirroring
RAID 5
Disks
RAID
Parity
RAID 6
of Independent
Spare Parts Redundant Array
Double Parity
Recovery Strategies
Clustering
High
System
Redundancy
Availability
Cold
Warm
Hot
Mobile
Types of Sites
Recovery Sites
Mirror / Redundant
Geographically remote
1.
Safety of people
2.
Minimize damage
BCM
Goals of
3.
Survival of business
Identify Critical
Processes & Systems
Assessment
Measurements of Time
Business Impact
RPO RTO WRT MTD

Owner approval of #s and
associated costs
Business Continuity Plan
(BCP)
Disaster Recovery Plan

Plans
(DRP)
Types of
Read-through / Checklist
Walkthrough
Simulation
Parallel
Focuses on critical and essential functions of business
Business Continuity Management (BCM)
Testing Plans
Full-interruption / Full-scale
Most critical first

Restoration
Dependency charts order
Software
Development
Security
Bake In Security
Plan + Mgmt.
Approval
Requirements
Architecture &
Design
Cannot go back Waterfall
Sprints
Agile
Scrum Master
Combine Dev, QA &
Ops
DevOps
Development
Cycle (SDLC)
SecDevOps
Canary
Testing
Certification
Software Development Life
Accreditation Deployment
System Life Cycle (SLC)
Operation
Disposal
Maturity Models
REST
APIs
SOAP
Lexical, Data, Control
flow Obfuscation
Assess vendors
Acquire Software
Contracts, / SLAs
Buffer Overflows
SQL Injection
XSS / CSRF
Covert Channels
Backdoors /
Trapdoors
Secure Software Development
Memory / Object
Reuse
Weaknesses &
Vulnerabilities
Software Security
TOCTOU
Citizen Developers
Input Validation
Session Secure
Management Programming
Polyinstantation
SCM Maintain
SOAR Software
Databases
SQL
Components Maintaining Integrity of Data Injection
Concurrency
Hardware
Language
A C I D
Locks
Users
(SQL)
Data
Software Atomicity Consistency Isolation Durability
Database
Tables
Rows = Tuples
Foreign Keys
Columns =
/ Records
Attributes
Primary &
Fields
Printable Blank MindMaps
Print out the following blank MindMaps and fill them in as
your watch our MindMap videos!
Print pages 41 to 70
Enable Business
Security
Focus of
Increase Value
Accountability
Responsibility
Due Care
Responsibilities
Due Diligence Clearly Defined Roles &
ITAR & EAR

Import/export controls
Wassenaar
Arrangement
Transborder data flow
Privacy
Security Governance
Corporate Governance
(ISC)2 Code of
Ethics
Professional Ethics
Standards
Procedures
Baselines
Policies
Security
Functional
Overarching
Security Policy
Guidelines
Corporate Laws
Risk Management
Contracts & SLAs Procurement

Alignment of Security Function to Business Strategy
Awareness, Training &

Education
Privacy policy
Baselines
Standards
Guidelines
Procedures
PI
PII
SPI
PHI
Direct Identifiers
Trade Secret
Indirect Identifiers
Online Identifiers
Personal Data
Creation / Update
Store
Use
Patent
Share
Archive
Data Lifecycle
Destroy
Collection Limitation
Privacy
Data Quality
Purpose
Specification
Copyright
Intellectual Property
Use Limitation
Security Safeguards
Openness
OECD Guidelines
Individual
Participation
Accountability
Supervisory
Authority (SA)
GDPR
Trademark
Breaches reported within

72 hours
Cannot Achieve Privacy
State or condition of being free from being observed or disturbed by other people
without Security
Quantitative
1. Asset
Qualitative
Valuation
STRIDE
PASTA Threats
Threat
Modeling
DREAD
Vuln. Assessment & Pen.
Testing
Vulnerabilities
Likelihood
Impact
2. Risk Analysis
ALE = SLE(Value x
Quantitative
Exposure) x ARO
Qualitative
Avoid
Transfer
Directive
Deterrent
Safeguards
Preventative
Detective
Risk Management
Physical
Assurance
Functional Corrective
Mitigate
3. Treatment
Administrative
Technical / Logical
Recovery
Compensating
Countermeasures
Accept
RMF
3. Select
5. Assess
1. Prepare
7. Monitor
6. Authorize
2. Categorize
NIST 800-37
4. Implement
ISO 31000
COSO
Risk Frameworks
ISACA Risk IT
Asset Inventory
Assign Ownership
Data classification
policy
Baselines
Standards
Guidelines
Procedures
System Readable Security Label
Classification
Human Readable Security Marking
based on Value
Classify
Categorization
Data Owner / Controller
Data Processor
Data Custodian
Roles
Data Steward
Data Subject
Encryption
Access Control
Rest
Backups
End-to-End
Link
Motion
Onion
Use
Retention Period Archive
Asset Classification
Media Destruction
Protect
Shred / Disintegrate
based on Classification
/ Incinerate / Drill
Degauss
Destruction Purging
Crypto shredding
Overwrite / Wipe /
Erasure
Defensible Destruction
Clearing
Format
DRM
DLP
Assess & Review

Threat Modeling
Zachman
Least Privilege
Defense in Depth
Security
Enterprise
Secure Defaults
Architecture
TOGAF
Fail Securely
Separation of Duties (SoD) Confidentiality
Keep it Simple Simple Security

Property
Zero Trust
Star Property
Trust But Verify
Bell- LaPadula
Strong Star
Privacy by Design Property
Secure Design Principles

Shared Responsibility
Integrity
Lattice Based
ISO 27001 Simple Integrity

Property
Biba
Models
ISO 27002 Star Integrity

Property
NIST
800-53
COBIT
Lipner
Security Models
Implementation
ITIL 3 goals of
integrity
HIPAA
3 Clark-Wilson
rules
Clark-Wilson
SOX
Prevent conflicts
of interest
FedRAMP
Rule Based
Security Frameworks
Brewer Graham
FISMA
Cyber Kill Chain

-Nash Denning Ullman
Harrison
–Ruzzo–
Confidentiality only
Single Box only
D1 – failed or not tested
C1 – Weak protection mechanisms
C2 – Strict login procedures
B1 - Security labels
B2 - Security labels and verification of no covert
channels
B3 - Security labels, verification of no covert channels,
and must stay secure during start-up
TCSEC (Orange Book)
Functional Levels
A1 – Verified design
Confidentiality +
Integrity
Networked
devices
Same Functional
levels as TCSEC
E0
E1
ITSEC
E2
E3
E4
Levels
E5
Assurance
E6
Certification
ISO 15408
Protection
Profile
Target of
Evaluation
Evaluation Criteria
Security Targets
Functional &
Assurance
Requirements
EAL1 – Functionally tested
EAL2 – Structurally tested
EAL3 – Methodically tested & checked

Common Criteria
EAL4 – Methodically designed, tested & reviewed
EAL5 – Semi formally designed & tested

Assign EAL
EAL6 – Semi formally verified designed & tested
EAL7 – Formally verified designed and tested
Accreditation
Completeness Subject
Rules
Isolation Mediation
Logging & Monitoring Reference
Security Kernel
Verifiability Object
Monitor Concept
Processor
Primary
Secondary Storage
Hardware
Components
Virtual Memory
System Kernel
Firmware
Software
Middleware
Components
Memory
Segmentation
Process Isolation
Time Division
Multiplexing
Problem
Processor States
Supervisor
User Mode
Operating System
Modes
Kernel Mode
Trusted Computing Base (TCB)
Protection
Ring 3: User Programs

Mechanisms
Ring Protection
Model
Ring 0: System Kernel
Secure Memory
Management
Data Hiding
Defence in depth
Redundancy Single Point of Failure
Bypass Controls
Stored
Mitigating Controls
(Persistent)
Increase frequency of TOCTOU
Re-authentication (Race Conditions)
Shielding
(TEMPEST)
Reflected
White Noise
(Most common)
Emanations
Control Zones
DOM
Analysis & Design Covert Channels
Cross Site Scripting (XSS)

Aggregation &
Polyinstantiation
Inference
Policy, training & procedures
Target of
Remote access security
Attack: Client
End-point security
M1: Improper
Platform Usage
(CSRF)
Target of
Cross Site
M2: Insecure Data
Attack: Server
Request Forgery Storage
M3: Insecure
Communication
M4: Insecure
SQL
Authentication
Injection
M5: Insufficient
Vulnerabilities in Systems
Web-based Vulnerabilities
Cryptography
M6: Insecure
Authorization
Mobile Devices
M7: Client Code

Server Side
Quality
Client Side vs.
M8: Code Tampering

M9: Reverse
OWASP Mobile Top 10
Engineering
Input Validation
Deny Lists
M10: Extraneous
Allow Lists vs.
Functionality
On-Demand Self Service
Broad Network Access
Resource Pooling
Rapid Elasticity
Characteristics
Measured Service
IaaS
PaaS
Service
Models
SaaS
Public
Private
Models
Community
Deployment
Hybrid
Hypervisor Virtual Machine
Container Engine
Virtualized
Containers
Compute
Serverless
Local
Identity Provider
Cloud
Cloud
Linked
Cloud
Synced
identity
Federated
Cloud Consumer
Cloud Computing
Owner / Controller Accountable

Cloud Provider /
Processor
Roles
Cloud Broker
Responsible
Cloud Auditor
SPML
SAML
Protocols
OpenID
OAuth
Data Centric
Migration
SLA
Snapshot, Virtual Disk, Image Forensics
Crypto Shredding / Crypto Erase Data Destruction
Cryptographic Services Cryptographic terminology
Confidential Authentici Access
vector/Nonce
Key clustering
Key / Crypto
Integrity Non-Repudiation
Initialization
Work factor
ity ty Control
Avalanche
Confusion
Diffusion
Plaintext
Decrypt
variable
Encrypt
= Hashing Origin Delivery
Secret Writing
Hidden Scrambled (Cryptography)
Steganography Null Cipher One-way Two-way Substitution Transposition
Hashing Symmetric Asymmetric Caesar Cypher
Monoalphabetic Spartan
Discrete
MD5 Block Stream Factoring Scytale
Log
Digital Certificates
Digital Signatures
Polyalphabetic
SHA-1 Rail Fence
DES Block RC4 RSA Running (zigzag)
SHA-2 Modes: Diffie-
3DES Hellmann One-time Pads
SHA-3 ECB (key exchange)
AES
(Rijndael)
CBC
CAST-128 Elliptic
CFB
SAFER Curve
OFB
Blowfish (ECC)
CTR
Twofish El Gamal
RC5/RC6
DSA
Digital Signatures Digital Certificates
Integrity Authenticity Non-repudiation Verify the owner of a Public Key
Origin Delivery X.509 Replacement Revocation Pinning
CRL OCSP
PKI
Certificate Authority Intermediate / Issuing Certificate DB Certificate Store
Registration Authority
(Root of Trust) CA (Revocation List) (Local)
Key Management
Kerchhoff’s
Generation Distribution Storage Rotation Disposition Recovery
Principle
Diffie-Hellmann Crypto- Split Knowledge

TPM
Out-of-band shredding Dual Control
HSM
Hybrid Key Destruction Key Escrow
Cryptanalysis
Cryptanalytic Attacks
Linear &
Brute Force Ciphertext Only Known Plaintext Chosen Plaintext Chosen Ciphertext Factoring
Differential
Cryptographic Attacks
Man-in- Birthday
the- Pass the Temporary Dictionary Rainbow
Replay Hash Files Side Channel Tables Attack Social Engineering
Attack
middle
Radiation Purchase Rubber

Power Timing Emissions Hose
Key
Deter
Delay
Assess
Detect
Respond
Categories
of Controls
Landscape
Perimeter
Grading
Cameras
Passive Infrared Devices
Lighting
Card Readers / Badges
Doors / Mantraps
Mechanical
Locks
Digital
Shock
Windows
Glass break
Walls
Skimming
Network
UPS
Generator
Power Outages
Power
Safety of people
Power Degradation
Layered Defense
Temperature
Infrastructure
Physical Security
Humidity
HVAC
Air Quality
Flame (Infrared)
Ionization
Photo-electric Smoke
Fire
Dual
Detection
Heat (Thermal)
Water
Dry
Wet
Pre-
action
Deluge
Gas
Fire
Extinguisher
Suppression
CO2
Wired: Twisted Pair, Coaxial,
Fiber Optic
Media
Wireless: Radio Frequency,
Infrared, Microwave
Bus
Tree
Star
Topologies
1.
Mesh
Physical
Ring
CSMA/CA
Collisions
CSMA/CD
Hubs, Repeaters,
Concentrators Devices
802.1x Protocols
MAC Address
2.
Switches & Bridges Devices

Datalink
ARP, PPTP, PPP, PAP, CHAP,

EAP Protocols
IP Address
Routers & Packet Filtering
3.
Firewalls Devices
Network
Protocols
Common Ports Ports = Services

4.
TCP/UDP, SSL/TLS & BGP Protocols
Circuit Proxy Firewall Devices

5.
NetBIOS & RPC Protocols

Transport Session
Open Systems Interconnection (OSI) Model
6. Presentation
Application Firewalls Devices

7.
HTTP/S, DNS, SSH, SNMP,

Appl.
LDAP, DHCP Protocols

X.25
Frame Relay
ATM
WAN
MPLS
802.11a, b, g, n, ac, ax Protocols
WEP
Wi-Fi
TKIP Encryption
WAP / WPA2
802.16
Wireless
GSM / CDMA
Microwave
IPv4 vs. IPv6
Internet Protocol (IP)
IPv4 Network Classes
Addresses
Private IPv4 Addresses
VoIP
Converged Protocols
PAP
CHAP Network
EAP Authentication
PEAP
Reconnaissance
Enumeration
Networking
Phases
Exploitation
Eavesdropping
SYN Flooding
IP Spoofing
DoS / DDoS
Man-in-the-Middle
Network Attacks
ARP poisoning
VLAN
Virtualization
Northbound & Southbound APIs SDN
ipconfig
ping
traceroute
Common
Commands
dig
Defense in Depth
Network Perimeter
DMZ
Bastion Host
Network
Proxy Partitioning
Segmentation /
NAT / PAT
Packet Filtering
Stateful Packet
Filtering Types
Circuit Proxy
Firewalls
Application
IDS IPS
Host Based
In-line
IDS/IPS
Location
Mirror, Span,
Based
Network
Promiscuous
Signature analysis Pattern
Network Defense
Stateful matching
Statistical
Anomaly
Inspection
Protocol
Traffic
IDS / IPS Detection Methods
Sandbox
Honeypots &
honeynets
Ingress vs. Egress
Endpoint Security
GRE
PPTP
L2TP
Split
Tunneling
Authentication Header
Encapsulating Security
Payload
Transport mode
Tunnel Mode
IPSec
Tunneling
IKE
VPN
Security Association
Encryption
(Tunneling + Encryption)
Mutual Authentication SSL/TLS
Remote Access
SOCKS
SSH
RADIUS
TACACS+
Remote
Authentication
Diameter
SNMP
Remote
Access /
Telnet
Management
Separation of Duties
Need to Know
Access
Control
Principles
Least Privilege
Centralized
Administration
Decentralized Approaches
Hybrid
Identification
Password
Passphrase
Questions
Knowledge
Hard Tokens
Soft Tokens One-time
Synchronous Passwords
Asynchronous
Fingerprint Ownership
Hand Geometry
Vascular Pattern
Physiological
Facial
Iris
Retina
Voice
Authentication
Signature
Behavioural
Characteristic
Key Stroke
Access Control
Gait
Templates
Access Controls Services
Type 2:
Rule
Types of RBAC Role Discretionary
Attribute / Content Authorization
Accountability
Session Hijacking Session Management
User / Client
Key Distribution
Center
Authentication
Service
Ticket Granting
Ticket (TGT)
Components
Ticket Granting
Service
Kerberos
Service Tickets
Single Sign-on
Service
Symmetric
encryption only
Symmetric &
Access systems within the same organization
Asymmetric Sesame
encryption
Principal / User
Identity Provider
Trust
Relying Party /
Relationship
Service Provider
Tokens
Assertions
written in XML
Single Sign-on / Federated Access
Profiles
SAML
Bindings
Protocol
Components
Assertion
Allows users to access multiple systems with a single set of credentials
WS-Federation
Access systems across multiple entities
OpenID
Federated Identity Management (FIM)
OAuth
Validation
Verification
Rigour
Unit
Interface
Integration System
System
Testing a
Manual
Methods & Tools
Automated
Static
Dynamic
Mutation
Fuzz
Runtime
Generation
White
Access to Code
Black
Positive
Negative
Misuse
Decision table analysis
Techniques
State-based analysis
Testing Techniques
Boundary Value Analysis

Efficiency
Equivalence Partitioning
Real User Monitoring
Synthetic Performance Monitoring Operational
Regression Testing
Internal
External
SOC 1
Type 1
SOC 2
Type 2
Party
Third-
SOC 3
Security Assessment and Testing
Executive Management
Audit Committee
Security Officer
Compliance Manager
Roles
Testers / Assessors
Internal Auditors
External Auditors
Focus
KPIs
Metrics
KRIs
Vulnerability
Assessment
Penetration Testing
Reconnaissance
Enumeration
Process
Execution
Document Findings
Internal
Perspective
External
Blind
Approach
Double-blind
Zero (black)
Partial (gray) Knowledge

Testing Techniques
Full (white)
Credentialed /
Authenticated
Identifying Vulnerabilities
Types of Scans
Uncredentialed /
Unauthenticated
Banner grabbing &
Fingerprinting
CVE
Interpreting &
understanding results
CVSS
SCAP
False positive vs. False
negative
Log Review & Analysis
Monitor Continuous
for Security Information and Event Management (SIEM) Monitoring
Normalization
Transmission
Modification
Aggregation
Collection /
Retention
Breaches
Disposal
Analysis
Errors
Generation
Limiting log file

Time Stamps
size
Circular Overwrite
Clipping Levels
Protocol (NTP)
Network Time
Consistent
Secure the
Scene
Locard’s
Principle
MOM
Oral / Written
statements
Documents
Live Evidence
(Volatile)
Secondary Storage
(HD)
Sources
Digital
VM Instance / Virtual
Forensics
Disk
E Discovery
Collect & Control Evidence
Chain of Custody
Real Evidence
Direct Evidence
Secondary Evidence
Types of
Evidence
Best Evidence Rule
Authentic
Accurate
Investigations
Complete
Convincing /
Rules of Evidence
Admissible
Media Analysis
Software Analysis
Techniques
Network Analysis
Investigative
Criminal
Civil
Regulatory
Types of
Investigations
Administrative
Document & Report

Incident Response
Action /
Prep. Triage Recovery
Investigation
Mitigation Remediation Lessons

Response Reporting Recovery
Detection IR Team
Deployed
Containment Relevant
Stakeholders
Return to
normal
Prevention
Learned
Improve
Process
Sources:
SIEM, IDS/IPS
DLP, Fire Event Incident
detectors
Etc.
Virus
Worm
Companion
Macro
Multipartite
Polymorphic
Trojan
Botnets
Boot Sector
Hoaxes / Pranks
Logic Bombs
Stealth
Types of Malware
Ransomware
Rootkit
Malware
Spyware / Adware
Data Diddler / Salami
Attack
Zero Day
Training & Awareness Policy
Allow List
Prevention
Network Segmentation
Signature Based Scanners
Heuristic Scanners
Activity Monitors
Anti-Malware
Detection
Change Detection
Continuous Updates
Patching
Determine if Patch is available Implement through Change Management
Threat Vendor
Pro-actively checking Timing Deploy
Intelligence Notification
Agent Agentless Passive Automated Manual
Change Management
Change Assess Version &

Approval Build & Test Notification Implement Validation
Request Impact Baseline
Emergency CCB
Based on
Change vs. Test New Regression
impact, CAB
Standard Functionality Testing
severity, etc.
process ECAB
Archive Bit
Mirror
Full
Incremental
Backups
Types of
Differential
Checksums / CRC Validation
Offsite
Backup Storage
Data
Tape Rotation
Storage
RPO
Cold
Warm
Hot
RAID 1
Mirroring
RAID 5
Disks
RAID
Parity
RAID 6
of Independent
Spare Parts Redundant Array
Double Parity
Recovery Strategies
Clustering
High
System
Redundancy
Availability
Cold
Warm
Hot
Mobile
Types of Sites
Recovery Sites
Mirror / Redundant
Geographically remote
1.
Safety of people
2.
Minimize damage
BCM
Goals of
3.
Survival of business
Identify Critical
Processes & Systems
Assessment
Measurements of Time
Business Impact
RPO RTO WRT MTD

Owner approval of #s and
associated costs
Business Continuity Plan
(BCP)
Disaster Recovery Plan

Plans
(DRP)
Types of
Read-through / Checklist
Walkthrough
Simulation
Parallel
Focuses on critical and essential functions of business
Business Continuity Management (BCM)
Testing Plans
Full-interruption / Full-scale
Most critical first

Restoration
Dependency charts order
Bake In Security
Plan + Mgmt.
Approval
Requirements
Architecture &
Design
Cannot go back Waterfall
Sprints
Agile
Scrum Master
Combine Dev, QA &
Ops
DevOps
Development
Cycle (SDLC)
Canary
Testing
Certification
Software Development Life
Accreditation Deployment
System Life Cycle (SLC)
Operation
Disposal
Maturity Models
REST
APIs
SOAP
Lexical, Data, Control
flow Obfuscation
Assess vendors
Acquire Software
Contracts, / SLAs
Buffer Overflows
SQL Injection
XSS / CSRF
Covert Channels
Backdoors /
Trapdoors
Secure Software Development
Memory / Object
Reuse
Weaknesses &
Vulnerabilities
Software Security
TOCTOU
Citizen Developers
Input Validation
Session Secure
Management Programming
Polyinstantation
SCM Maintain
SOAR Software
Databases
SQL
Components Maintaining Integrity of Data Injection
Concurrency
Hardware
Language
A C I D
Locks
Users
(SQL)
Data
Software Atomicity Consistency Isolation Durability
Database
Tables
Rows = Tuples
Foreign Keys
Columns =
/ Records
Attributes
Primary &
Fields
Hi there!
I hope our CISSP MindMaps have helped identify the critical concepts you need to know
for the exam!
These MindMaps are a small part of our complete CISSP MasterClass.
If you’re looking for detailed explanations of all the concepts covered in these MindMaps
+ everything else you need to confidently pass the CISSP exam, check out our CISSP
MasterClass here: destcert.com/CISSP
We have guided thousands of folks to confidently pass the CISSP exam over the last 20+
years. We provide expert instruction and an integrated intelligent system of study
resources and tools.
All the best in your studies!
Rob Witcher
Co-founder & Master Instructor

Dest Cert Print Able Mind Maps 2023

Uploaded by

Copyright:

Available Formats

You might also like

Dest Cert Print Able Mind Maps 2023

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Dest Cert Print Able Mind Maps 2023

Uploaded by

Copyright:

Available Formats

CISSP

ITAR & EAR

Transborder data flow

Contracts & SLAs Procurement

Awareness, Training &

Breaches reported within

Assess & Review

Separation of Duties (SoD) Confidentiality

Keep it Simple Simple Security

Secure Design Principles

ISO 27001 Simple Integrity

ISO 27002 Star Integrity

Cyber Kill Chain

Single Box only

D1 – failed or not tested

C1 – Weak protection mechanisms

C2 – Strict login procedures

EAL1 – Functionally tested

EAL2 – Structurally tested

EAL3 – Methodically tested & checked

EAL4 – Methodically designed, tested & reviewed

EAL5 – Semi formally designed & tested

EAL6 – Semi formally verified designed & tested

EAL7 – Formally verified designed and tested

Ring 3: User Programs

Cross Site Scripting (XSS)

Policy, training & procedures

M7: Client Code

M8: Code Tampering

Owner / Controller Accountable

Hashing Symmetric Asymmetric Caesar Cypher

Origin Delivery X.509 Replacement Revocation Pinning

Diffie-Hellmann Crypto- Split Knowledge

Radiation Purchase Rubber

Switches & Bridges Devices

ARP, PPTP, PPP, PAP, CHAP,

ICMP (Ping), IPSec, IGMP Protocols

Common Ports Ports = Services

TCP/UDP, SSL/TLS & BGP Protocols

Circuit Proxy Firewall Devices

NetBIOS & RPC Protocols

Application Firewalls Devices

HTTP/S, DNS, SSH, SNMP,

LDAP, DHCP Protocols

White & Black Lists

Ingress vs. Egress

Mutual Authentication SSL/TLS

Boundary Value Analysis

Partial (gray) Knowledge

Limiting log file

Best Evidence Rule

Document & Report

Mitigation Remediation Lessons

Signature Based Scanners

Agent Agentless Passive Automated Manual

Change Assess Version &

Checksums / CRC Validation

RPO RTO WRT MTD

Business Continuity Plan