CISSP Central

16 Oct 2024

Contributed by Lukas

8.5 Define and apply secure coding guidelines and standards8.5.1 Security weaknesses and vulnerabili...

16 Oct 2024

Contributed by Lukas

8.3 Assess the effectiveness of software security8.3.1 Auditing and logging of changes8.3.2 Risk ana...

16 Oct 2024

Contributed by Lukas

8.2 Identify & apply security controls in development environments8.2.1 Programming languages8.2...

16 Oct 2024

Contributed by Lukas

8.1 Understand and integrate security in the software development lifecycle8.1.1 Development Methodo...

16 Oct 2024

Contributed by Lukas

7.13 Participate in Business Continuity (BC) planning and exercises7.14 Implement and manage physica...

16 Oct 2024

Contributed by Lukas

7.12 Test Disaster Recovery Plans7.12.1 Read-through/Checklist7.12.2 Walk-through/Tabletop7.12.3 Sim...

16 Oct 2024

Contributed by Lukas

7.11 Implement Disaster Recovery Process7.11.1 Response7.11.2 Personnel7.11.3 Communications7.11.4 A...

16 Oct 2024

Contributed by Lukas

7.8 Implement and support patch and vulnerability management7.9 Understand and participate in change...

16 Oct 2024

Contributed by Lukas

7.7 Operate and maintain detection and preventative measures7.7.1 Firewall7.7.2 Intrusion detection ...

16 Oct 2024

Contributed by Lukas

7.6 Conduct incident management7.6.1 Detection7.6.2 Response7.6.3 Mitigation7.6.4 Reporting7.6.5 Rec...

16 Oct 2024

Contributed by Lukas

7.5 Apply resource protection techniques7.5.1 Media Management7.5.2 Hardware and software asset mana...

16 Oct 2024

Contributed by Lukas

7.3 Perform Configuration Management (e.g., provisioning, baselining, automation)7.4 Apply foundatio...

16 Oct 2024

Contributed by Lukas

7.2 Conduct logging and monitoring activities7.2.1 Intrusion detection and prevention systems (IDPS)...

16 Oct 2024

Contributed by Lukas

7.0 DOMAIN 7: SECURITY OPERATIONS7.1 Understand and support investigations7.1.1 Evidence Collection ...

16 Oct 2024

Contributed by Lukas

6.4 Analyze test output and generate report6.4.1 Remediation6.4.2 Exception Handling6.4.3 Ethical di...

16 Oct 2024

Contributed by Lukas

6.3 Collect Security Process data6.3.1 Account Management6.3.2 Management review and approval6.3.3 K...

16 Oct 2024

Contributed by Lukas

6.2 Conduct Security Control Testing6.2.1 Vulnerability Assessment6.2.2 Penetration Testing6.2.3 Log...

16 Oct 2024

Contributed by Lukas

6.0 DOMAIN 6: SECURITY ASSESSMENT AND TESTING6.1 Design and Validate assessment, test, and audit str...

16 Oct 2024

Contributed by Lukas

5.5 Manage the identity and access provisioning lifecycle5.5.1 Account access review (e.g., user, sy...

16 Oct 2024

Contributed by Lukas

5.4 Implement and manage authorization mechanisms

16 Oct 2024

Contributed by Lukas

5.3 Federated identity with a third-party service5.3.1 On-Premises5.3.2 Cloud5.3.3 Hybrid

16 Oct 2024

Contributed by Lukas

5.2 Design identification and authentication Strategy (e.g., people, devices, and services)5.2.1 Gro...

16 Oct 2024

Contributed by Lukas

5.0 DOMAIN 5: IDENTITY & ACCESS MANAGEMENT (IAM)5.1 Control physical and logical access to asset...

16 Oct 2024

Contributed by Lukas

4.3 Implement secure communication channels according to design4.3.1 Voice, video, and collaboration...

16 Oct 2024

Contributed by Lukas

4.2 Secure Network Components4.2.1 Operation of infrastructure4.2.2 Transmission Media4.2.3 Network ...

16 Oct 2024

Contributed by Lukas

4.0 DOMAIN 4: COMMUNICATION AND NETWORK SECURITY4.1 Apply secure design principles in network archit...

16 Oct 2024

Contributed by Lukas

3.10 Manage the information system lifecycle3.10.1 Stakeholder needs & requirements3.10.2 Requir...

16 Oct 2024

Contributed by Lukas

3.9 Design Site and Facility security controls3.9.1 Wiring closets/intermediate distribution frame3....

16 Oct 2024

Contributed by Lukas

3.8 Apply security principles to site and facility design3.8.1 Facility Design3.8.2 Implement Site a...

16 Oct 2024

Contributed by Lukas

3.7 Understand methods of cryptanalytic attacks3.7.1 Brute-force3.7.2 Ciphertext only3.7.3 Known Pla...

16 Oct 2024

Contributed by Lukas

3.6 Select and determine cryptographic solutions3.6.1 Cryptographic life cycle3.6.2 Cryptographic me...

16 Oct 2024

Contributed by Lukas

3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution element...

16 Oct 2024

Contributed by Lukas

3.4 Understand security capabilities of Information Systems (IS) (e.g., memory protection,Trusted Pl...

16 Oct 2024

Contributed by Lukas

3.3 Select controls based upon systems security requirementsHere we will go over the steps to take w...

16 Oct 2024

Contributed by Lukas

3.2 Understand the fundamental concepts of security models3.2.1 Security Models3.2.2 Lattice-based m...

16 Oct 2024

Contributed by Lukas

3.0 DOMAIN 3: SECURITY ARCHITECTURE AND ENGINEERING3.1 Research, implement, and manage engineering p...

16 Oct 2024

Contributed by Lukas

2.5 Ensure appropriate asset retention2.6 Determine data security controls & compliance requirem...

16 Oct 2024

Contributed by Lukas

2.4 Manage Data Lifecycle2.4.1 Data Roles2.4.2 Data Collection2.4.3 Data Location2.4.4 Data Maintena...

16 Oct 2024

Contributed by Lukas

2.3 Provision information and assets securely2.3.1 Information and asset ownership2.3.2 Asset invent...

16 Oct 2024

Contributed by Lukas

2.2 Establish information and asset handling requirements2.2.1 Information and Asset Handling:2.2.2 ...

16 Oct 2024

Contributed by Lukas

2.0 DOMAIN 2: ASSET SECURITY2.1 Identify and classify information and assets2.1.1 Data Classificatio...

16 Oct 2024

Contributed by Lukas

1.11 Apply supply chain risk management (SCRM) concepts1.11.1 Risks associated with the acquisition ...

16 Oct 2024

Contributed by Lukas

1.10 Understand & apply threat modelling & Methodologies1.10.1 STRIDE Model1.10.2 PASTA Mode...

16 Oct 2024

Contributed by Lukas

1.9 Understand and apply risk management concepts1.9.1 Threat and Vulnerability Identification1.9.2 ...

16 Oct 2024

Contributed by Lukas

1.8 Contribute to and enforce personnel security policies and procedures1.8.1 Candidate Screening an...

16 Oct 2024

Contributed by Lukas

1.5 Understand requirements for investigation types1.6 Develop, document, & implement security p...

16 Oct 2024

Contributed by Lukas

1.4 Understanding of Info Security legal and regulatory problems1.4.1 Cybercrimes and data breaches1...

16 Oct 2024

Contributed by Lukas

1.3 Evaluate, apply, and sustain security governance principles.1.3.1 Alignment of the security func...

16 Oct 2024

Contributed by Lukas

1.1 Understand, adhere to, and promote professional ethics1.1.1 (ISC)2 Code of Professional Ethics1....

16 Oct 2024

Contributed by Lukas

This is just an introduction episode of CISSP Central podcast, and this entire podcast series is bas...