CISSP Central
Activity Overview
Episode publication activity over the past year
Episodes
CISSP Domain8 Section 5
16 Oct 2024
Contributed by Lukas
8.5 Define and apply secure coding guidelines and standards8.5.1 Security weaknesses and vulnerabilities at the source-code level8.5.2 Security of app...
CISSP Domain8 Section 3 and 4
16 Oct 2024
Contributed by Lukas
8.3 Assess the effectiveness of software security8.3.1 Auditing and logging of changes8.3.2 Risk analysis and mitigation8.4 Assess security impact of ...
CISSP Domain8 Section2
16 Oct 2024
Contributed by Lukas
8.2 Identify & apply security controls in development environments8.2.1 Programming languages8.2.2 Libraries8.2.3 Tool sets8.2.4 Integrated Develo...
CISSP Domain8 Intro and Section 1
16 Oct 2024
Contributed by Lukas
8.1 Understand and integrate security in the software development lifecycle8.1.1 Development Methodologies8.1.2 Maturity Models (e.g., Capability Matu...
CISSP Domain7 Section 13, 14 and 15
16 Oct 2024
Contributed by Lukas
7.13 Participate in Business Continuity (BC) planning and exercises7.14 Implement and manage physical security7.15 Address personnel safety and securi...
CISSP Domain7 Section 12
16 Oct 2024
Contributed by Lukas
7.12 Test Disaster Recovery Plans7.12.1 Read-through/Checklist7.12.2 Walk-through/Tabletop7.12.3 Simulation7.12.4 Parallel7.12.5 Full Interruption7.12...
CISSP Domain7 Section 11
16 Oct 2024
Contributed by Lukas
7.11 Implement Disaster Recovery Process7.11.1 Response7.11.2 Personnel7.11.3 Communications7.11.4 Assessment7.11.5 Restoration7.11.6 Training & A...
CISSP Domain7 Section 8, 9 and 10
16 Oct 2024
Contributed by Lukas
7.8 Implement and support patch and vulnerability management7.9 Understand and participate in change management processes7.10 Implement recovery strat...
CISSP Domain7 Section 7
16 Oct 2024
Contributed by Lukas
7.7 Operate and maintain detection and preventative measures7.7.1 Firewall7.7.2 Intrusion detection and prevention systems7.7.3 Whitelisting/Blacklist...
CISSP Domain7 Section 6
16 Oct 2024
Contributed by Lukas
7.6 Conduct incident management7.6.1 Detection7.6.2 Response7.6.3 Mitigation7.6.4 Reporting7.6.5 Recovery7.6.6 Remediation7.6.7 Lessons Learned
CISSP Domain7 Section 5
16 Oct 2024
Contributed by Lukas
7.5 Apply resource protection techniques7.5.1 Media Management7.5.2 Hardware and software asset management7.5.3 Data at rest/Data in transit
CISSP Domain7 Section 3 and Section 4
16 Oct 2024
Contributed by Lukas
7.3 Perform Configuration Management (e.g., provisioning, baselining, automation)7.4 Apply foundational security operations concepts7.4.1 Need to know...
CISSP Domain7 Section 2
16 Oct 2024
Contributed by Lukas
7.2 Conduct logging and monitoring activities7.2.1 Intrusion detection and prevention systems (IDPS)7.2.2 Security information and Event Management (S...
CISSP Domain7 Intro and Section 1
16 Oct 2024
Contributed by Lukas
7.0 DOMAIN 7: SECURITY OPERATIONS7.1 Understand and support investigations7.1.1 Evidence Collection and Handling7.1.2 Reporting and Documentation7.1.3...
CISSP Domain6 Intro and Section 4
16 Oct 2024
Contributed by Lukas
6.4 Analyze test output and generate report6.4.1 Remediation6.4.2 Exception Handling6.4.3 Ethical disclosure6.5 Conduct or facilitate security audits6...
CISSP Domain6 Intro and Section 3
16 Oct 2024
Contributed by Lukas
6.3 Collect Security Process data6.3.1 Account Management6.3.2 Management review and approval6.3.3 Key Performance and Risk Indicator6.3.4 Backup Veri...
CISSP Domain6 Section 2
16 Oct 2024
Contributed by Lukas
6.2 Conduct Security Control Testing6.2.1 Vulnerability Assessment6.2.2 Penetration Testing6.2.3 Log Reviews6.2.4 Synthetic Transaction6.2.5 Code revi...
CISSP Domain6 Intro and Section 1
16 Oct 2024
Contributed by Lukas
6.0 DOMAIN 6: SECURITY ASSESSMENT AND TESTING6.1 Design and Validate assessment, test, and audit strategies6.1.1 Internal6.1.2 External6.1.3 Third-par...
CISSP Domain5 Intro and Section 5
16 Oct 2024
Contributed by Lukas
5.5 Manage the identity and access provisioning lifecycle5.5.1 Account access review (e.g., user, system, service)5.5.2 Provisioning and deprovisionin...
CISSP Domain5 Intro and Section 4
16 Oct 2024
Contributed by Lukas
5.4 Implement and manage authorization mechanisms
CISSP Domain5 Intro and Section 3
16 Oct 2024
Contributed by Lukas
5.3 Federated identity with a third-party service5.3.1 On-Premises5.3.2 Cloud5.3.3 Hybrid
CISSP Domain5 Section 2
16 Oct 2024
Contributed by Lukas
5.2 Design identification and authentication Strategy (e.g., people, devices, and services)5.2.1 Groups and Roles5.2.2 Authentication, Authorization a...
CISSP Domain5 Intro and Section 1
16 Oct 2024
Contributed by Lukas
5.0 DOMAIN 5: IDENTITY & ACCESS MANAGEMENT (IAM)5.1 Control physical and logical access to assets5.1.1 Information5.1.2 Systems5.1.3 Devices5.1.4 ...
CISSP Domain4 Section 3
16 Oct 2024
Contributed by Lukas
4.3 Implement secure communication channels according to design4.3.1 Voice, video, and collaboration (e.g., conferencing, Zoom rooms)4.3.2 Remote acce...
CISSP Domain4 Section 2
16 Oct 2024
Contributed by Lukas
4.2 Secure Network Components4.2.1 Operation of infrastructure4.2.2 Transmission Media4.2.3 Network Access Control (NAC) devices4.2.4 Endpoint Securit...
CISSP Domain4 Intro and Section 1
16 Oct 2024
Contributed by Lukas
4.0 DOMAIN 4: COMMUNICATION AND NETWORK SECURITY4.1 Apply secure design principles in network architectures4.1.1 Open System Interconnection (OSI) and...
CISSP Domain3 Section 10
16 Oct 2024
Contributed by Lukas
3.10 Manage the information system lifecycle3.10.1 Stakeholder needs & requirements3.10.2 Requirements Analysis3.10.3 Architectural design3.10.4 D...
CISSP Domain3 Section 9
16 Oct 2024
Contributed by Lukas
3.9 Design Site and Facility security controls3.9.1 Wiring closets/intermediate distribution frame3.9.2 Server rooms/data centers3.9.3 Media storage f...
CISSP Domain3 Section 8
16 Oct 2024
Contributed by Lukas
3.8 Apply security principles to site and facility design3.8.1 Facility Design3.8.2 Implement Site and Facility Security Controls3.8.3 Physical Securi...
CISSP Domain3 Section 7
16 Oct 2024
Contributed by Lukas
3.7 Understand methods of cryptanalytic attacks3.7.1 Brute-force3.7.2 Ciphertext only3.7.3 Known Plaintext3.7.4 Frequency Analysis3.7.5 Chosen Ciphert...
CISSP Domain3 Section 6
16 Oct 2024
Contributed by Lukas
3.6 Select and determine cryptographic solutions3.6.1 Cryptographic life cycle3.6.2 Cryptographic methods3.6.3 Public key infrastructure3.6.4 Key Mana...
CISSP Domain3 Section 5
16 Oct 2024
Contributed by Lukas
3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements3.5.1 Client-based systems3.5.2 Server-based syst...
CISSP Domain3 Section 4
16 Oct 2024
Contributed by Lukas
3.4 Understand security capabilities of Information Systems (IS) (e.g., memory protection,Trusted Platform Module (TPM), encryption/decryption)
CISSP Domain3 Section 3
16 Oct 2024
Contributed by Lukas
3.3 Select controls based upon systems security requirementsHere we will go over the steps to take when deciding the security controls to deploy accor...
CISSP Domain3 Section 2
16 Oct 2024
Contributed by Lukas
3.2 Understand the fundamental concepts of security models3.2.1 Security Models3.2.2 Lattice-based models3.2.3 Rule-based models3.2.4 Other models &am...
CISSP Domain3 Intro and Section 1
16 Oct 2024
Contributed by Lukas
3.0 DOMAIN 3: SECURITY ARCHITECTURE AND ENGINEERING3.1 Research, implement, and manage engineering processes using secure design principles.3.1.1 Thre...
CISSP Domain2 Section 5 and 6
16 Oct 2024
Contributed by Lukas
2.5 Ensure appropriate asset retention2.6 Determine data security controls & compliance requirements2.6.1 Data States2.6.2 Scoping and Tailoring (...
CISSP Domain2 Section 4
16 Oct 2024
Contributed by Lukas
2.4 Manage Data Lifecycle2.4.1 Data Roles2.4.2 Data Collection2.4.3 Data Location2.4.4 Data Maintenance2.4.5 Data Retention2.4.6 Data Remanence2.4.7 D...
CISSP Domain2 Section 3
16 Oct 2024
Contributed by Lukas
2.3 Provision information and assets securely2.3.1 Information and asset ownership2.3.2 Asset inventory2.3.2 Asset Management
CISSP Domain2 Section 2
16 Oct 2024
Contributed by Lukas
2.2 Establish information and asset handling requirements2.2.1 Information and Asset Handling:2.2.2 Handling Requirements:2.2.3 Media Storage:2.2.4 Tr...
CISSP Domain2 Intro and Section 1
16 Oct 2024
Contributed by Lukas
2.0 DOMAIN 2: ASSET SECURITY2.1 Identify and classify information and assets2.1.1 Data Classification2.1.2 Asset Classification2.1.3 Other key concept...
CISSP Domain1 Section 11 and 12
16 Oct 2024
Contributed by Lukas
1.11 Apply supply chain risk management (SCRM) concepts1.11.1 Risks associated with the acquisition of products and services from suppliers and provid...
CISSP Domain1 Section 10
16 Oct 2024
Contributed by Lukas
1.10 Understand & apply threat modelling & Methodologies1.10.1 STRIDE Model1.10.2 PASTA Model1.10.3 DREAD Model
CISSP Domain1 Section 9
16 Oct 2024
Contributed by Lukas
1.9 Understand and apply risk management concepts1.9.1 Threat and Vulnerability Identification1.9.2 Risk Analysis, assessment, and scope1.9.3 Risk res...
CISSP Domain1 Section 8
16 Oct 2024
Contributed by Lukas
1.8 Contribute to and enforce personnel security policies and procedures1.8.1 Candidate Screening and Hiring1.8.2 Employment agreements and policy dri...
CISSP Domain1 Section 5, 6 and 7
16 Oct 2024
Contributed by Lukas
1.5 Understand requirements for investigation types1.6 Develop, document, & implement security policy, standards, procedures, & guidelines1.6....
CISSP Domain1 Section 4
16 Oct 2024
Contributed by Lukas
1.4 Understanding of Info Security legal and regulatory problems1.4.1 Cybercrimes and data breaches1.4.2 Licensing and intellectual property requireme...
CISSP Domain1 Section 3
16 Oct 2024
Contributed by Lukas
1.3 Evaluate, apply, and sustain security governance principles.1.3.1 Alignment of the security function to business strategy1.3.2 Organizational proc...
CISSP Domain1 Section 1 and Section 2
16 Oct 2024
Contributed by Lukas
1.1 Understand, adhere to, and promote professional ethics1.1.1 (ISC)2 Code of Professional Ethics1.1.2 Organizational code of ethics1.2 Understand an...
Introduction to CISSP 2024
16 Oct 2024
Contributed by Lukas
This is just an introduction episode of CISSP Central podcast, and this entire podcast series is based on a published book named C(R)ISSP: The most co...