페이지 정보

작성자동이 조회 0회 작성일 2022-06-27 05:02:12 댓글 0


CISSP Exam Cram Full Course (All 8 Domains) UPDATED - 2022 EDITION!

This video is the complete CISSP Exam Cram session covering all 8 domains of the exam, updated in 2022. Also includes details on "how to think like a manager", changes to the CAT format June 2022, and exam prep strategy guidance.

00:05:15 CAT exam format and changes
00:07:02 Exam Prep Strategy
00:07:49 How to "think like a manager"
00:22:55 Domain 1 Security and Risk Management
01:24:15 Domain 2 Asset Security
01:39:26 Domain 3 Security Architecture and Engineering
03:54:27 Domain 4 Communication and Network Security
04:56:58 Domain 5 Identity and Access Management
05:30:21 Domain 6 Security Assessment and Testing
05:44:56 Domain 7 Security Operations
07:07:48 Domain 8 Software Development Security

CISSP 2021 Official Study Guide (electronic edition)
-includes 1000 practice questions and flashcards online

CISSP 2021 Official Practice Tests

Presentation Downloads
DOMAIN 1!AmhtzcmYt5AViP0QIjR19_OCHj9wPw?e=oKLavC
DOMAIN 2!AmhtzcmYt5AViP0LFiKr6Gm6SB4uIg?e=ieWq3u
DOMAIN 3!AmhtzcmYt5AViP0PaGXqbjrb4t0r3Q?e=5oGVZa
DOMAIN 4!AmhtzcmYt5AViP0NFHPN50V_v2q04Q?e=EMvNpR
DOMAIN 5!AmhtzcmYt5AViP0M1A9ufN794U4b8Q?e=lXtFYj
DOMAIN 6!AmhtzcmYt5AViP0JAknxDdSxVSVEPg?e=a6Yuur
DOMAIN 7!AmhtzcmYt5AViP0K61z96albuGEORA?e=be3In8
DOMAIN 8!AmhtzcmYt5AViP0ONI9QBYq4ak8YgQ?e=esdxEN

Some of our video description contain affiliate links, which means we may receive a small commission on a purchase. The price to you is the same.
Trisha Durkin : Happy to share I provisionally passed the CISSP on Friday. I’ve probably listened to your videos a hundred times. Thank you for putting together such an informative and enjoyable training session!
Vasudha Kota : Domain 1:Security and Risk Management
24:20 CIA Triad
25:30 ISC2 Code of Ethics
26:10 Security Policy Development - 4 levels
27:15 Exam Tidbit
27:30 Risk Management & Risk Analysis
28:26 Risk Factors
29:14 Security Planning
30:28 Response to Risk
33:32 NIST 800-37 Rev 2: RMF for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy
RMFs for use in the real world - OCTAVE, FAIR, TARA
34:32 7 Steps of NIST 800-37
37:38 Exam Tidbit
38:58 Types of Risk - Residual, Inherent & Total
40:40 Exam Tidbit
41:59 Risk Analysis
45:40 Qualitative Risk Analysis
46:52 Delphi Technique
47:07 Other considerations in Risk Analysis - loss potential & Delayed Loss
47:46 Threat Agents; Terms in Calculating Risk - EF, SLE, ARO, ALE, SE 55:01 Controls Gap
56:03 Supply Chain
57:58 Threat Modeling: Approaches & Frameworks -STRIDE, PASTA, VAST, DREAD, TRIKE
1:02:44 COBIT
1:03:54 Diagramming Potential Attacks in Threat Modeling
1:06:00 Reduction Analysis
1:07:47 Prioritization & Response
1:09:34 Control Types
1:13:40 Legal & Regulatory Issues 1:14:12 Types
1:16:00 IP & Licensing
1:16:14 Regulations regarding Encryption & Privacy
1:19:15 BCP
1:20:45 BCP vs DRP
1:21:24 User Education
1:22:05 Consequences of Privacy & Data breaches
1:23:30 Notifications of Breaches
Domain 2 : Asset Security
1:25:25 Data Life Cycle & 1:25:46 Information Life Cycle
1:27:43 Data Classification for Government & Non-Government Entities
1:27:55 Data Security Controls
1:28:59 Data Destruction Methods
1:30:28 Security Control Baseline
1:30:57 Exam Tidbit
1:31:32 Data Protection & 1:31:48 Classification
1:33:34 Defining Sensitive Data
1:34:17 Data Ownership
1:35:16 Other roles in Data Managing
1:36:02 GDPR
1:36:57 Reducing GDPR Exposure
1:38:55 Exam Tidbit
Domain 3 : Security Architecture and Engineering
1:43:06 Zero Trust Security
1:43:59 Secure Design Principles - Secure Defaults, Fail Securely (from NIST SP 800-160 Vol 1-Systems Security Engineering: Considerations for Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems)
Trust but Verify - zero trust security
1:45:15 Privacy by Design
1:48:33 Keep it Simple
1:51:08 Security as a Service
1:51:26 IoT
1:51:53 Smart Devices
1:52:37 SIEM & SOAR (in Domain 8:)
1:55:18 Microservices & SOA (Service Oriented Architecture)
1:56:44 Containerization
1:58:23 APIs (SOAP/REST)
1:59:33 Embedded Systems
2:00:17 High Performance Computing
2:01:22 Edge Computing, Fog Computing
2:02:55 Cloud Models & Services - On premises, IaaS, PaaS, SaaS
2:06:23 Difference between Serverless (Function as a Service) & PaaS
2:08:36 Public, Private & Hybrid Cloud Models
2:12:30 CASB
2:13:52 Post Quantum Cryptography - symmetric & asymmetric
2:10:04 Cryptography - Code, Cipher
2:19:39 Types of Ciphers - stream & block, substitution, transposition, IV, Caesar, Vigenere, One-time pad
2:22:39 Zero Knowledge Proof, Split Knowledge, Work Function/Factor
2:25:03 Importance of Key Security
2:25:46 Symmetric & Asymmetric Keys
2:27:30 Confidentiality, Integrity & nonrepudiation
2:28:17 DES & 3DES Modes
2:30:21 XOR Cipher
2:30:56 Key Clustering
2:31:40 Asymmetric Key Types
2:34:20 Hash Function Requirements
2:35:04 Cryptographic Salts
2:35:42 Digital Signature Standard
2:36:14 PKI
2:37:19 Securing Traffic
2:37:50 IPSEC Basics
2:38:44 Common Cryptographic Attacks
2:40:30 Digital Rights Management
2:41:00 Symmetric Algorithm
2:42:55 Hash Algorithms
2:44:03 3 Major public Key Cryptosystems - RSA, Elgamal, Elliptic Curve
2:45:10 Digital Signatures - DSA, RSA, Elliptic Curve DSA
2:45:33 Asymmetric Algorithms
2:46:04 Security Models based on Integrity & Confidentiality
2:47:23 Purpose of Security Model
2:47:46 State Machine Model (SMM)
2:48:19 Information Flow Model (based on SMM) - Bell-LaPadula, Biba
2:48:55 Non Interference Model
2:49:23 Lattice Based Model
2:49:51 3 properties of Security Models - Simple Security, Star * Security, Invocation
2:50:13 Security Models based on Integrity & Confidentiality
2:51:55 Bell-LaPadula
2:53:41 Biba Model
2:54:43 Clark-Wilson -2:55:19 Access Control Triple
2:56:15 Other Security Models - Take Grant, Brewer & Nash, 2:56:40 Graham-Denning Model & Rules
2:57:39 Security Modes
2:59:08 SMM
3:00:06 Trusted Computing Base 3:00:57 Security Perimeter
3:01:25 Reference Monitor/Model & Security Kernel
3:02:00 Common Criteria (ISO-IEC 15408) -TCSEC, replaced by ITSEC which was later replaced by global security evaluation framework - Common Criteria
3:03:25 Common Criteria as a process
3:05:00 TCSEC, ITSEC & Common Criteria Comparison
3:06:14 Covert Channels eg Steganography - Covert Timing & Covert Storage Channel - Out of band (may have extra info about the receiver & is outside the scope of normal communication channels)
3:07:44 TPM
3:08:12 Access Control Types- Discretionary & Non-Discretionary
3:09:25 Role-BAC
3:09:25 Rule-BAC
3:10:14 MAC
3:11:10 Security Models Design & Capabilities - Certification & Accreditation, Open & Closed System
3:12:21 Techniques for ensuring CIA
3:13:06 MFA
3:13:43 AuthN & AuthZ
3:14:36 Multi-Tasking, Multi-Threading
3:15:10 Multi-processing, Multi-programming
3:15:44 Single State & Multistate processors
3:16:03 Processor Operating Modes - (End)User & Privileged(System/Administrative) Operations
3:16:46 Memory(Volatile Storage) Types 3:17:21 Security Issues with Storage
3:19:12 Security Risks of I/O devices
3:19:57 Purpose of Firmware
3:20:14 Vulnerabilities, Threats & Countermeasures
3:21:12 Role of Security Policy(eg PCI DSS) in Cloud Computing
3:22:46 Hypervisor - Type I, II
3:23:47 CASB(used in Shadow IT)
3:24:26 Security-aaS
3:24:57 Smart Devices
3:25:13 IoT
3:25:43 Mobile Device & Mobile App Security
3:27:45 Embedded Systems & Static Environment
3:28:58 Privilege & Accountability - principle of least privilege & separation of privilege (role/duty)
3:30:25 Common Flaws & Vulnerabilities - buffer overflow, TOCTTOU, Replay Attacks
3:32:03 Functional Order of Security Controls - Deterrence, Denial, Detection, Delay + Determine, Decide
3:33:20 Physical Security Control - logical, admin, physical
3:37:11 Fire Suppression Agents - Class ABCDK
3:39:02 Categories of fire detection - smoke sensing, flame sensing, heat sensing
3:39:10 Classes of Fire Extinguishers
3:39:24 Voltage & Noise - EM & RF Interference
3:39:53 Static Voltage & Damage
3:40:14 Damage from Fire & Fire Suppression
3:41:13 Water Suppression Systems
3:42:38 Gas Discharge Systems
3:43:32 Lock Types
3:44:10 Facility Design Specifications - Exam Tidbit
3:45:03 Site Selection & Facility Design
3:46:10 Secure Work Area Configuration & Design
3:47:19 Threats to physical Access Control
3:48:07 Securing wiring Closet
3:48:39 Physical Security Requirements 3:49:18 Needs for Media Storage; Concerns & Protections
3:51:15 Evidence Storage
3:52:02 Audit Trails & Access Logs
3:53:24 Need for Clean Power
Domain 4 : Communication and Network Security
Network Architectures
3:56:05 VXLAN
3:57:00 Network Architectures - SDN, 3:57:48 SD-WAN, 3:58:35 LiFi, 4:00:00 Zigbee, 4:01:15 5G, 4:02:48 Content Delivery Networks (CDN) - for streaming audio, video & downloading content
4:03:46 OSI Model 4:05:10 Functionality of OSI Layers
4:06:34 Common TCP/UDP Ports
4:07:02 TCP vs OSI
4:07:27 TCP vs UDP
4:10:09 Cabling Types & Throughput
4:11:02 Standard Network Topologies - star, mesh, ring, bus
4:13:12 Analog vs Digital
4:14:40 Synchronous vs Asynchronous
4:15:25 Baseband vs Broadband
4:16:25 Broadcast, Multicast, Unicast
4:19:50 Token Passing, Polling
4:20:54 Network Segmentation - Intranet, Extranet, DMZ
4:21:59 Reasons for Segmentation
4:22:30 Bluetooth
4:23:13 Mobile System Attacks -bluejacking, bluesnarfing, bluebugging
4:24:11 Wireless Technologies
4:24:34 SSID Broadcast
4:25:23 TKIP
4:25:45 CCMP
4:26:35 WPA2
4:26:51 Fiber Channel & FCoE
4:27:45 ISCSI
4:28:14 Site Survey
4:28:58 EAP, PEAP, LEAP
4:30:15 MAC Filtering
4:30:43 Captive Portals
4:31:15 Antenna Types
4:34:30 Network Devices - Firewalls, Switches, Routers, Gateways, Repeaters, Concentrators, Amplifiers, Bridges, Hubs, LAN Extenders
4:38:02 LAN & WAN (uses private circuit & packet switching Technologies)
4:39:20 Firewalls Types
4:40:26 Stateless & Stateful Firewalls
4:41:22 Modern Firewalls - WAF, NGFW 4:42:22 Deep-packet-inspection, UTM 4:43:44 NAT, Content/URL Filter, 4:44:50 Open Source vs Proprietary, 4:45:46 Hardware vs Software 4:46:51 Application vs Host based vs Virtual
4:47:59 IDS, IPS
4:48:39 IDS Types -Behavior & Knowledge based
4:49:32 HIDS, HIPS
4:49:53 NIDS, NIPS
4:50:09 Modes of Operation - Inline(in-band) & Passive(out of band)
4:50:48 Network Appliances - Sensors & Collectors
4:51:32 Secure Network Design - Bastion host, screened host, screened subnet, proxy server, honeypot
4:54:34 Common Network Attacks:
DOS - teardrop, fraggle, land attack, SYN Flood, ping of death
DDoS - smurf attack
Domain 5: Identity and Access Management
4:59:17 Certificate based Authentication
5:00:25 AAA Protocol - AuthN, AuthZ & Accounting
5:01:27 Active Directory - Kerberos
5:02:36 Authorization mechanisms/principles -3 basis for granting access -need to know, least privilege, separation of duties & responsibilities
5:03:45 Modern/More granular approach to Least Privilege - Just-In-Time(JIT) allows temporary privilege elevation in ephemeral accounts thru Privilege Identity & Access Management (PIM & PAM)
5:04:40 Identification & Authentication
5:05:00 Authorization & Accountability
5:05:45 Primary Authentication Factors
5:06:08 MFA
5:10:26 SSO
5:12:35 Access Control Models -DAC, Role-Based, Rule Based, Attribute Based(more flexible than rule-BAC), MAC(lattice-based)
5:15:36 Security Controls- Type & 5:16:09 Categories -Logical/Technical, Physical, Admin
Uncle C : Provisionally passed my CISSP exam yesterday. Highly recommend taking screen shots as you view Pete’s course materials to review daily. As others have mentioned, you need to use a wide range of study options including books, official ISC2 practice questions, videos etc. I was fortunate to be able to attend in person SANS training but still watched these videos from Pete afterwards along with the Cybrary (Kelly Handerhan) course. Read the 11th hour Eric Conrad book a few days before the exam as well. Thank you Inside Cloud and Security for these excellent videos and good luck to all!!!
yusareba : Hello Pete. I just wanted to reach out to let you know that I provisionally passed the CISSP this morning. Not sure if you remember me, but I messaged about a month ago that I passed Security+ with your exam cram. Kind of hard to imagine how much progress in such little time. Thank you for your exam cram series. I will more than likely be revisiting your Azure stuff, but for now- on to CISA. Thank you again :)
Inside Cloud and Security : Due to an unknown audio issue discovered in Domain 4 of the original release, we published this updated version. The video is otherwise IDENTICAL to the original release. We appreciate your patience and support.

CISSP Certification Course – PASS the Certified Information Security Professional Exam!

CISSP is one of the most valuable Cyber Security Certificates in the market today. This course will qualify you to pass the CISSP Exam.

✏️ The course was created by Mohamed Atef. A Cyber Security consultant and a certified instructor with 20+ years of experience in Cyber Security projects.

Check out more Cyber Security training at InfoSec4TC YouTube Channel:

⭐️ Course Contents ⭐️
⌨️ (00:00:05) Student Feedback
⌨️ (00:01:09) Introduction
⌨️ (00:07:50) Course Outline
⌨️ (00:22:16) Domain 1: Security and Risk Management.
⌨️ (04:05:28) Domain 2: Asset Security
⌨️ (05:27:33) Domain 3: Security Architecture and Engineering
⌨️ (08:38:42) Domain 4: Communications and Network Security.
⌨️ (10:27:12) Domain 5: Identity and Access Management.
⌨️ (12:13:29) Domain 6: Security Assessment and Testing
⌨️ (12:48:37) Domain 7: Security Operations
⌨️ (13:00:11) Domain 8: Software Development Security

Free CISSP Course Resources :
Check out the Ultimate Cyber Security Certification Bundle:


Thanks to our Champion and Sponsor supporters:
Wong Voon jinq
Katia Moran
Nick Raker
Otis Morgan


Learn to code for free and get a developer job:

Read hundreds of articles on programming:

And subscribe for new videos on technology every day:
InfoSec4TC : For more Cyber Security certifications, follow me on my channel
Brian Vedette VA : Going through a bootcamp provided by the Army right now and gotta say this video is hitting all the marks that the course I'm going through is talking about too. Thanks for your time/course. Very useful for extra studying.
Maha Alrasheed : You have no idea how much this video has added to me! I owe you my career shift. You're awesome, please always do similar videos!
Noureddinbe noureddin : I love the instructor's practical approach. He will allways give you real practical information you will not find in any book.
A real unique approach. Thanks!

Passing the CISSP in One Week!


Boson -
Pocket Prep (Google Play Store) -\u0026hl=en_US\u0026gl=US
Pocket Prep (Apple Store) -
Full CISSP Cram Course -\u0026ab_channel=InsideCloudandSecurity
Why you will pass the CISSP -\u0026ab_channel=KellyHanderhan

Pentests \u0026 Security Consulting:
Get Trained:
Get Certified:
Sponsorship Inquiries:

Social Media

Like the channel? Please consider supporting me on Patreon:
Support the stream (one-time):

Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking:
The Hacker Playbook 3:
Hacking: The Art of Exploitation:
The Web Application Hacker's Handbook:
Real-World Bug Hunting: A Field Guide to Web Hacking:
Social Engineering: The Science of Human Hacking:
Linux Basics for Hackers:
Python Crash Course, 2nd Edition:
Violent Python:
Black Hat Python:

My Build:
lg 32gk850g-b 32" Gaming Monitor:
darkFlash Phantom Black ATX Mid-Tower Case:
EVGA 2080TI:
MSI Z390 MotherBoard:
Intel 9700K:
Razer Nommo Chroma Speakers:
Razer BlackWidow Chroma Keyboard:
CORSAIR Pro RBG Gaming Mouse:
Sennheiser RS 175 RF Wireless Headphones:

My Recording Equipment:
Panasonic G85 4K Camera:
Logitech C922x Pro Webcam:
Aston Origin Microphone:
Rode VideoMicro:
Mackie PROFX8V2 Mixer:
Elgato Cam Link 4K:
Elgate Stream Deck:

*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to and affiliated sites.
I.T. Career Questions : But entry level cybersecurity jobs require the CISSP.
r00tbeer : Congrats on getting it done in a week! It took me two hours of studying a day for a month for me to pass back in 2020. For those already doing risk management, the test will not be as difficult as someone coming from a technical background. That's what the CISSP is all about, risk management.
Cybersecurity Web : Welcome back Heath, we missed you! ❤
Congrats on the CISSP!!!
nelaina ailen : Congrats! You're an inspiration to me. I'm just starting cybersec self-study, after 10+ yrs in investment banking, then 3 yr gap due to health issue. had FH exposure to risk mgmt also, building out the group, but in finance not IT. Keep ruminating where to focus, but I'm absorbing all of the resources I can. Thank you for what you do.
julius rowe : Thanks, Heath for this vlog! This was very informative and also gives me some hope regarding study material and whenever I do get ready to take the exam/




등록된 댓글이 없습니다.

전체 8,561건 1 페이지
게시물 검색
Copyright © All rights reserved.  Contact :