CISSP Training - Domain 3: Security Architecture and Engineering (Under 1.5 Hours)

Research, implement and manage engineering processes using secure design principles. » Threat modeling » Least privilege » Defense in depth » Secure defaults » Fail securely » Separation of Duties (SoD) » Keep it simple » Zero Trust » Privacy by design » Trust but verify » Shared responsibility Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula) Select controls based upon systems security requirements Understand security capabilities of Information Systems (IS) (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption) Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements » Client-based systems » Server-based systems » Database systems » Cryptographic systems » Industrial Control Systems (ICS) » Cloud-based systems (e.g., Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS)) » Distributed systems » Internet of Things (IoT) » Microservices » Containerization » Serverless » Embedded systems » High-Performance Computing (HPC) systems » Edge computing systems » Virtualized systems Select and determine cryptographic solutions Cryptographic life cycle (e.g., keys, algorithm selection) » Cryptographic methods (e.g., symmetric, asymmetric, elliptic curves, quantum) » Public Key Infrastructure (PKI) » Key management practices » Digital signatures and digital certificates » Non-repudiation » Integrity (e.g., hashing) Understand methods of cryptanalytic attacks Apply security principles to site and facility design Design site and facility security controls » Brute force » Ciphertext only » Known plaintext » Frequency analysis » Chosen ciphertext » Implementation attacks » Side-channel » Fault injection » Timing » Man-in-the-Middle (MITM) » Pass the hash » Kerberos exploitation » Ransomware » Wiring closets/intermediate distribution facilities » Server rooms/data centers » Media storage facilities » Evidence storage » Restricted and work area security » Utilities and Heating, Ventilation, and Air Conditioning (HVAC) » Environmental issues » Fire prevention, detection, and suppression » Power (e.g., redundant, backup) The CISSP Exam Study Guide 2021 --- https://www.amazon.com/dp/B08WX9KTY3 The CISSP curriculum breaks the subject matter down into a variety of Information Security topics referred to as domains. The CISSP examination is based on what (ISC)² terms the Common Body of Knowledge (or CBK). According to (ISC)², "the CISSP CBK is a taxonomy – a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding." From 1st May 2021 there will be a domain refresh that will impact the weighting of the domains, the domains themselves will not change. Security and Risk Management Asset Security Security Architecture and Engineering Communication and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security