System Vulnerabilities MindMap for CISSP Domain 3
Explore key system vulnerabilities to aid your CISSP prep. Covers major topics to enhance your understanding and exam readiness. π
Destination Certification
37.7K views β’ Nov 27, 2023
About this video
Review of the major Vulnerabilities in Systems topics to guide your studies, and help you pass the CISSP exam.
This MindMap review covers:
00:00 Introduction
00:35 Vulnerabilities in Systems
01:07 Single Point of Failure
01:33 Redundancy
01:48 Bypass Controls
02:21 Mitigating Controls
02:57 TOCTOU (Race Conditions)
03:28 Increase frequency of Re-authentication
03:53 Emanations
04:13 Shielding (TEMPEST)
04:34 White Noise
04:48 Control Zones
05:04 Covert Channels
05:20 Analysis & Design
05:36 Aggregation & Inference
05:55 Polyinstantiation
06:21 Mobile Devices
06:42 Policy, training & procedures
07:03 Remote access security
07:16 Endpoint Security
07:28 OWASP Mobile Top 10
07:43 M1: Improper Platform Usage
07:58 M2: Insecure Data Storage
08:24 M3: Insecure Communication
08:43 M4: Insecure Authentication
09:03 M5: Insufficient Cryptography
09:17 M6: Insecure Authorization
09:48 M7: Client Code Quality
10:10 M8: Code Tampering
10:26 M9: Reverse Engineering
10:47 M10: Extraneous Functionality
11:11 Web-based Vulnerabilities
11:26 Cross Site Scripting (XSS)
11:49 Stored (Persistent)
12:45 Reflected (Most common)
13:31 DOM
13:41 Target of Attack: Client
13:53 Cross Site Request Forgery (CSRF)
14:18 Target of Attack: Server
14:28 SQL Injection
15:32 Input Validation
16:08 Client Side vs. Server Side
16:36 Allow Lists vs. Deny Lists
17:36 Outro
For a full list of all the MindMaps and to download them in PDF and Audio format, visit: https://destcert.com/cissp-mindmaps/
Join our r/DestCert subreddit for valuable CISSP resources, training advice, support, and to connect with other CISSP professionals!
This MindMap review covers:
00:00 Introduction
00:35 Vulnerabilities in Systems
01:07 Single Point of Failure
01:33 Redundancy
01:48 Bypass Controls
02:21 Mitigating Controls
02:57 TOCTOU (Race Conditions)
03:28 Increase frequency of Re-authentication
03:53 Emanations
04:13 Shielding (TEMPEST)
04:34 White Noise
04:48 Control Zones
05:04 Covert Channels
05:20 Analysis & Design
05:36 Aggregation & Inference
05:55 Polyinstantiation
06:21 Mobile Devices
06:42 Policy, training & procedures
07:03 Remote access security
07:16 Endpoint Security
07:28 OWASP Mobile Top 10
07:43 M1: Improper Platform Usage
07:58 M2: Insecure Data Storage
08:24 M3: Insecure Communication
08:43 M4: Insecure Authentication
09:03 M5: Insufficient Cryptography
09:17 M6: Insecure Authorization
09:48 M7: Client Code Quality
10:10 M8: Code Tampering
10:26 M9: Reverse Engineering
10:47 M10: Extraneous Functionality
11:11 Web-based Vulnerabilities
11:26 Cross Site Scripting (XSS)
11:49 Stored (Persistent)
12:45 Reflected (Most common)
13:31 DOM
13:41 Target of Attack: Client
13:53 Cross Site Request Forgery (CSRF)
14:18 Target of Attack: Server
14:28 SQL Injection
15:32 Input Validation
16:08 Client Side vs. Server Side
16:36 Allow Lists vs. Deny Lists
17:36 Outro
For a full list of all the MindMaps and to download them in PDF and Audio format, visit: https://destcert.com/cissp-mindmaps/
Join our r/DestCert subreddit for valuable CISSP resources, training advice, support, and to connect with other CISSP professionals!
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
37.7K
Likes
316
Duration
18:12
Published
Nov 27, 2023
User Reviews
4.3
(7)