» » CISSP Training DVDs

Information of news
  • Author: kityvn
  • Date: 25-09-2013, 14:25
25-09-2013, 14:25

CISSP Training DVDs

Category: Tutorials

CISSP Training DVDs
CISSP Training DVDs | 8.5 GB
Genre: E-Learning

This is the latest cissp trainings from career academy in 10 dvds as per isc2 syllabi

CISSP Training DVDs

They syllabi is given below.
Domain 1 - Information Security and Risk Management
Information Security and Risk Management
Mainframe Days
In the Good Old Days ?Who Knew?
Today?s Environment
Security Definitions
Examples of Some Vulnerabilities that Are Not Always Obvious
Risk ? What Does It Really Mean?
Who Deals with Risk?
Overall Business Risk
AIC Triad
Who Is Watching?
Social Engineering
What Security People Are Really Thinking
Security Concepts
The Bad Guys Are Motivated
If Not Obscurity ? Then What?
Open Standards
Common Open Standards
Without Standards
?Soft? Controls
Logical Controls
Physical Controls
Are There Gaps?
Understanding Drivers
Holistic Security
Not Always So Easy
What Is First?
Different Types of Law
How Is Liability Determined?
Examples of Due Diligence
Examples of Due Care
Prudent Person Rule
Prudent Person
Taking the Right Steps
Why Do We Need Regulations?
Risk Management
Why Is Risk Management Difficult?
Necessary Level of Protection Is Different for Each Organization
Security Team/Committee
Risk Management Process
Planning Stage ? Team
Analysis Paralysis
Planning Stage ? Scope
Planning Stage ? Analysis Method
Risk Management Tools
Defining Acceptable Levels
Acceptable Risk Level
Collecting and Analyzing Data Methods
What Is a Company Asset?
Data Collection ? Identify Assets
Data Collection ? Assigning Values
Asset Value
Data Collection ? Identify Threats
Data Collection ? Calculate Risks
Scenario Based ? Qualitative
Risk Approach
Qualitative Analysis Steps
Want Real Answers?
Qualitative Risk Analysis Ratings
Qualitative Risks
Quantitative Analysis Steps
Quantitative Analysis
How Often Will This Happen?
ARO Values and Their Meaning
Calculate ALE
ALE Value Uses
Calculate Risks ? ALE Example
Your Turn!
ALE Calculation
Can a Purely Quantitative Analysis Be Accomplished?
Risk Types
Examples of Types of Losses
Delayed Loss
Cost/Benefit Analysis
Cost of a Countermeasure
Cost/Benefit Analysis Countermeasure Criteria
Calculating Cost/Benefit
Control Selection Requirements
Quantitative Analysis
Quantitative Analysis Disadvantages
Qualitative Analysis Approach
Qualitative Analysis Disadvantages
Can You Get Rid of All Risk?
Calculating Residual Risk
Uncertainty Analysis
Dealing with Risk
Management?s Response to Identified Risks
Risk Acceptance
Risk Analysis Process Summary
Components of Security Program
A Layered Approach
In Security, You Never Want Any Surprises
Building Foundation
Security Roadmap
Functional and Assurance Requirements
Building Foundation
Most Organizations
Silo Security Structure
Islands of Security Needs and Tools
Get Out of a Silo Approach
Security Is a Process
Approach to Security Management
Result of Battling Management
Industry Best Practices Standards
ISO/IEC 17799
Pieces and Parts
New ISO Standards
Inside of COBIT
COBIT ? Control Objectives
Information Technology Infrastructure Library
Security Governance
Security Program Components
Policy Framework
Policy Types
Organizational Policy
Policy Approved ? Now What?
Issue-Specific Policies
ASP Policy Example
System-Specific Policies
Standard Example
Data Collection for Metrics
Tying Them Together
Program Support
Entity Relationships
Senior Management?s Role
Security Roles
Information Classification
Information Classification Program
Data Leakage
Do You Want to End Up in the News?
Types of Classification Levels
Data Protection Levels
Classification Program Steps
Information Classification Components
Procedures and Guidelines
Classification Levels
Information Classification Criteria
Criteria Example
Or Not
Information Owner Requirements
Clearly Labeled
Testing Classification Program
Who Is Always Causing Problems?
Employee Management
Employee Position and Management
Hiring and Firing Issues
A Few More Items
Unfriendly Termination
Security Awareness and Training
Training Characteristics
Security Enforcement Issues
Answer This Question
Domain 1 Review

Domain 2 - Access Control Domain Objectives
Agenda 1
Access Control Mechanism Examples
Technical Controls
Administrative Controls
Access Control Characteristics
Preventive Controls
Preventive - Administrative Controls
Preventive ? Physical Controls
Preventive - Technical Controls
Control Combinations
Detective - Administrative Control
Detective Examples
Administrating Access Control
OS, Application, Database
Administrating Access Control
Authorization Creep
Accountability and Access Control
Trusted Path
Fake Login Pages Look Convincing
Who Are You?
Identification Issues
Authentication Mechanisms Characteristics
Strong Authentication
Fraud Controls
Internal Control Tool: Separation of Duties
Authentication Mechanisms in Use Today
Biometrics Technology
Biometric Devices
Verification Steps
What a Person Is
Why Use Biometrics?
Biometric Type
Identification or Authentication?
Iris Sampling
Finger Scan
Hand Geometry
Facial Recognition
Biometrics Verification
Downfalls to Biometric Use
Biometrics Error Types
Crossover Error Rate
Biometric System Types
Password Generators
Password ?Shoulds?
Support Issues
Password Attacks
Attack Steps
Many Tools to Break Your Password
Rainbow Table
Passwords Should NOT Contain?
What?s Left?
Countermeasures for Password Cracking
Cognitive Passwords
One-Time Password Authentication
Synchronous Token
One Type of Solution
Synchronous Steps
Administrator Configures
Challenge Response Authentication
Asynchronous Token Device
Asynchronous Steps
Challenge Response Authentication
Cryptographic Keys
Passphrase Authentication
Key Protection
Memory Cards
Memory Card Characteristics
Smart Card
Card Types
Smart Card Attacks
Software Attack
Side Channel Attack
Side Channel Data Collection
Identity Management
How Are These Entities Controlled?
Some Current Issues
Typical Chaos
Different Identities
Identity Management Technologies
Directory Component
Enterprise Directory
Directory Responsibilities
Authoritative Sources
Meta Directory
Directory Interactions
Web Access Management
Web Access
Password Management
Legacy Single Sign-On
Account Management Systems
Provisioning Component
Not Just Computers
Profile Update
Working Together
Enterprise Directory
Identity Management Solution Components
Right for Your Company
What you need to know
Federated Identity
Identity Theft
Fake Login Tools
How Do These Attacks Work?
Attempts to Get Your Credentials
How Do These Work?
Instructional Emails
Knowing What You Are Disposing of Is Important
Other Examples
Another Danger to Be Aware of? Spyware
Is Someone Watching You?
What Does This Have to Do with My Computer?
Sometimes You Know that Software Is Installing on Your System
New Spyware Is Being Identified Every Week
Spyware Comes in Many Different Forms
How to Prevent Spyware
Different Technologies
Single Sign-on Technology
Single Sign-on
Directory Services as a Single Sign-on Technology
Active Directory
Some Technologies Can Combine Services
Security Domain
Domains of Trust
Domain Illustration
Thin Clients
Kerberos as a Single Sign-on Technology
Kerberos Components Working Together
Pieces and Parts
More Components of Kerberos
KDC Components
Kerberos Steps
Ticket Components
Steps of Validation
Kerberos Security
Why Go Through All of this Trouble?
Issues Pertaining to Kerberos
Kerberos Issues
SESAME as a Single Sign-on Technology
SESAME Steps for Authentication
Models for Access
Access Control Models
Discretionary Access Control Model
ACL Access
File Permissions
Enforcing a DAC Policy
Security Issues
Mandatory Access Control Model
MAC Enforcement Mechanism ? Labels
Formal Model
Software and Hardware
Software and Hardware Guards
Where Are They Used?
MAC Versus DAC
Role-Based Access Control
RBAC Hierarchy
RBAC and SoD
Acquiring Rights and Permissions
Rule-Based Access Control
Firewall Example
Access Control Matrix
Capability Tables
User Capability Tables
Temporal Access Control
Access Control Administration
Access Control Methods
Centralized Approach
Remote Centralized Administration
RADIUS Characteristics
TACACS+ Characteristics
Diameter Characteristics
Diameter Protocol
Mobile IP
Diameter Architecture
Two Pieces
Decentralized Access Control Administration
Controlling Access to Sensitive Data
Protecting Access to System Logs
Accountability = Auditing Events
Agenda 2
IDS Steps
Network IDS Sensors
Host IDS
Types of IDSs
Signature-Based Example
Behavior-Based IDS
Statistical Anomaly
Statistical IDS
Protocol Anomaly
What Is a Protocol Anomaly?
Protocol Anomaly Issues
Traffic Anomaly
IDS Response Mechanisms
Responses to Attacks
IDS Issues
Intrusion Prevention System
Vulnerable IDS
Trapping an Intruder
Domain 2 Review
Domain 3 - Cryptography Objectives
Services Provided by Cryptography
Cryptographic Definitions
A Few More Definitions
Need Some More Definitions?
Now This Would be Hard Work
Symmetric Cryptography ? Use of Secret Keys
Historical Uses of Symmetric Cryptography ? Hieroglyphics
Scytale Cipher
Substitution Ciphers
Simple Substitution Cipher Atbash
Simple Substitution Cipher Caesar Cipher
Caesar Cipher Example
Simple Substitution Cipher ROT13
Historical Uses
Polyalphabetic Cipher ? Vigenere Cipher
Polyalphabetic Substitution
Vigenere Algorithm
Enigma Machine
U-Boats had Enigma Machines
Code Book
Historical Uses of Symmetric Cryptography ? Running Key and Concealment
Agenda 1
Transposition Ciphers
Key and Algorithm Relationship
Does Size Really Matter?
It Does with Key Sizes
Key space
Ways of Breaking Cryptosystems ? Brute Force
Brute Force Components
Ways of Breaking Cryptosystems ? Frequency Analysis
Strength of a Cryptosystem
Do You Know What You are Doing?
Developing Cryptographic Solutions In-House
Characteristics of Strong Algorithms
Open or Closed More Secure?
Agenda 2
Types of Ciphers Used Today
Type of Symmetric Cipher ? Block Cipher
S-Boxes Used in Block Ciphers
Binary Mathematical Function 1
Type of Symmetric Cipher ? Stream Cipher
Symmetric Characteristics
Initialization Vectors
Security Holes
Strength of a Stream Cipher
Let?s Dive in Deeper
Symmetric Key Cryptography
Out-of-Band Transmission
Symmetric Key Management Issue
Symmetric Algorithm Examples
Symmetric Downfalls
Asymmetric Cryptography
Key Functions
Public Key Cryptography Advantages
Asymmetric Algorithm Disadvantages
Confusing Names
Symmetric versus Asymmetric
Asymmetric Algorithm Examples
Questions 1
When to Use Which Key
Using the Algorithm Types Together
Encryption Steps
Receiver's Public Key Is Used to Encrypt the Symmetric Key
Receiver?s Private Key Is Used to Decrypt the Symmetric Key
Digital Envelope
E-mail Security
Secret versus Session Keys
Asymmetric Algorithms We Will Dive Into
Asymmetric Algorithm ? Diffie-Hellman
Key Agreement Schemes
Asymmetric Algorithm ? RSA
Factoring Large Numbers
RSA Operations
RSA Key Size
El Gamal
ECC Benefits
Asymmetric Mathematics
Asymmetric Security
Symmetric Ciphers We Will Dive Into
Symmetric Algorithms ? DES
Block Cipher
Double DES
Evolution of DES
Modes of 3DES
Encryption Modes
Block Cipher Modes ? CBC
IV and CBC
CBC Example
Different Modes of Block Ciphers ?ECB
ECB versus CBC
Block Cipher Modes ? CFB and OFB
CFB and OFB Modes
Counter Mode
Modes Summary
Symmetric Cipher ? AES
Agenda 3
Data Integrity
Hashing Steps
Protecting the Integrity of Data
Hashing Algorithms
Data Integrity Mechanisms
Hashing Strength
Question 1
Weakness in Using Only Hash Algorithms
More Protection in Data Integrity
HMAC ? Sender
HMAC ? Receiver
Another Look
What Services
Authentication Types
MAC Using Block Ciphers
What Services?
Question 2
Digital Signatures
One More Look 1

... and much more

I recommends Buy premimum account for High speed+parallel downloads!





Site BBcode/HTML Code:
Dear visitor, you went to the site as unregistered user.
We recommend you Sign up or Login to website under your name.
Would you like to leave your comment? Please Login to your account to leave comments. Don't have an account? You can create a free account now.