Fundamental Concepts of Security Models Fundamental Security models illustrate concepts that can be used when analyzing an existing system or designing a new one and as a result, these models cause we understand complex security mechanisms in information systems. Security model security is one of most important the aspects of CISSP training course. Bell-LaPadula [...]
Implement and Manage Engineering Processes Using Secure Design Principles In this section of this tutorial, we'll take a look at engineering processes using secure design principles to help you understand the different aspects of engineering design principles. Key terms Objects : Resources, which may be in the form of data, services or processes access [...]
Security Operations Domain This domain represents 13 percent of the CISSP certification exam. The prime purpose of security operations practices is to safeguard information assets that reside in a system. Security operations represents routine operations that occur across many of the CISSP domains. Security operations practices help to identify threats and vulnerabilities and implement [...]
Security Assessment & Testing Domain This domain represents 12 percent of the CISSP certification exam. Security assessment and testing is based on designing, assessment and analyzing phases. The purpose of designing an interpretation and security assessment is to ensure that all security controls that have been implemented work properly. Assessment and testing are performed [...]
Identity & Access Management (IAM) Domain This domain deals with the method to determine the identity of the entity and then access the permissions. This domain covers 13 percent of the CISSP certification exam. Identity and access management (IAM) is often the first line of defense between adversaries and sensitive information. The purpose of [...]
Security Architecture & Engineering Domain This domain cover the concepts, fundamental principles, basic architectures, and standards required to design a secure architecture. This domain represents 13 percent of the CISSP certification exam. The main topics in this domain are: Security models and concepts Information systems security models Security capabilities of information systems Vulnerabilities in [...]
Establish Handling Requirements Handling, sharing, and allowing access to an asset or a set of assets need to be ensured by the confidentiality, integrity, and availability requirements. In this part of this tutorial, we'll take a look at establishing handling requirements to help you understand the aspects of establishing handling. Appropriate policies and procedures [...]
Determine Data Security Controls Data security controls employed by the states of data, standards, scoping, tailoring, and data protection methods. Data exists in one of three states: Data at rest: Data that lives in external or auxiliary storage devices, such as hard disk drives (HDDs), solid-state drives (SSDs), optical discs (CD/DVD), or even on [...]
Ensuring Appropriate Retention One of the important aspects of cyber security is Ensure Appropriate Retention. In this part of this tutorial, we'll take a look at ensuring appropriate retention to help you understand the different aspects of appropriate retention. An asset in the form of data may store in digital media and hard. Data [...]