Assessing & Mitigating Vulnerabilities of Mobile Systems These days, one of the most important aspects of cyber security is the ability to secure mobile systems. Smartphones available in the market are running on different popular Operating systems such as iOS, Blackberry OS, Android, Symbian, and Windows, etc. All of these have an online store for [...]
Assessing & Mitigating Vulnerabilities of Web Systems Web Servers are the programs that are used for hosting websites. Web servers may be deployed on a separate web server hardware or installed on a host as a program. One of the most important aspects of cyber security is the ability to secure web systems. This [...]
Assessing & Mitigating Vulnerabilities of Security Architectures- Part II (IoT) Cloud-based systems Cloud Computing eliminates the need for on-premises devices by renting a virtual machine hosted by a trusted third-party. This remote computing enhances the efficiency, performance, scalability, and security. There are three different models for cloud computing: Iaas (Infrastructure as a service): Instead [...]
Vulnerability Assessment & Mitigating Vulnerabilities of Security Architectures- Part I One of the most important topics in CISSP course is vulnerability assessment. In this section, we discuss the techniques used to identify and fix vulnerabilities in systems. Server-Client based systems We begin the discussion of vulnerability assessment by talking about various aspects of Server-Client [...]
Security Capabilities of Information Systems Security Capabilities of Information Systems are of important aspects of CISSP training course. In this section, we focus on Memory Protection, Trusted Platform Module (TPM) and Encryption / Decryption. Memory Protection Information Systems are very important. So Memory Protection is an important security concept associated. Memory in a computer [...]
Controls for Systems Security Requirements Building secure software is critical to information security. Also the systems that software runs on must themselves be securely designed and built. In order to evaluate any program or system, technical evaluation evaluates the performance and security-related capabilities. They are also compared with other competing products to evaluate different [...]
Implement and Manage Engineering Processes Using Secure Design Principles In this section of this tutorial, we'll take a look at engineering processes using secure design principles to help you understand the different aspects of engineering design principles. Key terms Objects : Resources, which may be in the form of data, services or processes access [...]
Security Operations Domain This domain represents 13 percent of the CISSP certification exam. The prime purpose of security operations practices is to safeguard information assets that reside in a system. Security operations represents routine operations that occur across many of the CISSP domains. Security operations practices help to identify threats and vulnerabilities and implement [...]
Security Assessment & Testing Domain This domain represents 12 percent of the CISSP certification exam. Security assessment and testing is based on designing, assessment and analyzing phases. The purpose of designing an interpretation and security assessment is to ensure that all security controls that have been implemented work properly. Assessment and testing are performed [...]