Pluralsight_CISSP_-_Security_Engineering

در این دوره آموزشی تمامی مباحث مرتبط با مهندسی امنیت ( Security Engineering ) مطرح در CISSP همچون مفاهیم اساسی از مدل های امنیتی، مدل های ارزیابی امنیت، قابلیت های امنیتی سیستم های اطلاعاتی، آسیب پذیری در معماری و تکنولوژی امنیت قطعات ، رمزنگاری، و تسهیلات طراحی آموزش داده می شود.

این دوره آموزشی محصول موسسه PluralSight است.

سرفصل های دوره:

  • مهندسی امنیت چیست؟
  • اصول طراحی امن
  • نرم افزار/ سیستم طراحی Lifecycle
  • طراحی فاز
  • یکپارچه سازی و تست Phase
  • اصول مهندسی امنیت NIST
  • کاهش آسیب پذیری
  • مفاهیم اساسی از مدل امنیت
  • مدل امنیت مبتنی بر ماتریکس
  • مدل چند سطحی امنیت شبکه
  • مدل امنیت Clark Wilson
  • مدل امنیت Graham-Denning
  • فریم ورک های امینت معماری
  • معیارهای ارزیابی امنیت فناوری اطلاعات
  • رمزنگاری
  • آسیب پذیری در امنیت معماری و کامپوننت های تکنولوژی
  • انواع آسیب پذیری
  • آسیب پذیری اجزای تکنولوژی
  • اشکال رمزنگاری
  • استاندارد رمزگذاری داده
  • توابع هش
  • حملات هش
  • طراحی کنترل امنیت فیزیکی
  • مفهوم اساسی رمزنگاری
  • دسترسی به تسهیلات
  • و…

عنوان دوره:  PluralSight CISSP® – Security Engineering
مدت زمان: 2 ساعت و 29 دقیقه
نویسنده:  Evan Morgan


توضیحات:

CISSP� - Security Engineering

Evan Morgan
2h 29m

Deep dive into the Security Engineering domain of the Certified Information Systems Security Professional (CISSP�) certification, including Secure Design Principles and Processes, Fundamental Concepts of Security Models, Security Evaluation Models, Security Capabilities of Information Systems, Vulnerabilities in Security Architecture and Technology Components, Cryptography, and Site and Facility Secure Design


Introduction2m 17s
CISSP� - Security Engineering0m 48s
What's Security Engineering and What's Next?1m 29s
Secure Design Principles and Processes43m 11s
Introduction to Secure Design Principles and Processes1m 24s
Software/System Design Lifecycle1m 57s
Requirements Phase1m 6s
Design Phase1m 49s
Implementation Phase0m 50s
Integration and Testing Phase1m 27s
Transition to Operations Phase1m 19s
NIST Security Engineering Principles1m 41s
Security Foundation Principles3m 35s
Risk Based Principles5m 58s
Ease of Use Principles3m 41s
Increase Resilience Principles7m 40s
Reduce Vulnerabilities Principles5m 12s
Design with Network in Mind Principles4m 27s
Summary and What�s Next1m 0s
Fundamental Concepts of Security Models19m 21s
Introduction to Fundamental Concepts of Security Models1m 10s
Type of Security Models0m 50s
Information Flow Security Model1m 2s
Matrix-based Security Model1m 15s
Multi-level Lattice Security Model0m 42s
Non-interference Security Model1m 13s
State Machine Security Model1m 26s
Common Security Model Examples0m 30s
Bell-LaPadula Confidentiality Security Model3m 24s
Biba Integrity Security Model2m 1s
Brewer-Nash (The Chinese Wall) Security Model0m 32s
Clark Wilson Security Model0m 38s
Graham-Denning Security Model0m 41s
Security Architecture Frameworks0m 45s
The Open Group Architecture Framework (TOGAF)0m 57s
Zachman Framework0m 39s
Sherwood Applied Business Security Architecture (SABSA)0m 40s
Summary and What�s Next0m 47s
Security Evaluation Models22m 24s
Introduction to Security Evaluation Models1m 9s
Certification and Accreditation1m 4s
Product Evaluation Models0m 43s
Trusted Computer System Evaluation Criteria (TCSEC)4m 41s
Information Technology Security Evaluation Criteria (ITSEC)3m 42s
The Common Criteria1m 58s
Security Implementation Guidelines1m 13s
ISO/IEC 27001 and 27002 Security Standards2m 59s
Control Objects for Information and Related Technology (COBIT)1m 49s
Payment Card Industry Data Security Standard (PCI-DSS)2m 15s
Summary and What�s Next0m 46s
Security Capabilities of Information Systems8m 49s
Introduction to Security Capabilities of Information Systems1m 0s
Access Control Mechanisms0m 49s
Secure Memory Management1m 31s
State and Layering0m 51s
Cryptographic Protections1m 14s
Host Firewalls and Intrusion Prevention0m 36s
Auditing and Monitoring Controls0m 57s
Virtualization1m 7s
Summary and What�s Next0m 41s
Vulnerabilities in Security Architecture and Technology Components13m 52s
Introduction to Vulnerabilities in Security Architecture and Technology Components1m 30s
Completely Secure Any System1m 9s
Vulnerability Types3m 2s
The CIA Triad0m 45s
Security Architecture Vulnerabilities2m 43s
Technology Component Vulnerabilities3m 43s
Summary and What�s Next0m 58s
Cryptography28m 14s
Introduction to Cryptography1m 0s
Cryptography Is Typically Bypassed, Not Penetrated1m 6s
Basic Concept of Cryptography4m 46s
Cryptography Isn�t New!2m 25s
The CIA Triad1m 12s
Key Length1m 1s
Cipher Types0m 58s
Forms of Cryptography1m 12s
Symmetric Cryptography1m 6s
Data Encryption Standard (DES)2m 36s
Double DES (2DES)0m 28s
Triple DES (3DES)0m 34s
Advanced Encryption Standard (Rijndael)0m 50s
Asymmetric Cryptography2m 41s
Hashing Functions1m 8s
Hashing Attacks1m 8s
Methods of Cryptanalytic Attacks1m 27s
Cryptographic Lifecycle0m 52s
Cryptography Law0m 51s
Summary and What�s Next0m 44s
Site and Facility Secure Design11m 34s
Introduction to Site and Facility Secure Design1m 0s
Physical Security Control Design1m 37s
Crime Prevention Through Environmental Design1m 12s
Physical Security Requirements and Resources1m 57s
Key Facility Protection Points0m 20s
Facility Access1m 30s
Support Equipment Rooms0m 58s
Server and Technology Component Rooms0m 42s
Restricted Work Areas1m 23s
Summary and What�s Next