CISSP: Security Engineering Part 1


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
Integrating comprehensive security controls into information systems planning and design activities is vital for establishing IS architecture that has necessary functionality combined with the ability to fend off both internal and external threats. In this course, you'll learn best practices for implementing and managing secure engineering processes, including applying underlying security principles in IS architecture design. This course also introduces you to systems security evaluation models selecting appropriate controls and countermeasures. Finally, you'll learn about IS security capabilities and vulnerabilities and how to capitalize both for establishing security of the overall IS architecture. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Information Systems Security Professional (CISSP) exam.

Target Audience
Individuals interested in information systems security concepts, methodologies and best practices; candidates for the Certified Information Systems Security Professional (CISSP) exam

Prerequisites
None

Expected Duration (hours)
2.2

Lesson Objectives

CISSP: Security Engineering Part 1

  • Start the course
  • apply the secure design principle of least design when implementing and managing engineering processes
  • apply the secure design principle of separation of duties when implementing and managing engineering processes
  • apply the secure design principle of defense in depth when implementing and managing engineering processes
  • apply the secure design principle of fail safe when implementing and managing engineering processes
  • apply the secure design principle of economy of mechanism when implementing and managing engineering processes
  • apply the secure design principle of complete mediation when implementing and managing engineering processes
  • apply the secure design principle of open design when implementing and managing engineering processes
  • apply the secure design principle of least common mechanism when implementing and managing engineering processes
  • apply the secure design principle of psychological acceptability when implementing and managing engineering processes
  • apply the secure design principle of weakest link when implementing and managing engineering processes
  • apply the secure design principle of leveraging existing components when implementing and managing engineering processes
  • identify characteristics of confidentiality security models
  • identify characteristics of integrity security models
  • identify characteristics of multi-level security models
  • identify characteristics of systems security evaluation
  • distinguish between security evaluation models
  • identify best practices for selecting controls and countermeasures based on security evaluation models
  • distinguish between memory protection and virtualization security capabilities within information systems
  • identify characteristics of TPM as a security capability within information systems
  • identify characteristics of interfaces as a security capability within information systems
  • identify characteristics of fault tolerance as a security capability within information systems
  • identify best practices for assessing client-based vulnerabilities in security architectures, design, and solution elements
  • identify best practices for assessing server-based vulnerabilities in security architectures, design, and solution elements
  • identify best practices for assessing and mitigating database security vulnerabilities
  • identify best practices for assessing and mitigating large-scale parallel data systems vulnerabilities
  • identify best practices for assessing and mitigating distributed systems vulnerabilities
  • identify best practices for assessing and mitigating cryptographic systems vulnerabilities
  • identify best practices for assessing and mitigating industrial control systems vulnerabilities
  • apply secure design principles, select appropriate controls and countermeasures, and assess a security architecture for vulnerabilities

    • Course Number:
    sp_cisp_a04_it_enus

    Expertise Level
    Intermediate