CISSP Certification Training
Course Description
The Certified Information Systems Security Professional (CISSP) certification is considered the gold standard in the field of information security. This CISSP training is aligned with (ISC)² CBK 2018 requirements and will train you to become an information assurance professional who defines all aspects of IT security, including architecture, design, management, and controls. Most IT security positions require or prefer a CISSP certification, so get started with your CISSP training today.
Key features
- 32 hours of instructor-led training
- 32 hours of self-paced videos
- 5 simulation test papers (150 questions each) for practice
- Offers the requisite 30 CPEs for taking the CISSP examination
- Domain-specific test papers to prepare you for CISSP certification
Online Classroom Flexi-Pass
- 90 days of flexible access to instructor-led online training classes
- Lifetime access to high-quality self-paced e-learning content and live class recordings
- 24×7 learner assistance and support
Curriculums
-
Domain 00 - Introduction
1 CISSP®—Introduction
2 Objectives
3 CISSP®
4 (ISC)²®
5 CISSP® Domains
6 Benefits of CISSP® for Professionals
7 Benefits of CISSP® for Employers
8 CISSP® Certification Requirements
9 CISSP® Certification Requirements (contd.)
10 CISSP® Certification Requirements (contd.)
11 CISSP® Certification Requirements (contd.)
12 CISSP® Examination
13 CISSP® Examination (contd.)
14 Conclusion -
Domain 01 - Security and Risk Management
1 Domain 01—Security and Risk Management
2 Objectives
3 Importance of Information Security and Risk Management
4 Role and Importance of CIA in ISM
5 Confidentiality
6 Integrity
7 Availability
8 Information Security
9 Information Security Management
10 Information Security Governance
11 IT Security and Organizational Goals, Mission, and Objectives
12 Goals, Mission, and Objectives
13 Aligning Security with Goals, Mission, and Objectives
14 Business Scenario
15 Organizational Processes
16 Auditing
17 Control Framework
18 Due Care
19 Due Diligence
20 Security Controls
21 Service Level Agreements
22 Managing Third – Party Governance
23 Offshoring Privacy Requirements and Compliance
24 Business Scenario
25 Layers of Responsibility
26 Security Policies
27 Types of Security Policies
28 Security Policy Implementation
29 Policy Chart
30 Standards, Guidelines, Procedures, and Baselines
31 Business Scenario
32 Compliance—Need for Compliance
33 Regulatory Compliance
34 Compliance
35 Compliance (contd.)
36 Compliance (contd.)
37 Standards/Manuals/Guidelines for Compliance
38 Computer Crimes
39 Introduction to Computer Crimes
40 Categories of Computer Crimes
41 Business Scenario
42 Major Legal Systems
43 Common Law and Civil Law
44 Customary Law and Religious Law
45 Mixed Law
46 Business Scenario
47 Introduction to Intellectual Property (IP) Law
48 Types of Intellectual Property (IP) Law 01:51
49 Types of Intellectual Property (IP) Law (contd.)
50 Types of Intellectual Property (IP) Law (contd.)
51 Business Scenario
52 Import or Export Controls and Trans – Border Data Flow
53 Introduction to Privacy
54 U.S. Privacy Laws
55 U.S. Privacy Laws (contd.)
56 U.S. Guidelines for Managing Privacy
57 EU Council Directive (Law) on Data Protection
58 The U.S.-European Union Safe Harbor
59 Security Definitions
60 Information Risk Management
61 Business Scenario
62 Introduction to Risk Analysis
63 Goals of Risk Analysis
64 Risk Analysis Team
65 Steps for Risk Analysis
66 Information and Assets Valuation
67 Risk Analysis Types
68 Quantitative Risk Analysis—Steps
69 Quantitative Risk Analysis—Problem
70 Qualitative Risk Analysis
71 Delphi Technique
72 Quantitative vs.Qualitative
73 Hybrid Analysis
74 Countermeasure Selection—Problem
75 Countermeasure Selection—Other Factors
76 Handling Risk
77 Business Scenario
78 Threat Modeling
79 Need for Business Continuity Planning
80 Basic Concepts—Disruptive Events
81 Basic Concepts—Business Continuity Planning
82 Importance of Business Continuity Planning
83 Business Continuity Planning Phases
84 BCP/DRP Phase 1—Project Initiation and Scoping
85 BCP/DRP Phase 2—Business Impact Analysis (BIA)
86 BIA—Goals
87 BIA—Steps
88 BIA Steps—Business Unit Level
89 Maximum Tolerable Downtime (MTD)
90 Failure and Recovery Metrics
91 Failure and Recovery Metrics (contd.)
92 Stages of Failure and Recovery
93 BCP/DRP Phase 3—Identify Preventive Controls
94 Importance of Managing Personnel Security
95 Managing Personnel Security—Hiring Practices
96 Managing Personnel Security—Employee Termination
97 Vendor, Contractors, and Consultant Controls
98 Best Work Practices
99 Business Scenario
100 Importance of Security Awareness Training
101 Security Awareness Training: Awareness, Training, and Education
102 Implementation of Security Awareness Training Program
103 Importance of Content Updates
104 Importance of Managing Security Function
105 Best Practices—Budget and Establish Security Metrics
106 Best Practices—Resources and Develop and Implement Strategies
107 Best Practices—Completeness and Effectiveness of the Program
108 Business Scenario
109 (ISC)² Code of Ethics
110 Quiz
111 Summary
112 Conclusion -
Domain 02 - Asset Security
1 Domain 02 Asset Security
2 Objectives
3 Importance of Asset Security
4 Need for Information Classification
5 Information Classification Objectives
6 Government or Military Sector Classification
7 Commercial or Private Sector Classification
8 Information Classification Criteria
9 Data Classification Considerations
10 Role Responsible for Data Classification
11 Business Scenario
12 Data Management
13 Best Practices for Data Management
14 Data Policy
15 Data Ownership
16 Data Ownership Best Practices
17 Data Custodians
18 Data Custodians (contd.)
19 Data Quality
20 Data Quality—Aspects
21 Data Quality Assurance and Quality Control
22 Data Documentation
23 Data Documentation Practices
24 Data Standards
25 Data Control Lifecycle
26 Data Specification and Modeling
27 Database Maintenance
28 Data Audit
29 Data Storage and Archiving
30 Data Security
31 Data Access, Sharing, and Dissemination
32 Data Publishing
33 Data Handling Requirements
34 Media Resource Protection
35 Data Remanence
36 Business Scenario
37 Asset Management
38 Software Licensing
39 Equipment Lifecycle
40 Protecting Privacy
41 Ensuring Appropriate Retention
42 Data Security Controls
43 Data in Transit—Best Practices
44 Scoping and Tailoring
45 Scoping and Tailoring (contd.)
46 Standards Selection—US DoD
47 Standards Selection—International Standards
48 Standards Selection National Cyber Security Framework Manual
49 Standards Selection Center for Strategic and International Studies
50 Standards Selection Critical Security Controls
51 Standards Selection Security Content Automation Protocol
52 Framework for Improving Critical Infrastructure Cybersecurity
53 Business Scenario
54 Quiz
55 Summary
56 Conclusion -
Domain 03 - Security Engineering
1 Domain 03 Security Engineering
2 Objectives
3 Security Architecture and Design – Case Study
4 Security Engineering
5 Architecture Framework
6 Zachman Framework
7 TOGAF
8 ITIL
9 Creating a Security Architecture
10 Enterprise Security Architecture
11 Common Security Services in ESA
12 SABSA Framework
13 SABSA Matrix
14 Business Scenario
15 ISO/IEC 27001:2013 Security Standards
16 ISO/IEC 27002 Code of Practice for Information Security Management
17 Security Models
18 State Machine Model
19 Multilevel Security Models
20 Matrix-Based Model
21 Non-Interference Model
22 Information flow model
23 Examples of Security Models: Bell–LaPadula Confidentiality Model
24 Examples of Security Models: Biba Integrity Model
25 Examples of Security Models: Clark–Wilson integrity model
26 Brewer Nash, Graham Denning, and Harrison Ruzzo Ullman models
27 Business Scenario
28 Evaluation Criteria
29 CSEC
30 Information Technology Security Evaluation Criteria
31 Common Criteria
32 Common Criteria Evaluation Process
33 Common Criteria Levels
34 Payment Card Industry Data Security Standard
35 Certification and Accreditation
36 Certification and Accreditation Standards
37 SEI—CMMI
38 SEI—CMMI Levels
39 Business Scenario
40 System Security Architecture
41 Mainframes and Other Thin Client Systems
42 Middleware and Embedded Systems
43 Pervasive Computing and Mobile Computing Devices
44 System Components Processors
45 System Components Memory
46 System Components Storage
47 System Components Trusted Computing Base (TCB)
48 System Components Reference Monitor
49 System Components—Trusted Platform Module (TPM)
50 System Components Peripherals and Other Input/Output Devices
51 System Components Operating System
52 System Components Ring Model
53 System Components System Kernel
54 Distributed Systems
55 Virtualization
56 Hypervisor
57 Cloud Computing
58 Service models
59 Grid Computing
60 Peer to Peer Networking (P2P)
61 Business Scenario
62 Security Threats and Countermeasures
63 Assessing and Mitigating Vulnerabilities and Threats
64 Assessing and Mitigating Vulnerabilities and Threats (contd.)
65 Assessing and Mitigating Vulnerabilities and Threats (contd.)
66 Best Practices
67 Best Practices (contd.)
68 Best Practices Techniques and Technologies
69 Best Practices Techniques and Technologies (contd.)
70 Best Practices Techniques and Technologies (contd.)
71 Best Practices Techniques and Technologies (contd.)
72 Best Practices Techniques and Technologies (contd.)
73 Introduction to Cryptography
74 Cryptographic Lifecycle
75 Algorithm or Protocol Governance
76 Cryptography Terms
77 Strength of a Cryptosystem
78 Cryptography Methods Substitution Cipher
79 Cryptography Methods Transposition Cipher
80 Cryptography Methods Book or Running Key Cipher
81 Cryptography Methods Concealment Cipher
82 Cryptography Methods Steganography and DRM
83 Business Scenario
84 Introduction to Symmetric Cryptography
85 Symmetric Key Ciphers
86 Block Cipher
87 Stream Cipher
88 Block Cipher Designs
89 Data Encryption Standard (DES)
90 DES Algorithm
91 DES Operation Modes Electronic Code Book
92 DES Operation Modes Cipher Block Chaining
93 DES Operation Modes Cipher Feed Back
94 DES Operation Modes Output Feed Back
95 DES Operation Modes—Counter
96 Triple DES
97 Advanced Encryption Standard (AES)
98 AES Algorithm
99 AES Algorithm Key Expansion and Initial Round
100 Advanced Encryption Standard (AES) Algorithm—Rounds
101 AES Algorithm Final Round
102 Other Symmetric Systems
103 Other Symmetric Systems (contd.)
104 Business Scenario
105 Introduction to Asymmetric Cryptography
106 Introduction to Asymmetric Cryptography Diagram
107 Introduction to RSA Algorithm
108 RSA Algorithm Process
109 Other Types of Asymmetric Cryptography Elliptic Curve Cryptosystems
110 Other Types of Asymmetric Cryptography Diffie-Hellman Key Exchange
111 Public Key Cryptography
112 Symmetric vs. Asymmetric Cryptography
113 Advantages and Disadvantages
114 Introduction to Public Key Infrastructure
115 PKI Certification
116 PKI Certification (contd.)
117 PKI Steps—Part 1
118 PKI Steps—Part 2
119 One-Way Hash
120 Hashing Algorithms
121 Hashing Algorithms (contd.)
122 Salting
123 Message Authentication Code (MAC)
124 Digital Signatures
125 Key Management
126 Key Management Principles
127 Escrowed Encryption
128 Business Scenario
129 Need for Physical and Environmental Security
130 Business Scenario
131 Site and Facility Design Criteria
132 Information Protection Environment
133 Crime Prevention Through Environmental Design (CPTED)
134 Site Location
135 Construction
136 Support Facilities
137 Business Scenario
138 Secure Operational Areas
139 Business Scenario
140 Environmental Controls
141 Environmental Controls (Contd.)
142 Fire Detection and Suppression
143 Power Supply
144 Power Supply (contd.)
145 HVAC
146 Training and Awareness
147 Business Scenario
148 Quiz
149 Summary
150 Conclusion -
Domain 04 - Communications and Network Security
1 Domain 04—Communications and Network Security
2 Objectives
3 Importance of Communications and Network Security—Case Study
4 Introduction to Secure Network Architecture and Design
5 Open Systems Interconnection
6 OSI Model Layers
7 Physical Layer
8 Data Link Layer
9 Network Layer
10 Transport Layer
11 Session Layer
12 Presentation Layer
13 Application Layer
14 Transmission Control Protocol/Internet Protocol (TCP/IP) Model
15 Network Access Layer and Internet Layer
16 Host-to-Host Layer and Application Layer
17 Comparison of OSI and TCP/IP Models
18 Introduction to IP Addressing
19 IPv4 and IPv6
20 Classful IP Addressing
21 Class A
22 Class B
23 Class C
24 Class D and Class E
25 Classless Inter-Domain Routing
26 Private Networks and Loopback Address
27 Types of IP Addressing
28 Routed and Routing Protocols
29 Types of Network Protocols
30 Transmission Control Protocol (TCP)
31 User Datagram Protocol (UDP)
32 Internet Protocol
33 Address Resolution Protocol
34 Internet Control Message Protocol (ICMP)
35 Hypertext Transfer Protocol (HTTP)
36 Implications of Multi-Layer Protocols
37 Distributed Network Protocol
38 LAN/Network Technologies
39 Transmission Media
40 Twisted Pair
41 Coaxial Cable Box
42 Fiber-Optic Cable Box
43 Network Topologies
44 Media Access Technologies
45 Carrier-Sense Multiple Access with Collision Detection
46 Carrier-Sense Multiple Access with Collision Avoidance
47 Flavors of LAN transmission methods
48 List of Networking Devices
49 VLANs
50 Gateways
51 Network Access Control Devices
52 Packet-Filtering and Application-Level
53 Circuit-Level and Stateful-Inspection
54 Firewall Architectures
55 Network Security Terms
56 Business Scenario
57 Networks
58 Types of Networks
59 WAN Technologies
60 WAN Switching and Devices
61 Network Address Translation and Frame Relay
62 Multi-Protocol Label Switching and VoIP
63 Fiber Channel over Ethernet and Internet Small Computer System Interface
64 Virtualized Networks
65 Introduction to Remote Access
66 VPN using PPTP and L2TP
67 Internet Security Protocol (IPsec)
68 Internet Security Protocol (IPsec) Modes of Operation
69 IPsec Security Protocols—Authentication Header (AH)
70 IPsec Security Protocols—Encapsulating Security Payload (ESP)
71 Components of the IPsec Process
72 Components of the IPsec Process (contd.)
73 IPsec Process
74 Secure Access Protocols
75 Secure Access Protocols (contd.)
76 Secure Access Protocols (contd.)
77 Remote Access Security Methods
78 Multimedia Collaboration
79 Wireless Technologies
80 IEEE Wireless Standards and Spread-Spectrum Technologies
81 Direct Sequence Spread Spectrum and Frequency-Hopping Spread Spectrum
82 WLAN Operational Modes
83 Bluetooth
84 Bluetooth Attack
85 Blue Jacking and Blue Snarfing
86 Blue Bugging, Backdoor Attacks, and Denial of Service Attacks
87 Wireless Security
88 Business Scenario
89 Network Attacks
90 Network Attacks (contd.)
91 Network Attacks—Countermeasures
92 Quiz
93 Summary
94 Conclusion -
Domain 05 - Identity and Access Management
1 Domain 05—Identity and Access Management
2 Objectives
3 Importance of Identity and Access Management in Information Security
4 Controlling Physical and Logical Access to Assets
5 Controlling Physical and Logical Access to Assets (contd.)
6 Access Subject Object and Access controls
7 Identity and Access Management Policy
8 Identification Authentication and Authorization
9 Identity Management
10 Identity and Access Provisioning Lifecycle
11 Identity and Access Provisioning Lifecycle (contd.)
12 Guidelines for User Identification
13 Verifying Identification Information
14 Strong Authentication
15 Biometrics—Characteristics
16 Types of Biometrics
17 FRR FAR CER
18 Passwords
19 Password Types
20 Tokens
21 Token Device—Synchronous
22 Token Device—Asynchronous
23 Memory Cards and Smart Cards
24 Attacks on Smart Cards—Fault Generation and Micro-Probing
25 Access Criteria
26 Authorization Concepts
27 Identity Management Implementation
28 Password Management
29 Directory Management
30 Directory Technologies
31 Accounts Management
32 Profile Management
33 Web Access Management
34 Single Sign-On (SSO)
35 SSO Technologies
36 Kerberos
37 Kerberos Steps
38 Problems with Kerberos
39 Business Scenario
40 Access Control Types—Security Layer
41 Access Control Types—Functionality
42 Business Scenario
43 Access Control Models—DAC
44 Access Control Models—MAC
45 Access Control Models—RBAC
46 Business Scenario
47 Access Control Concepts
48 Types of Access Control Administration
49 Remote Authentication Dial-In User Service (RADIUS)
50 TACACS and TACACS+
51 DIAMETER
52 Accountability
53 Accountability (contd.)
54 Session Management
55 Registration and Proof of Identity
56 Credential Management Systems
57 Credential Management Systems—Risks and benefits
58 Federated Identity Management
59 Federated Identity Management Models
60 Federated Identity Management Models (contd.)
61 Federated Identity Management Models (contd.)
62 Identity as a Service
63 Identity as a Service—Functionality
64 Identity as a Service—Possible Issues
65 Integrate Third-Party Identity Services
66 Integrate Third-Party Identity Services (contd.)
67 Unauthorized Disclosure of Information
68 Threats to Access Control
69 Protection against Access Control Attacks
70 Access Control Best Practices
71 Access Control Best Practices (contd.)
72 Quiz
73 Summary
74 Conclusion -
Domain 06 - Security Assessment and Testing
1 Domain 06—Security Assessment and Testing
2 Objectives
3 Security Assessment and Testing—Introduction
4 Assessment and Test Strategies
5 Vulnerability Assessment
6 Penetration Testing
7 Log Management
8 Log Management—Advantages and Challenges
9 Log Management—Best Practices
10 Log Management—Operational Process
11 Logged Events
12 Synthetic Transactions
13 Reasons to Use Synthetic Transactions
14 Code Review and Testing
15 Testing Techniques
16 Security Testing in the SDLC
17 Software Product Testing Levels
18 Misuse Case Testing
19 Misuse Case Testing—Scenarios
20 Test Coverage Analysis
21 Interface Testing
22 API Testing (contd.)
23 Interface Testing (contd.)
24 GUI Testing
25 Common Software Vulnerabilities
26 Business Scenario
27 Information Security Continuous Monitoring
28 Information Security Continuous Monitoring—Strategy and Process
29 Risk Evaluation and Control—Metrics
30 Security Controls Monitoring Frequencies
31 ISCM—Benefits
32 Key Performance and Risk Indicators
33 Internal and Third Party Audits
34 Audit Frequency and Scope
35 Statement on Auditing Standards No. 70
36 Service Organization Controls
37 SOC 1 Report
38 SOC 2 Report
39 SOC 2 Reports (contd.)
40 SOC 3 Report
41 SOC 1, SOC 2, and SOC 3 Comparison
42 Audit Process—Audit Preparation Phase
43 Audit Process—Audit Phase
44 Business Scenario
45 Quiz
46 Summary
47 Conclusion -
Domain 07 - Security Operations
1 Domain 07—Security Operations
2 Objectives
3 Importance of Security Operations—Case Study
4 Introduction to Investigations
5 Investigation Challenges
6 Investigations—Primary Activities
7 Crime Scene
8 Forensic Investigation Guidelines
9 Incident Response Terminologies
10 Incident Response Goals
11 Incident Response Team
12 Incident Response Procedures
13 Incident Response Procedures (contd.)
14 Incident Response Procedures (contd.)
15 Incident Response Procedures (contd.)
16 Business Scenario
17 Evidence
18 Evidence Lifecycle
19 Chain of Evidence
20 Types of Evidence
21 Computer Forensics Procedure
22 Requirements for Investigation Types
23 Logging and Monitoring Activities
24 Intrusion Detection System
25 Intrusion Prevention System
26 Security Information and Event Management (SIEM)
27 Security Information and Event Management (SIEM)—Characteristics
28 Continuous Monitoring
29 Egress Filtering
30 Data Leak or Loss Prevention (DLP)
31 Steganography and Digital Watermarking
32 Business Scenario
33 Secure Provisioning of Resources through Configuration Management
34 Secure Provisioning of Resources through Configuration Management (contd.)
35 Introduction to Security Operations
36 Security Operations Concepts
37 Security Operations
38 Effects of Operations Controls on C.I.A.
39 Business Scenario
40 Operational Resilience
41 Threats to Operations
42 Threats to Operations (contd.)
43 Vulnerabilities
44 Controls
45 Business Scenario
46 Need for Controlling Privileged Accounts
47 Identity and Access Management
48 Types of Accounts
49 Commonly Used Roles
50 Commonly Used Roles (contd.)
51 Monitoring Special Privileges
52 Service Level Agreements (SLAs)
53 Business Scenario
54 Protect Valuable Assets
55 Protecting Physical Assets
56 Protecting Information Assets
57 Protecting Resources
58 Controls for Protecting Assets—Hardware Controls
59 Controls for Protecting Assets—Software Controls
60 Controls for Protecting Assets—Media Controls
61 Controls for Protecting Assets—Administrative Controls
62 Cloud and Virtual Storage
63 Cloud and Virtual Storage Security Issues
64 Types of Virtualized Storage
65 Hard Copy Records
66 Business Scenario
67 Incident Management
68 Security Measurements, Metrics, and Reporting
69 Managing Security Technologies
70 Incident Management—Detection Phase
71 Intrusion Detection System
72 Security Information Event Management (SIEM)
73 Anti-Malware Systems
74 Monitoring Techniques—Violation Analysis
75 Incident Management—Other Phases
76 Trusted Recovery and System Recovery
77 Problem Management
78 Operating and Maintaining Preventive Measures
79 Patch Management
80 Vulnerability Management
81 Change Management
82 Change Control Process
83 Configuration Management
84 Configuration Management (contd.)
85 Business Scenario
86 Develop a Recovery Strategy
87 Types of Recovery—Business Recovery and Facility and Supply Recovery
88 Types of Recovery—User Recovery
89 Types of Recovery—Operational Recovery
90 Recovery Partners Strategy
91 Backup Sites
92 Backup Sites (contd.)
93 Backup Sites (contd.)
94 Backup Methods
95 Importance of Maintaining Resilient Systems
96 Redundancy and Fault Tolerance
97 Redundancy and Fault Tolerance Methods
98 Redundancy and Fault Tolerance Methods (contd.)
99 Best Practices for Backup and Recovery
100 Business Scenario
101 Disaster Recovery—Planning Design and Development
102 Planning Design and Development—Step 1 and Step 2
103 Planning Design and Development—Step 3 and Step 4
104 Disaster Recovery Phases—Implementation, Testing, and Training
105 Importance of Testing
106 Types of Testing
107 Types of Testing (contd.)
108 Types of Testing (contd.)
109 Training
110 Disaster Recovery Phases—Maintenance
111 Disaster Recovery Phases—Maintenance (contd.)
112 Business Scenario
113 Perimeter Security
114 Barriers
115 Fences
116 Gates
117 Walls and Bollards
118 Perimeter Intrusion Detection
119 Business Scenario
120 Importance of Lighting
121 Types of Lighting Systems
122 Types of Lights
123 Access Control
124 Types of Access Control Systems
125 Business Scenario
126 Building and Inside Security
127 Personnel Security
128 Business Scenario
129 Quiz
130 Summary
131 Conclusion -
Domain 08 - Software Development Security
1 Domain 08 – Software Development Security
2 Objectives
3 Importance of Software Development Security
4 System Environments
5 Distributed Environment
6 Client/Server Systems and Local Environment
7 Distributed Data Processing and Agents
8 Applets
9 Programming Concepts
8.010 Complier Vs Interpreter
11 Programming and Software
12 Threats in the Software Environment
13 Threats in the Software Environment (contd.)
14 Threats in the Software Environment (contd.)
15 Threats in the Software Environment (contd.)
16 Threats in the Software Environment (contd.)
17 Threats in the Software Environment (contd.)
18 Business Scenario
19 System Life Cycle and Systems Development
20 Systems Development Life Cycle
21 SDLC—Operation and Maintenance
22 Integrated Product Team (IPT)
23 DevOps
24 Software Testing Methods
25 Software Testing Levels
26 Application Controls
27 Software Development Methods
28 Software Development Methods (contd.)
29 Software Development Methods (contd.)
30 Software Development Methods (contd.)
31 Software Development Methods (contd.)
32 Java Security
33 Secure Software Development Best Practices
34 Business Scenario
35 Object – Oriented Programming Terms
36 Object – Oriented Programming Terms (contd.)
37 Object-Oriented Programming—Definition
38 Distributed Object-Oriented Systems
39 Object Request Brokers
40 COM—Component Object Model
41 DCOM—Distributed Component Object Model
42 CORBA—Common Object Request Broker Architecture
43 Software Security and Assurance
44 Software Security and Assurance (contd.)
45 Software Security and Assurance (contd.)
46 Software Security and Assurance (contd.)
47 Software Security and Assurance (contd.)
48 Software Security and Assurance (contd.)
49 Software Security and Assurance (contd.)
50 Software Security and Assurance (contd.)
51 Software Security and Assurance (contd.)
52 Software Security and Assurance (contd.)
53 Software Security and Assurance (contd.)
54 Software Security and Assurance (contd.)
55 Software Security and Assurance (contd.)
56 Software Security : XML and Security Assertion Markup Language
57 Software Security: SOA
58 Audit and Assurance Mechanisms
59 Assessing the Effectiveness of Software Security
60 Assessing the Effectiveness of Software Security (contd.)
61 Assessing the Security Impact of Acquired Software
62 Code Repositories and Application Programming Interfaces
63 Business Scenario
64 Database and Data Warehousing Environments
65 Database Terms
66 Types of Databases
67 Types of Databases (contd.)
68 Types of Databases (contd.)
69 Types of Databases (contd.)
70 Types of Databases (contd.)
71 Database—Threats and Vulnerabilities
72 Introduction to Data Warehousing
73 Data Warehousing Concepts
74 Database Normalization
75 DBMS Controls
76 Business Scenario
77 Malwares—Types
78 Malware Protection
79 Business Scenario
80 Importance and Role of Knowledge Management
81 Knowledge-Based System/Artificial Intelligence
82 Knowledge-Based System—Expert System
83 Knowledge-Based System—Neural Network
84 Web Application Environment—Threats and Vulnerabilities
85 Web Application Environment Security
86 Web Application Environment Security (contd.)
87 Web Application Environment Security (contd.)
88 Web Application Environment Security (contd.)
89 The Ten Best Practices for Secure Software Development—(ISC)2
90 Quiz
91 Summary
92 Conclusion