Cissp Youtube Videos

[Boots Burnside]

Aroundthe middle of January, I decided to commit to studying for the Certified Information Systems Security Professional (CISSP) exam. The CISSP was something that had sat on my list of goals for at least the last few years, and I finally made the call to dedicate the required time and effort into passing this exam. I always knew that the CISSP would be a certification I would attain at some point in my career, and various factors meant that I found myself in a position with the required time and motivation to finally knuckle down and give it a good go.

I studied almost everyday over a 6 week period, spending around 40-50 hours total before sitting my exam last Friday, March 4th. I passed after answering 100 questions, taking just under 90 minutes to complete the exam.

The first thing I realized was how much I had underestimated the sheer amount of content that is contained within the CISSP syllabus. After viewing the number of pages there are in the Official Study Guide, and struggling through the first chapter, I knew reading the entire thing was going to be an extremely difficult task for me specifically.

In the final week leading up to the exam I reviewed some summary resources to really make sure I was comfortable with everything covered across the 8 CISSP domains. I also viewed a couple of YouTube videos dedicated to the exam itself to help ensure I approached each question with an effective mindset.

This was the primary method I used to actually learn the content required for the CISSP exam. At a little over 15 hours, the videos presented by Kelly provided just the right level of depth and detail required to understand the overall concepts of the 8 domains. Kelly also delivered her content in an easy to understand way, so it never got too boring or difficult to comprehend. I took notes of everything covered in this course to assist with committing the content to memory as opposed to just passively watching the videos.

For every incorrect question, I would read the explanation and then read the relevant section of the Official Study Guide if I felt like I needed to review the content in greater depth than what the answer explanation provided.

This was probably the most useful written resource, and I highly recommend this for people who are in the last couple of weeks of exam preparation. The Memory Palace is essentially a distilled version of the Official Study Guide, and packs in as much information as it can into a single PDF document.

Very similar to The Memory Palace, I quickly reviewed this document but personally found it to be a bit more convoluted comparatively. Still a useful resource, but it largely fulfills the same purpose as The Memory Palace, which I had already gone through by the time I reviewed the Sunflower CISSP document.

Studying for the CISSP was considerably more difficult than I initially thought it would be. There was far more content across the 8 domains than I had expected, with a surprising amount of technical detail contained in some of the domains. I had to study much harder, and for longer than I had anticipated, which made passing the exam feel like a real achievement. Although I did this over a relatively short 6 week period, I put in a significant amount of time and effort in order to accomplish this goal which is always a satisfying feeling.

I am currently using the Udemy course from Thor Pedersen to study for the CISSP certification. Udemy often has sales so the courses can be picked up at a discount. I used his training videos to prepare for the CISM exam so I can confirm they will give you all the guidance and knowledge you will need in preparation for the exam.

For those new to this series, 3 Tree Tech CTO, Eric Skeens has decided to document every step of the journey to better shed light for IT nerds and executives. For those wondering how to get your CISSP, check out Part 1.

So the main fundamentals around security, availability, integrity, confidentiality. And then how do you balance security within the whole framework of technology itself? And then you have the security frameworks, the complexities of cyber crime, threat modeling. And these are just to name a few, business continuity, the best practices around hiring people into your organization.

And we will continue to provide solutions that simplify the complex within technology. And thank you again. Subscribe and like to this video. We have other videos within our YouTube page, as well as you can go to our website and find some of those videos as well, and some of the content and the articles that we write. Appreciate it. Thank you very much. Have a great week.

Eric Skeens is the co-founder of 3 Tree Tech in Portland. He is a platform-agnostic tech researcher that transitions siloed organizations into automated DevOps centric businesses. Message him right here.

Overview

CISSP Complete Video Course is an engaging self-paced video training solution that provides learners with 24 hours of personal, visual instruction from an expert trainer who has more than a decade of practical teaching experience. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of the new April 2015 revised CBK and CISSP exam as well as a deeper understanding of security, allowing you to master the key foundational principles for securing a network and managing risk.

Description

CISSP Complete Video Course contains 24 hours of training with content divided into 9 lessons with 94 video sub-lessons. The videos consist of live trainer discussions, screencasts, animations, and live demos. The video lessons in this course review each exam objective so you can use this course as a complete study tool for taking the CISSP exam. Instruction throughout offers detailed explanations, demos, tips, and more.

Who Should Take This Course

Primary audience: CISSP certification candidates

Secondary audience: Anyone in an information security role looking to gain a practical understanding of computer security, including administrators, technicians, and network engineers who are responsible for securing IT infrastructure; personnel in management or sales roles who deal with information security topics; or government workers and contractors looking to work in security.

Lesson 1

CISSP candidates must have a have a thorough understanding of cybersecurity fundamentals, the relationship between information security and business objectives, and the importance of risk management. Lesson 1, Security and Risk Management is divided into two parts. Part 1 explores a broad spectrum of security and privacy concepts, governance principles, global legal and regulatory environments, personnel security requirements, and third-party due diligence and oversight. Part 2 explores an array of risk management topics including threat modeling, quantitative and qualitative risk assessment methodologies, selecting controls and countermeasures, and business continuity.

Lesson 2

CISSP candidates are expected to be well versed in information asset ownership, classification, management and protection. Lesson 2, Asset Security focuses on the classifying, managing and securing information assets and supporting infrastructure throughout its lifecycle with an emphasis on privacy protection.

Lesson 3

CISSP candidates are required to understand conceptual security engineering models, information technology design components, vulnerability mitigation techniques, cryptographic systems and physical security concepts. The Security Engineering domain is the second largest in terms of number of covered topics. Lesson 3, Security Engineering is divided into two parts. Part 1 focuses on design principles and models, systems architecture, and assessing and mitigating vulnerabilities. Part 2 concentrates on cryptographic systems, techniques, and protocols including encryption, hashing, digital signature and the Public Key Infrastructure. Also included in Part 2 is secure site and facility design principles and practical application.

Lesson 4

CISSP candidates are expected to demonstrate a thorough understanding of networking topologies, protocols, convergence, and network attack vectors necessary to design and implement secure communication channels. Lesson 4, Communication and Network Security addresses OSI and TCP/IP models, IP convergence and extensibility, multimedia security, virtual private networks, end point protection and network attack method. The lesson concludes with examining a unified attack prevention and mitigation approach.

Lesson 5

CISSP candidates will be tested on authentication, authorization and access control systems, design and management. Lesson 5, Identity and Access Management begins with a review of access control fundamentals. Subsequent topics include local and cloud-based identity management, authentication factors and processes, access control models, access and authorization criteria, techniques and technologies, user lifecycle provisioning, and access control attack mitigation.

Lesson 6

CISSP candidates must be able to successfully design and manage internal and third-party security assessment and testing as well as analyze and report on test output. Lesson 5, Security Assessment and Testing explores testing and examination objectives, techniques, targets, results and recommendations. The lesson also incorporates three complementary topics -information security continuous monitoring (ICSM), audit fundamentals and regulatory examinations.

Lesson 7

CISSP candidates will be tested on the practical application of information security concepts, best practices, and industry standards related to the security operations of enterprise computing systems. According to the Candidate Information Bulleting, the Security Operations domain is the largest in terms of individual topics on the CISSP examination. Lesson 7, Security Operations is divided into two parts. Part 1 focuses on the daily and ongoing operational tasks of custodians and security operations personnel including managing privileged accounts, managing border controls, conducting monitoring, logging and DLP activities, implementing and supporting vulnerability, patch, malware and media management, and participating in the configuration management process. Part 2, focuses on incident management and business continuity including resiliency, fault tolerance, disaster recovery planning and plan maintenance, incident preparation, detection and response, forensic investigation, and business continuity strategies.

3a8082e126