by David R. Miller | Publisher: Infinite Skills | Release Date: April 2016 | ISBN: 9781491958926

In this video, security expert David R. Miller prepares you to correctly complete the security assessment and testing portion of the Certified Information Systems Security Professional (CISSP) exam. The course focuses on three key areas - security control testing strategies, the collection of security process data, and the security auditing process – and moves you through an extensive array of information security topics ranging from technical encryption controls to incident response programs, disaster recovery, and more. Gain the knowledge required to pass Domain 6 of the 2015 CISSP certification exam Learn to assemble and maintain a comprehensive security structure suitable for any organization Review the core principles of security control implementation, maintenance and verification Master information asset protection using administrative, technical, and physical controls Absorb the best methods for creating an effective security incident response program Understand how the legal concepts of due diligence and due care relate to information security Learn to protect the CIA (confidentiality, integrity and availability) of information assetsDavid R. Miller (CISSP, PCI QSA, CEH) is President of the MicroLink Corporation, a provider of information systems security, compliance, and training services. He's lectured on information security at the U.S. Military Academy at West Point, the U.S. Army Advanced Battle Command, Cisco Systems Inc., Oracle Corporation, Symantec Corporation, and many others. He is the author (or co-author) of ten books on network systems and information security.

1. Security Assessment And Testing
   • CISSP 2018 Domain 6 Update: Security Assessment and Testing 00:03:26
   • Introduction 00:10:57
2. Security Control Testing Strategies
   • Security Control Testing Strategies Overview 00:10:29
   • The Security Assessment 00:06:04
   • Vulnerability Testing - Part 1 00:08:24
   • Vulnerability Testing - Part 2 00:07:53
   • Vulnerability Testing - Part 3 00:11:03
   • Penetration Testing 00:10:23
   • Passive Reconnaissance 00:10:28
   • Active Reconnaissance 00:07:39
   • Exploit And Entrench 00:10:09
   • Covering Tracks. Pillage. Pivot. Post Test 00:11:20
   • Social Engineering - Part 1 00:08:00
   • Social Engineering - Part 2 00:09:17
   • Secure Code Review 00:07:25
   • Application Testing 00:09:12
   • Testing Users. Internal. External 00:08:31
3. Collecting Security Process Data
   • Collecting Security Process Data 00:10:42
4. Auditing
   • Auditing 00:08:44
5. Wrap Up
   • Conclusion 00:07:33