Oreilly - CISSP Video Course Domain 9 – Application Security
by Shon L. Harris | Publisher: Pearson IT Certification | Release Date: May 2009 | ISBN: 9780789741790
The fast, powerful way to prepare for your CISSP exam!30+ hours of personal video training from leading security expert Shon HarrisAchieving the (ISC)2's globally recognized CISSP can give your IT career a lift. In this DVD, the world's #1 CISSP trainer brings her legendary five-day boot camp to your computer screen. Packed with over 30 hours of instruction adapted from Shon's classes, this video course includes realistic labs, scenarios, case studies, and animations designed to build and test your knowledge in real-word settings. Preparing for the CISSP has never been this easy or convenient.Master the skills and concepts you need for all ten CISSP common body of knowledge domains:Access ControlApplication SecurityBusiness Continuity and Disaster Recovery PlanningCryptographyInformation Security and Risk ManagementLegal, Regulations, Compliance, and InvestigationsOperations SecurityPhysical (Environmental) SecuritySecurity Architecture and DesignTelecommunications and Network SecuritySystem RequirementsOPERATING SYSTEM: Windows 2000, XP, or Vista; Mac OS X 10.4 (Tiger) or later MULTIMEDIA: DVD drive; 1024 x 768 or higher display; sound card with speakers COMPUTER: 500MHz or higher CPU; 128MB RAM or more
- Course Introduction 00:07:24
- Domain 9 – Application Security 00:01:24
- How Did We Get Here? 00:00:50
- Why Are We Not Improving at a Higher Rate? 00:01:54
- Usual Trend of Dealing with Security 00:02:17
- Software Development Tools 00:02:48
- Security Issues 00:01:12
- Language Types 00:04:06
- Turn Into Machine Code 00:01:16
- New and Old 00:00:55
- Object-Oriented Programming 00:01:07
- Classes and Objects 00:02:29
- Functions and Messages 00:01:45
- Object-Oriented Programming Characteristic 00:01:12
- Polymorphism 00:02:29
- Module Characteristics 00:00:56
- Low Cohesion 00:01:06
- Coupling 00:00:48
- Agenda 2 00:01:21
- Distributed Computing 00:00:56
- Distributed Computing – ORBs 00:00:50
- Common Object Request Broker Architecture 00:00:41
- COM Architecture 00:01:38
- Enterprise Java Beans 00:00:51
- J2EE Platform Example 00:01:32
- Linking Through COM 00:02:03
- Mobile Code with Active Content 00:03:14
- Java and Applets 00:02:59
- Database Systems 00:01:37
- Database Model 00:03:23
- Object-Oriented Database 00:01:00
- Benefits of OO Database Model 00:01:41
- Database Models – Relational Components 00:04:46
- Database Integrity 00:01:24
- Different Modeling Approaches 00:01:16
- Database Access Methods 00:06:18
- Database Connectivity 00:01:57
- Database Security Mechanisms 00:02:12
- Rollback Control 00:01:11
- Checkpoint Control 00:00:46
- Checkpoint Protection 00:01:12
- Lock Controls 00:00:48
- Deadlock Example 00:01:34
- Two-Phase Commit 00:00:42
- Lock Controls Help to Provide ACID 00:03:03
- Inference Attack 00:01:09
- Database View Control 00:00:56
- Common Components 00:00:41
- Data Warehousing 00:03:08
- Using a Data Warehouse 00:01:21
- Metadata 00:00:11
- Database Component 00:01:30
- Data Mart 00:02:23
- Potential Malicious Traffic Tunneling Through Port 80 00:01:46
- OLTP 00:02:44
- Knowledge Management 00:00:43
- Knowledge Components 00:00:43
- HR Example 00:00:57
- Knowledge Discovery In Databases 00:01:30
- Expert Systems 00:04:15
- Software Development Models 00:03:49
- Project Development – Phases I through V 00:01:01
- Project Development – Phases VI and VII 00:01:06
- Testing Types 00:01:58
- Data Contamination Controls 00:01:02
- Best Practices for Testing 00:01:18
- Test for Specific Threats 00:01:31
- Verification versus Validation 00:01:01
- Evaluating the Resulting Product 00:01:09
- Controlling How Changes Take Place 00:02:58
- Administrative Controls 00:02:38
- Common Information Flow 00:02:42
- Tier Approach and Communication Components 00:01:00
- Tiered Network Architectures 00:00:58
- Sensitive Data Availability 00:05:09
- Cookies 00:04:24
- Find Out Where You Have Been 00:00:57
- Pulling Data 00:01:46
- Provide the Hackers with Tools 00:02:09
- Common Web Server Flaws 00:01:08
- Improper Data Validation 00:01:59
- Uniform Resource Locator (URL) 00:02:00
- Directory Traversal 00:01:04
- Buffer Overflow 00:00:57
- Cross-Site Scripting Attack 00:01:51
- Common SQL Injection Attack 00:01:30
- Attacking Mis-configurations 00:01:12
- CGI Information 00:03:19
- Authentication 00:00:52
- Protecting Traffic 00:06:40
- Rolling 'em Out 00:04:30
- Virus 00:04:46
- More Malware 00:01:48
- Trojans 00:02:39
- A Back Orifice Attack! 00:00:59
- NetBus and Hoaxes 00:01:35
- Malware Protection Types 00:01:02
- Signature Scanning 00:00:58
- Monitoring Activities 00:00:56
- Monitoring for Changes 00:01:21
- More Bad Stuff 00:02:01
- Disclosing Data In an Unauthorized Manner 00:01:32
- Covert Timing Channel 00:01:03
- Circumventing Access Controls 00:01:17
- Attacks 00:01:29
- Attack Type – Race Condition 00:05:43
- How a Buffer Overflow Works 00:01:39
- Watching Network Traffic 00:01:23
- Traffic Analysis 00:01:07
- Functionally Two Different Types of Rootkits 00:01:19
- Examples of Trojaned Files 00:00:48
- Domain 9 Review 00:03:56
TO MAC USERS: If RAR password doesn't work, use this archive program:
RAR Expander 0.8.5 Beta 4 and extract password protected files without error.
TO WIN USERS: If RAR password doesn't work, use this archive program:
Latest Winrar and extract password protected files without error.