CISSP EXAM CRAM - DOMAIN 7 Security Operations (RETIRED! NEW VERSION IN DESCRIPTION)
ฝัง
- เผยแพร่เมื่อ 3 ก.ค. 2024
- MARCH 17, 2022 - An updated video course is available for CISSP Exam Cram covering all 8 domains of the exam, updated in 2022. Links to full version and updated Domain 7 content in that video below.
CISSP Exam Cram Full Course (All 8 Domains) - 2022 EDITION!
• CISSP Exam Cram Full C...
05:44:56 DOMAIN 7 - Security Operations
• CISSP Exam Cram Full C...
------
This video is the seventh lesson in an 8-lesson CISSP Exam Cram series, intended to help you prepare for the exam more quickly. This video covers "DOMAIN 7: Security Operations"
ISC2 Official 2021 CISSP Study Guide and Practice Tests Bundle
amzn.to/3yoWXpO
CISSP 2021 Official Study Guide
amzn.to/3nQEOgt
CISSP 2021 Official Practice Tests
amzn.to/3toaGdp
FREE CISSP 50-questions practice quiz
insidethemicrosoftcloud.com/c...
DOMAIN 7 pdf presentation download
1drv.ms/b/s!AmhtzcmYt5AViLA0N...
SIMON (AI-powered chatbot)
lumagate.us/simon/
Some of our video description contain affiliate links, which means we may receive a small commission on a purchase without additional cost to you, if you buy something. - วิทยาศาสตร์และเทคโนโลยี
Very good presentation. I will be watching the all 8 domains to prepare the CISSP exam. Thanks
You are most welcomed. Good luck on the exam!
I watched these and passed my CISSP first time. These have great content and will arm you with tips to remember on test day
Congratulations! 🏆🎉👍
3:56 Preventive measures for misuse of access, fraud & collusion/
Limiting the scope of incidents & extent of damage
Need to know, principle of least privilege, spearation of duties, job rotation, mandatory vacations, monitoring privileged operations (as a detective measure)
7:40 Information Lifecycle - creation, classification, storage, usage, archive, destruction
10:10 SLA
10:50 Secure Provisioning - for PCs, Virtual Machines, application that runs in a docker
12:04 Hypervisor
12:43 Security in cloud-based assets - CASB in shadow IT 14:11 CSP
14:31 Shared Responsibility Model - Hypervisor in VMs (On premises), IaaS, PaaS, SaaS
15:58 Configuration & Change Management - Baselining eg imaging for configuration mgt, versioning for change mgt
18:45 Patch management or Update Management avoids certain attacks like SQL slamming (hammering)
20:20 Patch Management Life Cycle
21:19 Vulnerability Management/scans & assessments
24:11 DoS attacks - SYN Flood, smurf, ping-of-death, botnets
27:36 Honeypot - pseudo flaws & fake data, padded cell- hardened honeypot
29:07 Defence in depth
32:49 Three varieties of penetration testing
34:10 HIDS vs NIDS
36:15 Espionage & Sabotage
39:51 Monitoring - activity 40:12 negative activity
43:25 Sampling vs Statistical Sampling vs Clipping
45:30 Security audits & reviews prevent violations employing 'least-privilege' & 'need-to-know' principles, performed in the following programs & areas of:
55:31 eDiscovery includes
56:59 Gathering info & preserving evidence requires possession, without modification
58:40 Acquiring evidence - Voluntary Surrender, subpoena, search warrant
1:00:34 Evidence
1:02:50 Evidence admissibility - types - requirements
1:04:27 Collecting evidence
1:05:18 Natural Disasters 1:05:55 Man-made disasters
1:06:13 Disaster Recovery : Recovery Sites - Cold, warm, hot
1:07:54 Other sites - service bureau, mobile site, multiple sites
1:08:51 RPO & RTO
1:09:29 Mutual Assistance Agreements (MAA)
1:10:49 BCP
1:11:34 BCP Definitions - COOP, DRP, BRP, MTBF, MTTR, MTD
1:12:56 Goals of DP & BCP
1:14:04 5 types of Disaster Recovery Tests
1:16:42 Recovery Team vs Salvage Team
1:17:09 Backup Strategies - Electronic Vaulting, Remote Journaling, Remote Mirroring
1:17:54 Categories of Disruption - non-disaster, disaster, catastrophe
Wish me luck, got my exam next week; only used your presentations + my own actual experience for preparation in the past month. Will let y'all know what I did :)
No official exam prep guide or practice exams? That's bold! 😮 Good luck! I hope it goes well!🤞
So...how'd it go?!
@@PavanPatel23 Cant have gone well then lol
Good presentation - I enjoyed it and will be watching all 8 Domains
Awesome, thank you!
Amazing. Thank you very much 🙏🏽
Thank you Christian! Good luck on the exam! 🍀🤞
At first i was thinking the teacher was the beautiful woman in the thumbnail but it was totally wrong and i felt like i had gotten scammed so i was about to tap the dislike button but the content was literally informative and thanks to this video i have passed CISSP so now i tapped like button. Thank you! from Japan :)
Simply a stock photo early my TH-cam career. Glad you didn't overthink it. If you look at the original playlist, you will see stock photos and a wide variety of businesspeople. Focus is high quality, effective exam prep content. th-cam.com/play/PL7XJSuT7Dq_XPK_qmYMqfiBjbtHJRWigD.html&si=LlDiB5MnDHPjlu9C And to you, CONGRATULATIONS! 🏆🎉🌟
Just a small point re responsibility model - even when buying SaaS services, the buyer retains some responsibilities. E.g. access to the application (access request and approval), termination process, access rights revalidation process..
Yes Gigi, they are responsible for feature configuration and operation in the context we're talking about here. For the AZ-900 exam, you can rely on the visual, as it represents the Microsoft model they have presented consistently. As one example, you will see slightly different charts from training at IBM, but that's a different company and exam. Best of luck on the exam! 😊
so good session boss...thanks
Glad you like it! Ping me if questions as you prepare. 👍
Hi, thanks much for your videos and PDFs.
I’m scheduled for beginning of May. I know the domain weights change slightly but do you think there is anything I should focus on that may be ‘new’? Thanks in advance.
The existing material for CISSP is still valid. There are a handful of new topics and some existing topics that will see greater focus on the new exam. I should have a supplemental video out next week for my series that covers some of the anticipated 2021 editions.
I am waiting for the new book to come out because of the new version of the test. Have you had any teacher copy for review? if yes, does it look that much more different?
Are you going to do the CISM test reviews like you did these ones?
I have not reviewed the new book. I reviewed topic changes mentioned in the ISC2 updated exam outline and covered those in the "what's new in 2021" video (at th-cam.com/video/Ga0AGx83ioo/w-d-xo.html) and others.
Just started studying last week. I am currently a programmer and wondering if I can take CISSP if I study hard and take it in about 3 months. Is it feasible?
Possible? Yes. Easy? No. However, if you watch my series, get the official CISSP study guide, and use the practice questions and flashcards it is absolutely possible. There is still the matter of 5 years experience required. Without that, you can only achieve Associate status.
2K views and yet I'm the first to LIKE this video?
I can't believe it! 🤣
Sorry Andy, seems the likes are hidden for some reason! Just fixed that! Good catch!
1 domain left :)
Yes!!! 👍🎉 Taking any practice exams yet?
I have one week to do my exam. What do you suggest I refresh with?
I would suggest getting into the free online practice exams from the official exam prep bundle, to identify your weak areas. Then I would use the elecrontic flashcards to perform memorization drills, revisiting topics I do not understand from those two exercises in the official study guide. Finally, I would watch my "think like a manager" video if you have not already. th-cam.com/video/vfC9OLsCqgk/w-d-xo.html
One trick I used for due care and due diligence. “We care enough to do something.” = due care
“We’re diligent enough to double check” = due diligence
That's another good one. I have a short clip you need to watch on due care and due diligence "The CISSP Mindset" video starting here - th-cam.com/video/vfC9OLsCqgk/w-d-xo.html
You sort of talk about MDM could you suggest three or four you like?
Intune (now MS Endpoint Manager) and AirWatch two of the best in the space in my opinion. Muraki (Cisco), and Mobile Iron other options I see fairly often. Assuming this is for your edification only? (the exam won't get vendor specific)
@@InsideCloudAndSecurity yes sir just looking into them to get a better understanding. My test was pushed back due to COVID restrictions and trying to stay engaged for three more weeks