Description

Prepare for domain three—Security Architecture and Engineering—of the CISSP certification exam. Get study tips for topics such as device security, cryptography, and key management.

Tags

Syllabus

Syllabus IntroductionSecurity engineeringWhat you need to knowStudy resources1. Secure DesignSecure design principlesSecurity modelsSecurity evaluation modelsSeparation of dutiesSelecting security controlsPrivacy by designSecure defaults2. Virtualization and Cloud ComputingWhat is the cloud?Cloud computing rolesDrivers for cloud computingMultitenant computingVirtualizationDesktop and application virtualizationCloud compute resourcesContainerizationCloud activities and the Cloud Reference ArchitectureCloud deployment modelsCloud service categoriesEdge and fog computing3. Hardware SecurityMemory protectionHardware encryptionHardware and firmware security4. Server Security IssuesServer and database securityNoSQL databasesDistributed and high performance computing5. Web Security IssuesOWASP Top 10SQL injection preventionCross-site scripting preventionCross-site request forgery preventionDefending against directory traversalOverflow attacksSession hijackingPrivilege escalation6. Embedded Systems SecurityIndustrial control systemsInternet of ThingsSecuring smart devicesSecure networking for smart devicesEmbedded systemsCommunications for embedded devices7. EncryptionUnderstanding encryptionSymmetric and asymmetric cryptographyGoals of cryptographyCodes and ciphersCryptographic mathChoosing encryption algorithmsThe perfect encryption algorithmThe cryptographic lifecycle8. Symmetric CryptographyData Encryption Standard3DESAES, Blowfish, and TwofishRC4Cipher modesSteganography9. Asymmetric CryptographyRivest, Shamir, Adelman (RSA)PGP and GnuPGElliptic-curve and quantum cryptography10. Key ManagementKey exchangeDiffie-HellmanKey escrowKey stretchingHardware security modules11. Public Key InfrastructureTrust modelsPKI and digital certificatesHash functionsDigital signaturesDigital signature standardCreate a digital certificateRevoke a digital certificateCertificate staplingCertificate authoritiesCertificate subjectsCertificate typesCertificate formats12. Cryptanalytic AttacksBrute force attacksKnowledge-based attacksEavesdropping attacksImplementation attacksLimitations of encryption algorithmsRansomware13. Physical SecuritySite and facility designData center environmental controlsData center environmental protectionPower controlPhysical access controlVisitor managementPhysical security personnel14. Threat ModelingThreat intelligenceManaging threat indicatorsIntelligence sharingThreat researchIdentifying threatsAutomating threat intelligenceThreat hunting15. Software Security ArchitectureSOAP and RESTSOA and microservicesConclusionContinuing your preparation Read more