Overview
-
Prepare for domain three—Security Architecture and Engineering—of the CISSP certification exam. Get study tips for topics such as device security, cryptography, and key management.
Syllabus
-
Introduction
- Security engineering
- What you need to know
- Study resources
- Secure design principles
- Security models
- Security evaluation models
- Separation of duties
- Selecting security controls
- Privacy by design
- Secure defaults
- What is the cloud?
- Cloud computing roles
- Drivers for cloud computing
- Multitenant computing
- Virtualization
- Desktop and application virtualization
- Cloud compute resources
- Containerization
- Cloud activities and the Cloud Reference Architecture
- Cloud deployment models
- Cloud service categories
- Edge and fog computing
- Memory protection
- Hardware encryption
- Hardware and firmware security
- Server and database security
- NoSQL databases
- Distributed and high performance computing
- OWASP Top 10
- SQL injection prevention
- Cross-site scripting prevention
- Cross-site request forgery prevention
- Defending against directory traversal
- Overflow attacks
- Session hijacking
- Privilege escalation
- Industrial control systems
- Internet of Things
- Securing smart devices
- Secure networking for smart devices
- Embedded systems
- Communications for embedded devices
- Understanding encryption
- Symmetric and asymmetric cryptography
- Goals of cryptography
- Codes and ciphers
- Cryptographic math
- Choosing encryption algorithms
- The perfect encryption algorithm
- The cryptographic lifecycle
- Data Encryption Standard
- 3DES
- AES, Blowfish, and Twofish
- RC4
- Cipher modes
- Steganography
- Rivest, Shamir, Adelman (RSA)
- PGP and GnuPG
- Elliptic-curve and quantum cryptography
- Key exchange
- Diffie-Hellman
- Key escrow
- Key stretching
- Hardware security modules
- Trust models
- PKI and digital certificates
- Hash functions
- Digital signatures
- Digital signature standard
- Create a digital certificate
- Revoke a digital certificate
- Certificate stapling
- Certificate authorities
- Certificate subjects
- Certificate types
- Certificate formats
- Brute force attacks
- Knowledge-based attacks
- Eavesdropping attacks
- Implementation attacks
- Limitations of encryption algorithms
- Ransomware
- Site and facility design
- Data center environmental controls
- Data center environmental protection
- Power control
- Physical access control
- Visitor management
- Physical security personnel
- Threat intelligence
- Managing threat indicators
- Intelligence sharing
- Threat research
- Identifying threats
- Automating threat intelligence
- Threat hunting
- SOAP and REST
- SOA and microservices
- Continuing your preparation
