DiscoverCISSP Central
CISSP Central
Claim Ownership

CISSP Central

Author: Krishnakumar Mahadevan

Subscribed: 8Played: 135
Share
© @mkkpro

Description

Welcome to CISSP Central, the ultimate podcast for aspiring and certified CISSP professionals! Whether you’re studying for the CISSP 2024 syllabus exam or looking to sharpen your cybersecurity skills, this podcast is your go-to resource. Each episode dives deep into the critical domains of cybersecurity, offering insights, tips, and real-world experiences from industry experts.

Join us as we explore the latest trends, challenges, and solutions in information security, helping you stay ahead in a rapidly evolving digital world. From encryption to risk management, compliance to cloud security, CISSP Central covers it all!

Perfect for CISSP candidates, InfoSec pros, and anyone passionate about safeguarding information in the modern age. Tune in, learn, and become the cybersecurity expert you were meant to be!

Note: This entire podcast has been prepared based on a published book on Amazon named C(R)ISSP: The Most Concise Handbook for CISSP 2024, written by myself, which can be purchased directly from Amazon by clicking this link.

50 Episodes
Reverse
Introduction to CISSP 2024

Introduction to CISSP 2024

2024-10-1609:44

This is just an introduction episode of CISSP Central podcast, and this entire podcast series is based on a published book named C(R)ISSP: The most concise handbook for CISSP 2024, written by myself, which can be purchased directly from Amazon.
CISSP Domain1 Section 1 and Section 2

CISSP Domain1 Section 1 and Section 2

2024-10-1614:14

1.1 Understand, adhere to, and promote professional ethics1.1.1 (ISC)2 Code of Professional Ethics1.1.2 Organizational code of ethics1.2 Understand and apply security concepts1.2.1 Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation
CISSP Domain1 Section 3

CISSP Domain1 Section 3

2024-10-1610:17

1.3 Evaluate, apply, and sustain security governance principles.1.3.1 Alignment of the security function to business strategy1.3.2 Organizational processes (e.g., acquisitions, divestitures, etc.,)1.3.3 Organizational roles and responsibilities1.3.4 Security Control Frameworks1.3.5 Due Care and Due Diligence
CISSP Domain1 Section 4

CISSP Domain1 Section 4

2024-10-1610:36

1.4 Understanding of Info Security legal and regulatory problems1.4.1 Cybercrimes and data breaches1.4.2 Licensing and intellectual property requirements1.4.3 Import/export controls1.4.4 Transborder data flow.1.4.5 Issues Related to Privacy1.4.6 Contractual, Legal, Industry Standards, & Regulatory Requirements
CISSP Domain1 Section 5, 6 and 7

CISSP Domain1 Section 5, 6 and 7

2024-10-1610:24

1.5 Understand requirements for investigation types1.6 Develop, document, & implement security policy, standards, procedures, & guidelines1.6.1 Security Policies 71.6.2 Standards, Procedures Baselines, and Guidelines1.7 Identify, analyze, and prioritize Business Continuity (BC) requirements1.7.1 Business Impact Analysis1.7.2 External Dependencies
CISSP Domain1 Section 8

CISSP Domain1 Section 8

2024-10-1612:25

1.8 Contribute to and enforce personnel security policies and procedures1.8.1 Candidate Screening and Hiring1.8.2 Employment agreements and policy driven requirements1.8.3 Onboarding, transfers, and termination processes1.8.4 Vendor, consultant, and contractor agreements and controls
CISSP Domain1 Section 9

CISSP Domain1 Section 9

2024-10-1613:23

1.9 Understand and apply risk management concepts1.9.1 Threat and Vulnerability Identification1.9.2 Risk Analysis, assessment, and scope1.9.3 Risk response and treatment1.9.4 Applicable Types of Controls1.9.5 Control Assessments1.9.6 Continuous monitoring and measurement1.9.7 Reporting (e.g., Internal, External)1.9.8 Continuous improvement (e.g., risk maturity modeling)1.9.9 Risk Frameworks
CISSP Domain1 Section 10

CISSP Domain1 Section 10

2024-10-1608:55

1.10 Understand & apply threat modelling & Methodologies1.10.1 STRIDE Model1.10.2 PASTA Model1.10.3 DREAD Model
CISSP Domain1 Section 11 and 12

CISSP Domain1 Section 11 and 12

2024-10-1610:18

1.11 Apply supply chain risk management (SCRM) concepts1.11.1 Risks associated with the acquisition of products and services from suppliers and providers1.11.2 Risk mitigations 1.12 Establish and maintain a security awareness, education, and Training program1.12.1 Methods & techniques to increase awareness and training 1.12.2 Periodic content reviews to include emerging technologies and trends1.12.3 Program effectiveness evaluation
CISSP Domain2 Intro and Section 1

CISSP Domain2 Intro and Section 1

2024-10-1613:34

2.0 DOMAIN 2: ASSET SECURITY2.1 Identify and classify information and assets2.1.1 Data Classification2.1.2 Asset Classification2.1.3 Other key concepts of Asset Security
CISSP Domain2 Section 2

CISSP Domain2 Section 2

2024-10-1610:13

2.2 Establish information and asset handling requirements2.2.1 Information and Asset Handling:2.2.2 Handling Requirements:2.2.3 Media Storage:2.2.4 Transportation:2.2.5 Transmission & Transfer:2.2.6 Media retention and destruction:
CISSP Domain2 Section 3

CISSP Domain2 Section 3

2024-10-1609:49

2.3 Provision information and assets securely2.3.1 Information and asset ownership2.3.2 Asset inventory2.3.2 Asset Management
CISSP Domain2 Section 4

CISSP Domain2 Section 4

2024-10-1612:40

2.4 Manage Data Lifecycle2.4.1 Data Roles2.4.2 Data Collection2.4.3 Data Location2.4.4 Data Maintenance2.4.5 Data Retention2.4.6 Data Remanence2.4.7 Data Destruction
CISSP Domain2 Section 5 and 6

CISSP Domain2 Section 5 and 6

2024-10-1615:53

2.5 Ensure appropriate asset retention2.6 Determine data security controls & compliance requirements2.6.1 Data States2.6.2 Scoping and Tailoring (NIST SP 800-53B)2.6.3 Standards Selection2.6.4 Data Protection methods
CISSP Domain3 Intro and Section 1

CISSP Domain3 Intro and Section 1

2024-10-1617:36

3.0 DOMAIN 3: SECURITY ARCHITECTURE AND ENGINEERING3.1 Research, implement, and manage engineering processes using secure design principles.3.1.1 Threat Modeling3.1.2 Least Privilege3.1.3 Defense in depth3.1.4 Secure Defaults3.1.5 Fail Securely3.1.6 Separation of Duties3.1.7 Keep it simple and Small3.1.8 Zero trust or trust but verify3.1.9 Privacy by design (PbD)3.1.10 Shared Responsibility3.1.11 Secure Access Service Edge
CISSP Domain3 Section 2

CISSP Domain3 Section 2

2024-10-1615:20

3.2 Understand the fundamental concepts of security models3.2.1 Security Models3.2.2 Lattice-based models3.2.3 Rule-based models3.2.4 Other models & Concepts3.2.5 Evaluation Criteria (ITSEC, TCSEC and CC)
CISSP Domain3 Section 3

CISSP Domain3 Section 3

2024-10-1610:27

3.3 Select controls based upon systems security requirementsHere we will go over the steps to take when deciding the security controls to deploy according to the needs of the system. Some of these needs were covered in Domain 1's discussion.
CISSP Domain3 Section 4

CISSP Domain3 Section 4

2024-10-1621:10

3.4 Understand security capabilities of Information Systems (IS) (e.g., memory protection,Trusted Platform Module (TPM), encryption/decryption)
CISSP Domain3 Section 5

CISSP Domain3 Section 5

2024-10-1622:37

3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements3.5.1 Client-based systems3.5.2 Server-based systems3.5.3 Database systems3.5.4 Cryptographic Systems3.5.5 Operational Technology / Industrial Control Systems (ICS)3.5.6 Cloud-based Systems3.5.7 Distributed Systems3.5.8 Internet of Things (IOT)3.5.9 Microservices3.5.10 Containerization3.5.11 Serverless Computing3.5.12 Embedded systems3.5.13 High-Performance Computing systems3.5.14 Edge Computing Systems3.5.15 Virtualized systems
CISSP Domain3 Section 6

CISSP Domain3 Section 6

2024-10-1616:04

3.6 Select and determine cryptographic solutions3.6.1 Cryptographic life cycle3.6.2 Cryptographic methods3.6.3 Public key infrastructure3.6.4 Key Management practices3.6.5 Digital Signatures and Digital Certificates
loading
Comments 
loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States