CiSSP

CiSSP MindMap https://csisc.uk/

Get Started. It's Free
or sign up with your email address
CiSSP by Mind Map: CiSSP

1. Physical (Environmental) Security

1.1. Introduction

1.2. CISSP Expectations

1.3. Innovation and Leadership

1.4. Site and Facility Design Criteria

1.5. Location Threats

1.6. Perimeter Security

1.7. Gates and Fences

1.8. Perimeter Intrusion Detection

1.9. Lighting

1.10. Access Control

1.11. Closed Circuit TV

1.12. Guards

1.13. Design Requirements

1.14. Building and Inside Security

1.15. Interior Intrusion Detection Systems

1.16. Escort and Visitor Control

1.17. Secure Operational Areas

1.18. Environmental Controls

2. Telecommunication & Network Security

2.1. Introduction

2.2. CISSP Expectations

2.3. Layer 1: Physical Layer

2.4. Layer 2: Data-Link Layer

2.5. Layer 3: Network Layer

2.6. Layer 4: Transport Layer

2.7. Layer 5: Session Layer

2.8. Layer 6: Presentation Layer

2.9. Layer 7: Application Layer

3. Software Development Security

3.1. Domain Description and Introduction

3.2. Applications Development and Programming Concepts and Protection

3.3. Audit and Assurance Mechanisms

3.4. Malicious Software (Malware)

3.5. The Database and Data Warehousing Environment

3.6. Web Application Environment

4. Business Continuity & Disaster Recovery Planning

4.1. Project Initiation and Management

4.2. Senior Leadership Support

4.3. Hidden Benefits of the Planning Process

4.4. Defining the Scope of the Planning Effort

4.5. Company Policy or Standard

4.6. Legal and Regulatory Requirements

4.7. The Ten Professional Practice Areas

4.8. Regulations for Financial Institutions

4.9. Legal Standards

4.10. Resource Requirements

4.11. Understanding the Organization

4.12. Business Impact Analysis

4.13. Selecting a Recovery Strategy

4.14. Documenting the Plan

4.15. Managing Recovery Communications

4.16. Testing the Plan

4.17. Training and Awareness Programs

4.18. Update and Maintenance of the Plan

4.19. Transitioning from Project to Program

4.20. Roles and Responsibilities

5. Cryptography

5.1. Introduction

5.2. Concepts and Defi nitions

5.3. Encryption Systems

5.4. Message Integrity Controls

5.5. Digital Signatures

5.6. Encryption Management

5.7. Cryptanalysis and Attacks

5.8. Statistical Analysis

5.9. Encryption Usage

6. Security Architecture & Design

6.1. Introduction

6.2. CISSP Expectations

6.3. The Basics of Secure Design

6.4. Enterprise Security Architecture

6.5. System Security Architecture

7. Security Operations

7.1. Introduction

7.2. CISSP Expectations

7.3. Key Themes

7.4. Maintaining Operational Resilience

7.5. Protecting Valuable Assets

7.6. Controlling Privileged Accounts

7.7. Managing Security Services Effectively

8. Information Security Governance & Risk Management

8.1. Introduction

8.2. The Business Case for Information Security Management

8.3. Information Security Management Governance

8.4. Organizational Behavior

8.5. Security Awareness, Training, and Education

8.6. Risk Management

8.7. Ethics

9. Legal Regulation Investigations and Compliance

9.1. Introduction

9.2. Major Legal Systems

9.3. Information Technology Laws and Regulations

9.4. Incident Response

10. Access Control

10.1. Introduction

10.2. Access Control Concepts

10.3. Access Control Principles

10.4. Information Classifi cation

10.5. Access Control Requirements

10.6. Access Control Categories

10.7. Access Control Types

10.8. Access Control Strategies

10.9. Identity Management

10.10. Access Control Technologies

10.11. Data Access Controls

10.12. Intrusion Detection and Intrusion Prevention Systems

10.13. Threats

11. https://www.csisc.uk/