Review of the major Vulnerabilities in Systems topics to guide your studies, and help you pass the CISSP exam.

This MindMap review covers:
00:00 Introduction
00:35 Vulnerabilities in Systems
01:07 Single Point of Failure
01:33 Redundancy
01:48 Bypass Controls
02:21 Mitigating Controls
02:57 TOCTOU (Race Conditions)
03:28 Increase frequency of Re-authentication
03:53 Emanations
04:13 Shielding (TEMPEST)
04:34 White Noise
04:48 Control Zones
05:04 Covert Channels
05:20 Analysis & Design
05:36 Aggregation & Inference
05:55 Polyinstantiation
06:21 Mobile Devices
06:42 Policy, training & procedures
07:03 Remote access security
07:16 Endpoint Security
07:28 OWASP Mobile Top 10
07:43 M1: Improper Platform Usage
07:58 M2: Insecure Data Storage
08:24 M3: Insecure Communication
08:43 M4: Insecure Authentication
09:03 M5: Insufficient Cryptography
09:17 M6: Insecure Authorization
09:48 M7: Client Code Quality
10:10 M8: Code Tampering
10:26 M9: Reverse Engineering
10:47 M10: Extraneous Functionality
11:11 Web-based Vulnerabilities
11:26 Cross Site Scripting (XSS)
11:49 Stored (Persistent)
12:45 Reflected (Most common)
13:31 DOM
13:41 Target of Attack: Client
13:53 Cross Site Request Forgery (CSRF)
14:18 Target of Attack: Server
14:28 SQL Injection
15:32 Input Validation
16:08 Client Side vs. Server Side
16:36 Allow Lists vs. Deny Lists
17:36 Outro


For a full list of all the MindMaps and to download them in PDF and Audio format, visit: https://destcert.com/cissp-mindmaps/

Join our r/DestCert subreddit for valuable CISSP resources, training advice, support, and to connect with other CISSP professionals!