Review of the major Vulnerabilities in Systems concepts and terms, and how they interrelate, to help you review, guide your studies, and help you pass the CISSP exam.
This MindMap review covers:
0:00 Introduction
0:31 Vulnerabilities in Systems
1:08 Single Point of Failure
1:38 Redundancy
1:56 Bypass Controls
2:28 Mitigating Controls
3:07 TOCTOU (Race Conditions)
4:03 Emanations
4:22 Shielding (TEMPEST)
4:46 White Noise
5:00 Control Zones
5:19 Covert Channels and its Types
5:33 Analysis and Design of Covert Channels
5:52 Aggregation & Interference
6:12 Polyinstantiation
6:39 Mobile Devices
7:01 Policy, Training and Procedures
722 Remote Access Security
7:35 End-point Security
7:46 OWASP Mobile Top Ten
8:05 Improper Platform Usage
8:22 Insecure Data Storage
8:49 Insecure Communication
9:08 Insecure Authentication
9:30 Insufficient Cryptography
9:46 Insecure Authorization
10:20 Client Code Quality
10:45 Code Tampering
11:03 Reverse Engineering
11:27 Extraneous Functionality
11:54 Web-based Vulnerabilities
12:10 Cross-Site Scripting (XSS)
12:34 Stored Cross-Site Scripting
13:31 Reflected Cross-Site Scripting
14:27 Document Object Model (DOM)
14:53 Cross-Site Request Forgery (CSRF)
15:28 SQL Injection
16:10 SQL Injection Example
16:35 Prevention of SQL Injection
17:14 Outro
Other MindMaps:
Domain 1
Security & Risk Management: https://youtu.be/geGALIfOxtI
Domain 2
Asset Classification: https://youtu.be/aN9zkmzYTmQ
Privacy: https://youtu.be/lrI4QIa8S2I
Domain 3
Models and Frameworks: https://youtu.be/qZB6_lp9M30
Evaluation Criteria: https://youtu.be/WqHmDL7YAvw
Trusted Computing Base: https://youtu.be/fwU7n_3h058
Vulnerabilities in Systems: https://youtu.be/fPUypU7ysMw
Cloud: https://youtu.be/-rWQ7YuxiLY
Cryptography: https://youtu.be/LLRaa0kOMDM
Digital Certificates, Digital Signatures & PKI: https://youtu.be/8XKdFSG3ua4
Cryptanalysis: https://youtu.be/pnITDgs63M4
Physical Security: https://youtu.be/7ESQwNJ9HXU
Domain 5
Access Control Overview: https://youtu.be/BUcoABZzeQ4
Single Sing-on & Federated Access: https://youtu.be/_U4QMIxVk8M
Domain 6
Security Assessment and Testing Overview: https://youtu.be/eDVZvw5NziA
Vulnerability Assessment and Penetration Testing: https://youtu.be/vZ0S8GdWiIk
Logging & Monitoring: https://youtu.be/cwcARccyWyY
Domain 7
Investigations: https://youtu.be/Urev5cZgny8
Incident Response: https://youtu.be/PwxFwndQ7Jk
Malware: https://youtu.be/SVbrRozyIpo
Patching & Change Management: https://youtu.be/xX4U6Lz82Bk
Recovery Strategies: https://youtu.be/DrrfrJBnx28
Business Continuity Management (BCM): https://youtu.be/oAjNL3I_3-E
Domain 8
Secure Software Development: https://youtu.be/fS5WWjuyFmQ
Databases: https://youtu.be/-70DBd6cNDw
CISSP Master Instructor, John Berti: https://www.linkedin.com/in/jberti/
Visuals, narration and CISSP Master Instructor, Rob Witcher: https://www.linkedin.com/in/robwitcher/
Video editing by Nick: [email protected]
#CISSPDomain3Review #robwitcher