CCT 261: CISSP Rapid Review Exam Prep - Domain 1 - Part II

CISSP Cyber Training Podcast - CISSP Training Program

المحتوى المقدم من Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.

2M ago 46:14

MP3•منزل الحلقة

Send us a text

Check us out at: https://www.cisspcybertraining.com/

Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout

Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv

Microsoft recently released 137 security patches, with 14 critical vulnerabilities that could allow attackers to seize control of Windows systems with minimal user interaction. Among these, the Windows authentication negotiation flaw rated at 9.8 severity poses a significant threat to all current Windows versions. For security professionals, this underscores the crucial importance of effective patch management strategies—balancing timely updates against thorough testing procedures.
When approaching CISSP certification, understanding different investigation types provides essential context for security operations. Administrative investigations address potential policy violations and inappropriate resource usage, while criminal investigations gather evidence when laws are broken. Civil investigations resolve disputes between parties, regulatory investigations examine compliance with industry mandates, and standards investigations assess adherence to best practices like ISO 27001. Each investigation type requires distinct approaches and yields different outcomes, from disciplinary actions to legal proceedings.
The security documentation hierarchy—policies stating high-level objectives, standards specifying mandatory requirements, procedures providing step-by-step instructions, and guidelines offering flexible recommendations—creates a comprehensive framework for organizational security. However, these documents must use clear, accessible language that employees can understand and apply, not just legal jargon that looks impressive but goes unread.
Business continuity planning begins with a thorough Business Impact Analysis that identifies critical functions and establishes recovery objectives. This foundational work must involve stakeholders from across the organization to ensure operational reality aligns with security requirements. Similarly, personnel security extends beyond employee screening to include robust onboarding, transfer, and termination procedures—with equivalent controls for third-party relationships.
Risk management concepts form the core of security operations, from identifying threats and vulnerabilities to selecting appropriate controls. Understanding the distinction between preventative, detective, corrective, deterrent, and compensating controls enables security professionals to build comprehensive protection strategies. Combined with threat modeling methodologies like STRIDE and PASTA, these concepts create the framework for proactive security postures.
Ready to deepen your CISSP knowledge? Visit CISSP Cyber Training for both free resources and comprehensive paid training options that will help you pass your exam the first time while building practical security expertise.

Support the show

Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

فصول

1. Introduction to CISSP Cyber Training (00:00:00)

2. Microsoft's Critical Security Patches (00:00:32)

3. Administrative and Criminal Investigations (00:05:15)

4. Business Continuity Planning (00:09:34)

5. Personnel Security and Third-Party Risk (00:16:19)

6. Risk Management Concepts (00:22:48)

7. Threat Modeling Methodologies (00:31:52)

8. Supply Chain Security (00:36:13)

9. Security Awareness Training (00:41:29)

10. Closing Remarks and Resources (00:45:32)

282 حلقات

#CISSP #Cyber Security #Cybersecurity #Cyber Training #Cybersecurity Consultant #Shon Gerber #Cissp Course #Cissp Boot Camp #Cissp Exam #Cissp Practice Exam #Cissp Practice Test #Higher Education #Podcasting Education #CISSP Training