CISSP Cert Prep (2021): 6 Security Assessment and Testing

Use this course to help you prepare for the Security Assessment and Testing domain of the 2021 CISSP exam.

Introduction

• Security assessment and testing
• What you need to know
• Study resources

1. Vulnerability Scanning

• What is vulnerability management?
• Identify scan targets
• Scan configuration
• Scan perspective
• Analyzing scan reports
• Correlating scan results

2. Penetration Testing

• Penetration testing
• Ethical disclosure
• Bug bounty
• Cybersecurity exercises

3. Log Reviews

• Logging security information
• Security information and event management

4. Code Testing

• Code review
• Code tests
• Fuzz testing
• Interface testing
• Misuse case testing
• Test coverage analysis

5. Business Continuity Planning

• Business continuity planning
• Business continuity controls
• High availability and fault tolerance

6. Disaster Recovery Planning

• Disaster recovery
• Backups
• Restoring backups
• Disaster recovery sites
• Testing BC/DR plans
• After action reports

7. Assessing Security Processes

• Collect security process data
• Management review and approval
• Security metrics
• Audits and assessments
• Control management

Continuing Your Preparation

• Continuing your preparation