No video
CISSP Domain 3 Review / Mind Map (4 of 9) | Vulnerabilities in Systems
Рет қаралды 54,072
Күн бұрынReview of the major Vulnerabilities in Systems concepts and terms, and how they interrelate, to help you review, guide your studies, and help you pass the CISSP exam.
This MindMap review covers:
0:00 Introduction
0:31 Vulnerabilities in Systems
1:08 Single Point of Failure
1:38 Redundancy
1:56 Bypass Controls
2:28 Mitigating Controls
3:07 TOCTOU (Race Conditions)
4:03 Emanations
4:22 Shielding (TEMPEST)
4:46 White Noise
5:00 Control Zones
5:19 Covert Channels and its Types
5:33 Analysis and Design of Covert Channels
5:52 Aggregation & Interference
6:12 Polyinstantiation
6:39 Mobile Devices
7:01 Policy, Training and Procedures
722 Remote Access Security
7:35 End-point Security
7:46 OWASP Mobile Top Ten
8:05 Improper Platform Usage
8:22 Insecure Data Storage
8:49 Insecure Communication
9:08 Insecure Authentication
9:30 Insufficient Cryptography
9:46 Insecure Authorization
10:20 Client Code Quality
10:45 Code Tampering
11:03 Reverse Engineering
11:27 Extraneous Functionality
11:54 Web-based Vulnerabilities
12:10 Cross-Site Scripting (XSS)
12:34 Stored Cross-Site Scripting
13:31 Reflected Cross-Site Scripting
14:27 Document Object Model (DOM)
14:53 Cross-Site Request Forgery (CSRF)
15:28 SQL Injection
16:10 SQL Injection Example
16:35 Prevention of SQL Injection
17:14 Outro
Other MindMaps:
Domain 1
Security & Risk Management: • CISSP Domain 1 Review ...
Domain 2
Asset Classification: • CISSP Domain 2 Review ...
Privacy: • CISSP Domain 2 Review ...
Domain 3
Models and Frameworks: • CISSP Domain 3 Review ...
Evaluation Criteria: • CISSP Domain 3 Review ...
Trusted Computing Base: • CISSP Domain 3 Review ...
Vulnerabilities in Systems: • CISSP Domain 3 Review ...
Cloud: • CISSP Domain 3 Review ...
Cryptography: • CISSP Domain 3 Review ...
Digital Certificates, Digital Signatures & PKI: • CISSP Domain 3 Review ...
Cryptanalysis: • CISSP Domain 3 Review ...
Physical Security: • CISSP Domain 3 Review ...
Domain 5
Access Control Overview: • CISSP Domain 5 Review ...
Single Sing-on & Federated Access: • CISSP Domain 5 Review ...
Domain 6
Security Assessment and Testing Overview: • CISSP Domain 6 Review ...
Vulnerability Assessment and Penetration Testing: • CISSP Domain 6 Review ...
Logging & Monitoring: • CISSP Domain 6 Review ...
Domain 7
Investigations: • CISSP Domain 7 Review ...
Incident Response: • CISSP Domain 7 Review ...
Malware: • CISSP Domain 7 Review ...
Patching & Change Management: • CISSP Domain 7 Review ...
Recovery Strategies: • CISSP Domain 7 Review ...
Business Continuity Management (BCM): • CISSP Domain 7 Review ...
Domain 8
Secure Software Development: • CISSP Domain 8 Review ...
Databases: • CISSP Domain 8 Review ...
CISSP Master Instructor, John Berti: / jberti
Visuals, narration and CISSP Master Instructor, Rob Witcher: / robwitcher
Video editing by Nick: threntinfo@gmail.com
#CISSPDomain3Review #robwitcher
@destcert 2 жыл бұрын
Want to see our full / in-depth CISSP training videos: destcert.com/sample-videos/
@raghavendrankr4466 Жыл бұрын
This is a MUST to use resource for anyone preparing for CISSP. The way Rob speaks was very clear and very easy to follow. I liked the Visuals and were truly helpful to create a map in mind for each topic. I used these maps after finishing the OSG and Destination CISSP Book. Though this is Free, they did not compromise on quality of content. I cleared my CISSP on May 2023. Thank you very much for making that happen.
@jonathanmcneill4993 4 жыл бұрын
Yes please do a very deep dive into cross site scripting. I've been struggling to keep the three different types straight and also have been curious to understand them more! Thank you for publishing this mind map series! I appreciate it!!
@destcert 4 жыл бұрын
Great to hear you find the videos helpful! I've added XSS & CSRF to the list of deep dive videos that I'll create.
@christineraymond1615 3 жыл бұрын
your mind maps are awesome! I'm taking the exam on Monday and I really feel these are helping me bring all of the material together - so glad I found these before the exam!!
@TechForceCyber 3 жыл бұрын
How did you do, Chris?
@stevenkimball4481 2 жыл бұрын
Just wanted to say thank you Rob! Been jamming hard on your vids. You give a really good perspective, different than the CBTNuggets videos, and I really find it useful for my studies. You should be a trainer for them lol.
@willsmith1775 3 жыл бұрын
These are great. Your videos really help. Is there a place to download those same "mindmap" graphics you make throughout the videos?
@mubashirahmad8176 4 жыл бұрын
Great explanations, I am getting great help, I booked exam for 8th September thank you very much Rob for releasing this video. Looking forward for the rest
@destcert 4 жыл бұрын
Great to hear the videos are helping you study. All the best on your exam on the 8th. Let me know when you pass!
@klaushu7547 3 жыл бұрын
Hi rob, when are you going to do next video. Love all your videos. You are fricking great!!!
@RockyRxx 3 жыл бұрын
These are Gold :D
@manasapk 3 жыл бұрын
Would really appreciate a detailed video on XSS...
@Rajatguptasecurity 4 жыл бұрын
Amazing explanations, thank you very much Rob for releasing this video. Keep doing the good work.
@destcert 4 жыл бұрын
My pleasure! I'm working away on the next video!
@asdfkljlkjdfkg2290 3 жыл бұрын
Pizza delivery, pentagon incident? I thought that would be more inference.
@destcert 3 жыл бұрын
Bingo!
@zieyob 3 жыл бұрын
Amazing, amazing I am glad I found these resources before my exam. Please do Network domain too .
@destcert 3 жыл бұрын
Just uploaded the first of 4 Domain 4 videos. The remainder will be up in the next 2-3 weeks. All the best in your studies!
@RandomlyDrumming 9 ай бұрын
Pizza delivery example...is it related to operation Desert Storm and how journalists inferred from how frequently pizza was delivered to the Pentagon that many people inside are working long hours, preparing something big? :)
@nikhilkumar-uf4qi 4 жыл бұрын
Amazing 🤩
@destcert 4 жыл бұрын
Thanks 🤗
@janicegraham9471 4 жыл бұрын
Thank you so much for all your hard work in creating these mind maps. They are a brilliant and useful tool to work alongside the official book material. Can you let us know when Domain 4 will be uploaded?
@destcert 4 жыл бұрын
You're very welcome! I'm glad you like them! I'm working my way through the last few domain 3 videos now and then I will be starting on domain 4. I can't give you an exact timeline unfortunately as I am creating these videos in my free time which is limited and highly variable.
@lupin20xx 4 жыл бұрын
Very helpful! Chance to get the document?
@ComproAvi 4 жыл бұрын
Helpful!
@mustafaabubakar293 4 жыл бұрын
Thank you Rob, it is helping me alot to review the topics for the exam in six weeks.
@destcert 4 жыл бұрын
Glad it was helpful!
@MHamidAshraf Жыл бұрын
Thanks a lot for this gold... The thing i did not get was the "predictive power of pizza delivery as example of covert channel" If possible to elaborate please
@Tunobe86 Жыл бұрын
If you read the Destination book, it explains... There was a series of U.S. government meetings to prepare for a major operation and someone (reporters?) were able to discern important meetings were talking place on certain days based on the frequency of pizza deliveries to a government building. Sorry I don't remember the details exactly .S. government
@blahblah4634867 2 жыл бұрын
Pizza delivery as a covert channel : high number of pizza deliveries to an office could indicate something big is going on. Is that the reference?
@kebarius6760 Жыл бұрын
Is it not that if you intercept the pizza order you can get there first and steal the order?
@jayanarayanankodothputhiya9465 2 жыл бұрын
Analogy of pizza delivery to time based covert channel, as it insure timely delivery is through separate/fastest channel bypassing the busy route ?
@dieglhix 3 жыл бұрын
dude those 0:40 interfaces are woot
@abbeydudeuk 2 жыл бұрын
Communication and Network Security topic not covered. please upload on this topic
@MegaJusttosee 4 жыл бұрын
Hi Rob, When can we expect complete set of Domain 4 ? thank you.
@destcert 4 жыл бұрын
I'm working my way through the last few domain 3 videos now and then I will be starting on domain 4. I can't give you an exact timeline unfortunately as I am creating these videos in my free time which is limited and highly variable.
@sahmadi6659 2 жыл бұрын
Are all of those vulnerabilities included in the exam? Means we have to learn each one by one with details?
@tradingmind4304 Жыл бұрын
How do you relate pizza delivery with covert channel.
@gokulkumar3942 23 күн бұрын
are these videos still good for this years exam?
@kehindeolabode8278 3 жыл бұрын
Please can you make a pdf slide of the information it will help a lot, reading your summary in notes will enhances study
@xzc3312 3 жыл бұрын
cant you create it yourself?
@pirayehmehran107 4 жыл бұрын
Hi Rob, can’t find Domain 3 (6 -9 of 9) videos. Can you help? Thx
@destcert 4 жыл бұрын
They aren't done yet. Working on them!
@manyuscripts5808 3 жыл бұрын
Who is the target of attack in sql injection
@destcert 3 жыл бұрын
Database server
@Anya11235 2 жыл бұрын
pizza reference from Snowcrash?
@CodyKeller 3 жыл бұрын
I got the pizza reference. 😉🍕🐀
@francisfrancis1153 10 ай бұрын
Please explain to me. Thanks in anticipation.
@BoardInTheHouseBGAplayer 2 жыл бұрын
Sounds like the cops are driving around your house at 16:00 ...SQL injection attacks tipped them off
@strcelrau 3 жыл бұрын
I wish that the guys downvoting wrote the reason for this
SALEM EPISODES
Рет қаралды 746 М.
Destination Certification
Рет қаралды 31 М.
Destination Certification
Рет қаралды 51 М.
Destination Certification
Рет қаралды 38 М.
Destination Certification
Рет қаралды 53 М.
SALEM EPISODES
Рет қаралды 746 М.