Symmetric vs. asymmetric encryption
Bell-LaPadula access control model
Bell-LaPadula access control model
Session hijacking
Non-essential services and protocols
Security baselines
Secure Electronic Transactions (SET) Protocol
DHCP
Network types
Port scanning
Advanced Encryption Standard (AES)
Circuit switching
Inference and Aggregation
Database security
Firewall rules
Add-on security
Polyinstanciation
Point-to-point tunnelling protocol (PPTP)
Point to point Protocol (PPP)
Common Criteria
Common Criteria
Secure Sockets Layer (SSL)
Access Control Models
Orange Book (TCSEC) classes and required functionality
Discretionary access control
Access control attacks and countermeasures
Digital signatures
Application and system development attacks and countermeasures
Flooding attacks
Communications and networks attacks and countermeasures
Biometrics
Identification and authentication techniques
Individual accountability
Mandatory access control
Kerberos
Trojan horses
Account, log and journal monitoring
Passwords
Separation of duties and responsibilities
Badges
Role-based access control
Single Sign-On (SSO)
Network sniffing
Network sniffing
Denial of service attacks
Principle of least privilege/Need to know
Access rights and permissions
Smart cards and memory cards
Threats and vulnerabilites
Threats and vulnerabilites
Multi-factor authentication
SESAME
Application system controls
Access control administration
Access control techniques
Rule-based access control
Non-discretionary access control
Lattice-based access control
Callback systems
One-time passwords
Tokens
Replay attacks
Password guessing
Remote Authentication Dial-In Service (RADIUS)
Challenge Handshake Authentication Protocol (CHAP)
TACACS
Monitoring and intrusion detection systems (IDS)
Host-based intrusion detection
Network-based intrusion detection
User monitoring
Information and asset valuation
Database views
Access controls lists (ACLs)
Capability tables
Access control matrix
Honeypots
Wardialing
Signature-based intrusion detection systems
Audit trails
Password management
Account administration
File and data owners, custodians, and users
Biba access control model
Biba access control model
PIN Codes
Access control methodologies and implementation
Centralized/remote authentication access controls
Brute force (exhaustive) attacks
Dictionary attacks
Confidentiality, integrity and availability
Risk management
Risk management
Risk management
Risk mitigation
Software licensing
Sensitivity labels
Security domains
Secure HTTP
Databases and data warehousing
Structured Query Language (SQL)
Statistical intrusion detection
End-to-end encryption
Access control objectives
Clipping level
Passphrases
Buffer overflows
Buffer overflows
Common flaws and security issues with system architectures and design
Vulnerability assessment
Intrusion response
Clark and Wilson access control model
Clark and Wilson access control model
Non-repudiation
IPSec
IPSec
Network Layer Security Protocols
Firewalls and packet filters
ISO/OSI model and layers
Address Resolution Protocol (ARP and RARP)
Network and communication protocols
Network and communication protocols
Network and communication protocols
Network and communication protocols
TCP/IP characteristics and vulnerabilities
Network ports and monitoring
Inter-networking devices and connectivity hardware
TCP/IP model and layers
TCP/IP model and layers
TCP and UDP
Network monitors and packet sniffers
TCP/IP addressing
Physical media characteristics
Local area networks (LANs)
Local area networks (LANs)
Mobile, wireless and satellite technologies and security
Mobile, wireless and satellite technologies and security
Mobile, wireless and satellite technologies and security
Internet, Intranets and Extranets
Certification and accreditation
E-mail security
E-mail security
Common security models, architectures, and evaluation criteria
Network security
Network security
Telecommunication infrastructures
Network availability
Remote access and telecommuting
Incident handling and response
Incident handling and response
RAID Technology
RAID Technology
Backups and offsite storage
Backups and offsite storage
Backups and offsite storage
Network topologies
Secure Shell (SSH)
Key distribution and management
Simple Key Management for Internet Protocols (SKIP)
Proxies
Demilitarized zones (DMZ) and Bastion hosts
Facsimile security
Communications security
Wide Area Networks (WANs)
Frame Relay
Assurance
Communication services
Communication services
Malicious code
Resource misuse and abuse
IP v6
Application layer security protocols
Transport layer security protocols
Virtual Private Networks (VPNs)
Networks and communications security techniques
Routing protocols
Layer 2 Tunnelling Protocol (L2TP)
Media access methods
LAN Transmission methods
Asynchronous Transfer Mode (ATM)
Spoofing attacks
LAN transmission protocols
LAN transmission protocols
Serial Line Internet Protocol (SLIP)
xDSL
Remote Procedure Call and Secure-RPC protocols
Firewall implementations
Network Address Translation (NAT)
Network Services
Synchronous vs asynchronous communications
Domain Name System (DNS)
Packet switching
Mirroring
Ethernet
Ethernet
Client/server environments
Encryption and decryption
Networks and telecommunications management
Security policies
Computer crime
Risk assessment tools and techniques
Security management practices and planning
Security awareness, training and education
Qualitative and quantitative risk assessment
Qualitative and quantitative risk assessment
Employment policies and practices
Hiring and termination practices
Sensitive information and media handling
Control types
Due care and due diligence
Data classification
Policies, standards, guidelines and procedures
Security controls
Trap doors
Active and passive attacks
Disaster recovery planning
Change and configuration control/management
Security design and control architecture
Covert channels
Multi-level security
Programming languages, techniques and tools
System development life cycle
Distributed environments
Database management systems
Software capability maturity model (SCMM)
Public key infrastructure (PKI)
Certification authorities (CA)
Cryptography implementations
Cryptography implementations
X.509 Digital certificates
PKCS Standards
Authentication
Hardware and software cryptographic modules
Certificate revocation list (CRL)
Certificate revocation list (CRL)
Hybrid cryptography
User involvment
Software prototyping and CASE tools
Viruses
System and application testing
Project planning
Knowledge-based systems
Cohesion and coupling
Security modes
Software development models
Public (Asymmetric) Key Cryptography
Public Key Algorithms
Secret (Symmetric) Key Cryptography
Secret Key Algorithms
Data Encryption Standard (DES)
One-time pads
One-way cryptography
Key lengths and strengths
Pretty Good Privacy (PGP)
Rivest Shamir Adleman (RSA)
Elliptic Curve Cryptosystems (ECC)
Cryptography attacks and countermeasures
Message digests and hash functions
Message digests and hash functions
Laws
Import/export laws
Cryptography history
Key escrow and key recovery
Cryptography issues
Cryptography issues
Link encryption
Steganography
Stream ciphers and block ciphers
Cipher types
Cryptographic Codes
Public vs secret cryptography
Clipper Chip
Cryptography weaknesses
Cryptography weaknesses
Uses of cryptography
Reference monitors and security kernels
System-high security mode
Multi-level security mode
Objects and subjects
System assurance
Data hiding
Trusted recovery
Trusted facility management
Trusted Computing Base (TCB)
Information labels
Compartmented security mode
Application security
Data remanence and object reuse protection
Security models controls
ITSEC classes and required assurance and functionality
Integrity checkers
Access matrix model
Take-Grant access control model
National Information Assurance Certification and Accreditation Process (NIACAP)
Defense Information Technology Security Certification and Accreditation Process (DITSCAP)
Common computer and network organizations, architectures and designs
Address space and addressing
Problem management
Attributability
Federal Information Processing Standards (FIPS)
Input and parameter checking
Storage types
Protection rings
Security models
Non-interference model
Dedicated security mode
Trusted Network Interpretation (Red Book-TNI)
System protection mechanisms
Process isolation
Trusted systems
Security perimeter and DMZ
Canadian Trusted Computer Product Evaluation Criteria (CTCPEC)
Rainbow Series
Protection domains
Initialization and failure states
Roles and responsibilities
Two-man control
Dual control
Configuration management
Controlled (partitioned) security mode
Illegal and inappropriate activities
Operations security threats and Countermeasures
Operations controls
Monitoring tools and techniques
Penetration testing (ethical hacking)
Software controls
Traffic analysis
Attacker types, profiles and motivations
Service level agreements (SLAs)
Input/Output controls
Security audits
Security audits
Input controls
Output controls
Social engineering
System recovery
Job rotation
Fault tolerance
Alternate sites
Contingency planning testing
Business Impact Assessment (BIA)
Business Impact Assessment (BIA)
Recovery and redundancy techniques
Business Continuity Planning (BCP)
Business Continuity Planning (BCP)
BCP/DRP Events
Recovery plan development
Recovery point and recovery time objectives
Insurance
Maximum tolerable downtime
Recovery strategy
Elements of contingency planning
Recovery plan maintenance
Relocation to primary site
Management involvement in BCP/DRP
End-user involvement in BCP/DRP
Telecommunications continuity
Business continuity plan testing
Alternate processes
Risk assessment
Risk assessment
Business continuity scope and planning
Business continuity scope and planning
Occupant emergency plan
External communications
Equipment reliability
BCP/DRP controls
Emergency Response
Investigations
Computer crime evidence
Evidence types and admissibility
Evidence collection and preservation
Chain of custody of evidence
Computer laws
Hacker tools
Ethics
ISC2 code of Ethics
IAB guidelines (RFC1087)
Generally Accepted Systems Security Principles (GASSP)
HIPAA
Computer crime types
Masquerading attacks
Telephone fraud
Trade secrets
Legal liability
Legal liability
Intellectual property
Major categories and types of laws
Protection of personal information
Damage assessment
Entrapment and enticement
Physical security threats (prevention, detection and suppression)
Humidity and environmental controls
Power considerations
HVAC considerations
Fire and smoke detection and suppression systems
Physical security controls
Facility Requirements
Security guards, guns, dogs
Layered security
Technical physical security controls
Motion detectors, sensors, and alarms
Site Selection, Facility Design, and Configuration
Administrative physical security controls
Closed Circuit Television (CCTV)
Closed Circuit Television (CCTV)
Critical path analysis
Yellow Book
Operations administrative management
Recovery techniques
System accountability
UNIX Security
Accountability
CIA TRIAD (Confidentiality Integrity Availability)
Security Governance
Compliance
Legal and Regulatory issues
Legislative and Regulatory Compliance
Privacy Requirements compliance
Employment agreement and policies
Computer Crimes
Licensing and Intellectual Property (IP)
Copyright, Trademark, Patent, Trade Secrets, Digital rights management (DRM)
Import and Export controls
International Traffic In Arms Regulations (ITAR)
Export Administration Regulations (EAR)
Trans-border data flow
Privacy
Data Breaches
BCP and DRP Business Continuity and Disaster Recovery plans
Code of professional ethics
Security policies, standards, procedures, and guidelines
Conduct business impact analysis (BIA)
Personal security policies
Candidate screening Reference check Education Verification
Employment Screening, Reference Check, Education Verification
Employee / Employment termination
Job rotation
Separation of Duties
The Principle Of Least Privilege and Need To Know (NTK)
Understand and Apply Risk Management Concepts
Threats and Vulnerabilities
Risk Assessment / analysis, qualitative, quantitative, hybrid
Risk acceptance / assignment
Countermeasure Selection
COSO Committee of Sponsoring Organizations
ITIL The IT Infrastructure Library
COBIT Control Objectives for Information and Related Technology
ISO 27002: 2013 (Formerly Known as ISO17799/ BS7799)
Qualitative risk assessment
Risk frameworks, COSO, ITL, COBIT, ISO 270002
Risk considerations into acquisition strategy and practice
Potential attacks, social engineering, spoofing, pretexting,
Information Security education, training, and awareness.
Chain of custody of evidence
Key escrow and key recovery
Legal liability
Multi-level security mode
Compartmented security mode
System-high security mode
Objects and subjects
Principle of least privilege/Need to know
Risk assessment
Audit trails
Security domains
Service level agreements (SLAs)
Security policies
Facility Requirements
Stream ciphers and block ciphers
Link encryption
Threats and vulnerabilites
Trusted recovery
Access control methodologies and implementation
Access control objectives
Active and passive attacks
Illegal and inappropriate activities
Information and asset valuation
Access matrix model
Port scanning
System assurance
Intranet, Security perimeter and DMZ
Information labels
Trusted facility management
Security audits
Dedicated security mode
Input controls
Application security
Laws
Contingency planning testing
Badges
Monitoring tools and techniques
Business Continuity Planning (BCP)
Cipher types
Storage types
Public vs secret cryptography
Computer crime evidence
Evidence types and admissibility
Computer laws
Configuration management
Controlled (partitioned) security mode
Control types
System recovery
Integrity checkers
Cryptography weaknesses
Data hiding
Input/Output controls
File and data owners, custodians, and users
Data remanence and object reuse protection
Alternate sites
Defense Information Technology Security Certification and Accreditation Process (DITSCAP)
Dual control
Power considerations
Hiring and termination practices
Federal Information Processing Standards (FIPS)
Fire and smoke detection and suppression systems
System protection mechanisms
ITSEC classes and required assurance and functionality
HVAC considerations
Employment policies and practices
Computer crime types
Protection rings
Protection domains
Cryptographic Codes
Trusted systems
Incident management and Problem management
Traffic analysis
Assurance
Input and parameter checking
Insurance
Physical security controls
Software controls
Recovery and redundancy techniques
Steganography
Recovery strategy
Elements of contingency planning
Recovery plan maintenance
Relocation to primary site
End-user involvement in BCP/DRP
Telecommunications continuity
Business continuity plan testing
Alternate processes
Business continuity scope and planning
Occupant emergency plan
External communications
Equipment reliability
Ethics
ISC2 code of Ethics
IAB guidelines (RFC1087)
HIPAA
Masquerading attacks
Telephone fraud
Trade secrets
Intellectual property
Protection of personal information
Entrapment and enticement
Operations controls
Output controls
Address space and addressing
Physical security threats (prevention, detection and suppression)
Policies, standards, guidelines and procedures
Security management practices and planning
Process isolation
Business Impact Assessment (BIA)
Qualitative and quantitative risk assessment
Maximum tolerable downtime
Recovery point and recovery time objectives
Risk assessment tools and techniques
Risk mitigation
Security models controls
Social engineering
Disaster recovery planning
Access control techniques
Penetration testing (ethical hacking)
Two-man or Two-person control
Access control administration
Fault tolerance
Canadian Trusted Computer Product Evaluation Criteria (CTCPEC)
Confidentiality, integrity and availability
Attributability
Due care and due diligence
Import/export laws
Evidence collection and preservation
Management involvement in BCP/DRP
Clipper Chip
National Information Assurance Certification and Accreditation Process (NIACAP)
Access rights and permissions
Risk management
System accountability
Reference monitors and security kernels
Trusted Network Interpretation (Red Book-TNI)
Take-Grant access control model
Trusted Computing Base (TCB)
Security awareness, training and education
Non-interference model
Recovery plan development
Tokens
Wardialing
Site Selection, Facility Design, and Configuration
Attacker types, profiles and motivations
Computer crime
Common flaws & security issues with system architectures and design
Cryptography history
Cryptography issues
Security models
Operations security threats and Countermeasures
Roles and responsibilities
Information classification
Ownership. Data Owners, System Owners, business/mission owners, custodians.
Data Remanence. Clearing, Purging, Destruction, Degaussing
Retention Policy / Period. Media, hardware, and personnel)
Data Security Controls. Data at rest and Data in Transit.
Data Handling Requirements. Markings, Labels, Storage, Destruction of sensitive information.
Sensitivity labels
Passphrases
Data classification
Security baselines
Sensitive information and media handling
Security controls
CASB (Clous Access Security Broker)
Data Protection Methods
Understand the fundamental concepts of security models (Biba, Bell-Lapadula, Clark-Wilson, etc..)
System Security Evaluation Models
Security Capabilities of Information Systems
Vulnerabilities of Security Architectures, designs, and solution elements
Database security
Distributed Systems
Distributed Systems versus Centralized systems
Cryptographic Systems
Industrial control systems (ICS)
Assess and Mitigate Vulnerabilities in Web-Based systems
Assess and Mitigate Vulnerabilities in mobile systems
Assess and Mitigate Vulnerabilities in embedded devices and cyber-physical systems
Cryptography life cycle
Cryptography types
Public key infrastructure (PKI)
Cryptographic Keys management practice
Digital signatures
Digital Rights Management (DRM)
Non-repudiation
Data Integrity (hashing and salting)
Methods of cryptanalytic attacks
Secure principles to site and facility design
Design and Implement Physical Security
Hardware and software cryptographic modules
Secret (Symmetric) Key Cryptography
X.509 Digital certificates
Certificate revocation list (CRL)
One-way cryptography
Databases and data warehousing
Biba access control model
Bell-LaPadula access control model
Simple Key Management for Internet Protocols (SKIP)
Message digests and hash functions
Multi-level security
Data Encryption Standard (DES)
Pretty Good Privacy (PGP)
Elliptic Curve Cryptosystems (ECC)
Common Criteria
Security design and control architecture
Advanced Encryption Standard (AES)
One-time passwords
Access control matrix
Rivest Shamir Adleman (RSA)
Replay attacks
Brute force (exhaustive) attacks
Dictionary attacks
One-time pads
Certification authorities (CA)
Biometrics
Cryptography implementations
Cryptography attacks and countermeasures
Public Key Algorithms
Encryption and decryption
PKCS Standards
Distributed environments
Inference and Aggregation
Key lengths and strengths
Key distribution and management
User involvement
Password guessing
Secret Key Algorithms
Symmetric vs. asymmetric encryption
Vulnerability assessment
Clark and Wilson access control model
Public (Asymmetric) Key Cryptography
Facsimile security
Authentication
Hybrid cryptography
Orange Book (TCSEC) classes and required functionality
Access Control Models
Common security models, architectures, and evaluation criteria
Cloud Computing
Containerization
Secure Design Principles to network architecture
OSI and TCP/IP models
IP Networking
Implications of multilayer protocols
Converged Protocols
Software Defined Networks (SDN)
Wireless Networks
Communication Security using Cryptography
Secure Network components
Operation of communication hardware
Transmission media
Network Access Control devices
Endpoint Security
Content Distribution Networks
Design and Establish secure communication channels
Multimedia Collaboration
Virtualization (Virtual Machines)
Prevent and Mitigate network attacks
Wireless Local Area Network (WLAN) authentication (Open, WEP, WPA, WPA2)ciss
Network Topology
Media access methods
Layer 2 Tunnelling Protocol (L2TP)
Demilitarized zones (DMZ) and Bastion hosts
Network Address Translation (NAT)
Local area networks (LANs)
Ethernet
Wide Area Networks (WANs)
Network topologies
Secure Electronic Transactions (SET) Protocol
Virtual Private Networks (VPNs)
Routing protocols
Firewall rules
IPSec
End-to-end encryption
Spoofing attacks
Network security
TACACS
Secure HTTP
Point to point Protocol (PPP)
Network Layer Security Protocols
Asynchronous Transfer Mode (ATM)
Remote Authentication Dial-In Service (RADIUS)
Callback systems
Challenge Handshake Authentication Protocol (CHAP)
Circuit switching
Client/server environments
Communication services
Communications security
Physical media characteristics
DHCP
E-mail security
Flooding attacks
Frame Relay
Network Services
IP v6
Inter-networking devices and connectivity hardware
Networks and telecommunications management
Network availability
Networks and communications security techniques
ISO/OSI model and layers
Packet switching
Point-to-point tunnelling protocol (PPTP)
Transport layer security protocols
Network and communication protocols
Centralized/remote authentication access controls
Remote access and telecommuting
Remote Procedure Call and Secure-RPC protocols
Serial Line Internet Protocol (SLIP)
Secure Shell (SSH)
Secure Sockets Layer (SSL)
Session hijacking
TCP and UDP
TCP/IP addressing
Telecommunication infrastructures
Address Resolution Protocol (ARP and RARP)
Internet, Intranets and Extranets
Domain Name System (DNS)
Application layer security protocols
Communications and networks attacks and countermeasures
TCP/IP model and layers
TCP/IP characteristics and vulnerabilities
Network ports and monitoring
xDSL
LAN transmission protocols
Synchronous vs asynchronous communications
Network types
LAN Transmission methods
Mobile, wireless and satellite technologies and security
Cellular Networks (4G, 5G)
Control physical and logical access to assets
Manage Identification and Authentication of people and devices
Identity Management implementation
Single/Multi factor authentication
Accountability
Session Management
Registration and Proofing of Identiry
Federated identity management
Credential Management Systems
Integrate Identity as a service (cloud identity / IDaaS)
Integrate third-party identity services
Role-based Access Control (RBAC) methocs
Rule-Based Access Control methods
Mandatory Access Control (MAC)
Discretionary Access Control (DAC)
Prevent or mitigate Access Control attacks
Identity and Access provisioning lifecycle
Capability tables
Discretionary access control
Role-based access control
Passwords
Access controls lists (ACLs)
Smart cards and memory cards
Kerberos
Rule-based access control
Lattice-based access control
Non-discretionary access control
Mandatory access control
Access control attacks and countermeasures
Multi-factor authentication
Individual accountability
User monitoring
SESAME
Single Sign-On (SSO)
Identification and authentication techniques
Add-on security
Non-essential services and protocols
Design and Validate assessment and test strategies
Vulnerability Assessment
Penetration Testing
Log Reviews
Code review and testing
Misuse Case Testing
Test coverage analysis
Interface Testing
Collect Security Process data (management and operational controls)
Account management (escalation, revocation)
Key performance and risk indicator
Backup verification data
Training and awareness
BCP and DRP Business Continuity and Disaster Recovery plans
Analyse and Report test output
Conduct and falicitate internal and third party audits
Breach & Attack Simulation (BAS) technologies
Understand and Support Investigations
Evicence collection and Handling
Chain of Custody of Evidence
Investigative Techniques (root cause analysis, incident handling)
Digital Forensics
Understand requirements for investigation types
Electronic discovery (eDiscovery)
Conduct Logging and Monitoring Activities
Intrusion Detection (IDS )and Prevention (IPS)
Security Information and Event Management (SIEM)
Continuous Monitoring
Egress Monitoring
Steganography
Watermarking
Secure the provisioning of resources (asset inventory such as hardware and software)
Configuration Management
Physical Assets
Virtual Assets (Software Defined Network (SDN), virtual SAN, Virtual Machines)
Understand and Apply foundamental security operations concepts
The Principle Of Least Privilege and Need To Know (NTK)
Separation of Duties and Responsibilities
Monitor privileges and administrative accounts usage
Job Rotation
Information lifecycle
Service Level Agreements (SLA's)
Employ resouce protection techniques
Conduct Incident Management
Operate and Maintain Preventative Measures
Firewalls
Sandboxing
Honeypots / Honeynets
Anti-Malware
Patch and Vulnerability Management
Recovery Strategies
Backup Storage strategies (Offsite Storage, Electronic Vaulting, Tape Rotation)
Recovery Site strategies
Dual Data center, Internal and external hot sites, warm and cold sites
System Resilience (High Availability (HA), Quality of Service (QoS), fault tolerance
BCP and DRP Business Continuity and Disaster Recovery plans
Design and Implement Physical Security
Personnel safety concerns (duress, travel, monitoring)
Artifacts
Understand and Apply security in the software development lifecycle
Agile development methodology
Waterfall Software Development methodology
Capability Maturity Models
Software Development Operation and Maintenance (O&M) phase
Change Management
Integrated Product Team (DevOps)
Enforce Security Controls in development environments
Buffer Overflow
Data Input and output validation in software development
Security of code repositories
Security of Application Programming Interface (API)
Assess the effectiveness of Software Security
Risk Analysis and mitigation
Acceptance Testing
Assess security impact of acquired software (acquisition of software)
Buffer overflows
Covert channels
Trojan horses
Security modes
Account, log and journal monitoring
Viruses
Database views
System and application testing
Denial of service attacks
Application system controls
Certification and accreditation
Database management systems
Cohesion and coupling
Malicious code
Trap doors
Project planning
Programming languages, techniques and tools
Knowledge-based systems
Polyinstanciation
Software prototyping and CASE tools
Software development models
Software capability maturity model (SCMM)
Clipping level
System development life cycle
Structured Query Language (SQL)
Application and system development attacks and countermeasures
Resource misuse and abuse
Change and configuration control/management
CCCure was such a great resource in preparation for the CISSP. I passed and was prepared partly because of the questions that I was exposed to on CCCure.