Course details

CISSP 2018: Security Architecture and Engineering (Part 2)

CISSP 2018: Security Architecture and Engineering (Part 2)


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level



Overview/Description
Explore the domain of security assessment, design, and mitigation for web-based, mobile, and embedded systems. This course will start by examining common web-based attacks, such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), carjacking, clickjacking, and cookie exploits. Next, you will learn how to evaluate general strategies to mitigate vulnerability. The course then moves on to mitigation strategies fo rmobiles, such as containerization, sandboxes, wrappers, secure encrypted enclaves, TPM, and tokenization. You will then study enterprise mobility management methods, privacy concerns, and security issues. Other topics include how to assess vulnerabilities and common threats for embedded devices; and how to walk through methods to reduce embedded device vulnerability. Finally, as a review exercise, you will describe how to assess and mitigate systems vulnerabilities.

Expected Duration (hours)
0.8

Lesson Objectives

CISSP 2018: Security Architecture and Engineering (Part 2)

  • assess vulnerabilities in web-based systems
  • describe common web-based attacks
  • reduce security vulnerabilities in various web-based systems
  • define enterprise mobility management
  • describe issues related to mobile security and privacy
  • reduce security vulnerabilities in mobile systems
  • assess vulnerabilities in embedded devices
  • describe and compare common threats to embedded devices
  • reduce various embedded device vulnerabilities
  • describe how to assess and mitigate systems vulnerabilities
  • Course Number:
    it_spciss_09_enus

    Expertise Level
    Expert