CISSP 2018: Security Architecture and Engineering (Part 2)

CISSP 2018: Security Architecture and Engineering (Part 2)

Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level

Overview/Description
Explore the domain of security assessment, design, and mitigation for web-based, mobile, and embedded systems. This course will start by examining common web-based attacks, such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), carjacking, clickjacking, and cookie exploits. Next, you will learn how to evaluate general strategies to mitigate vulnerability. The course then moves on to mitigation strategies fo rmobiles, such as containerization, sandboxes, wrappers, secure encrypted enclaves, TPM, and tokenization. You will then study enterprise mobility management methods, privacy concerns, and security issues. Other topics include how to assess vulnerabilities and common threats for embedded devices; and how to walk through methods to reduce embedded device vulnerability. Finally, as a review exercise, you will describe how to assess and mitigate systems vulnerabilities.

Expected Duration (hours)
0.8

Lesson Objectives

CISSP 2018: Security Architecture and Engineering (Part 2)

assess vulnerabilities in web-based systems

describe common web-based attacks

reduce security vulnerabilities in various web-based systems

define enterprise mobility management

describe issues related to mobile security and privacy

reduce security vulnerabilities in mobile systems

assess vulnerabilities in embedded devices

describe and compare common threats to embedded devices

reduce various embedded device vulnerabilities

describe how to assess and mitigate systems vulnerabilities

Course Number:
it_spciss_09_enus

Expertise Level
Expert