Tuesday, April 10, 2012

CISSP - Domain 10 - Operations Security

Operations Security relates security aspect in day to day activities of a business enterprise. The domain discusses all the questions regarding: How to keep the data at rest secure? How to securely destroy the data? What privileges need to be assigned and to whom and when? How to protect the hardware (maintenance) and software (piracy)? And how to carry out patch management, problem management, incident management etc.? The important access control concepts  like least privilege and need to know are also discussed along with mechanisms to facilitate and perform audit and monitoring. It can be said that Operations Security is basically the concise combination of all of the other domains of CISSP.

CISSP - Domain 9 - Application Development Security

Security Architecture domain focused on securing systems part while Application Security domain focuses on securing software and applications from their development phase to implementation phase to maintenance phases. The domain highlights that security should be the component of every cycle of Software Development Life Cycle (SDLC). Applications include agents, applets, software, databases, data warehouses, knowledge-based systems. The domain discusses concepts like data mining, data ware-housing, intelligent systems and elaborates on what application controls are needed to ensure confidentiality, integrity and availability of information system. The domain also touches on concepts of penetration testing with regards to applications.

CISSP - Domain 8 - Business Continuity and Disaster Recovery Planning

You may wonder, what business continuity and disaster recovery planning has to do with Information Security? We can have a pretty long discussion on this but to cut the story short the answer is in C-I-A triad. Plus Information Security acts a support system for business to keep going in any condition. The domain focuses on best practices for safeguarding critical information systems; their continuity and recovery procedures. How to manage an incident? How to perform business during and after an incident? How to recover from an incident and get back to the norm? All this is discussed in detail in this domain. While preparing for the exam, do not forget to differentiate between business continuity and disaster recovery.  

Monday, April 9, 2012

CISSP - Domain 7 - Telecommunications and Network Security

Telecommunications and Network Security is the lengthiest domain of CISSP. It emphasizes the concepts of networking -- OSI and TCP / IP models -- explaining each layer in detail; highlighting the technologies and their implementation. The domain discusses the following main concepts:

Physical: Network Topologies, Transmission Media, Communication Technology, Attacks
Data-Link: Technology, Encryption, Risks and Attacks
Network: WAN Technologies, Tunneling, Risks and Attacks
Transport: Technology, DoS Attacks, Remediation
Session: Technology and Implementation, Directory Services, Access Services
Presentation: Concepts, Technology and Implementations, Encryption
Application: Technologies, Data Exchange Services, Administrative Services

The domain also discusses different types of Firewalls and their architectures in detail. Different security protocols and methodologies like PGP, IPSec, SSL (VPN) etc. are also discussed in Network Security portion of the domain. Telecommunications and Network Security domain keeps on evolving with latest technologies arising and gives an overview of them as well, for example, Unified Threat Management.

CISSP - Domain 6 - Legal, Regulations, Compliance and Investigations

The domain gives an overview on laws and regulations associated with digital world. It sheds light on means, opportunities and methods associated with e-crimes. The domain gives account of digital forensics, evidence gathering, chain of custody, incident response, legal liabilities and ways to address compliance. Legal, Regulations, Compliance and Investigations is a very important domain with content that keeps on evolving. A lot of general questions are usually asked from the field of digital forensics (this domain) and penetration testing (application and network security domains) in the exam.

CISSP - Domain 5 - Security Architecture and Design

Security Architecture and Design domain specially focuses on how to create a secure and well-defined system. The domain highlights concepts, principles, structures and standards used to design, implement, monitor and secure operating systems, equipment, networks, applications and controls used to enforce various levels of confidentiality, integrity and availability. The domain also explains different security models in terms of information flow, confidentiality and integrity.

CISSP - Domain 4 - Physical Security

Physical Security is also known as Environmental Security. Perhaps the most underrated domain of CISSP, which in reality is very important, least, in respect to exam preparation. The domain focuses particularly on the threats, vulnerabilities and countermeasures that can be utilized to physically protect an enterprise's resources and sensitive information. The domain also gives a good overview on how to choose a secure site, design, configuration and practical implementation techniques. It is pertinent to know that the most important theme of this domain is protecting people first. The domain also takes into account how to naturally enforce physical security without creating much artificial fuss around -- Crime Prevention Through Environmental Design (CPTED).

CISSP - Domain 3 - Cryptography

Cryptography is thought to be the heart of IT Security. This domains tells us how to keep the confidentiality, integrity and authenticity of sensitive information intact during its lifetime or communication time. The domain discusses symmetric and asymmetric algorithms, how they are used practically and how can they be exploited with different means. How to use digital signatures to provide authenticity and non-repudiation during e-transaction is an important aspect of this domain as well.

CISSP - Domain 2 - Access Controls

Information system mainly comprises of three components Subject (component which accesses), Object (component which is accessed), Access Control (component which controls what objects can be accessed by subjects and importantly to what extent). Security Management Practices and Access Control are important domains to learn strong information security concepts. This domain, as the name suggests, talks more about how to control the access movements of Subject. The domain discusses access control concepts, methodologies and (practical) implementations within centralized and decentralized environments. It also discusses control techniques like personnel, technical, physical and measures likes preventive, detective and corrective.

CISSP - Domain 1 - Information Security Governance and Risk Management

The domain is also known as Security Management Practices -- all the crux of CISSP can be found in this very domain. Security Management Practices starts with the basics of information security. It describes to us what the terms threat, vulnerability, risk, exposure, confidentiality, integrity, availability etc. mean. The domain tells us what is the risk management process, how to carry out risk analysis and risk treatment. The domain gives us an overview to understand what policies, standards, guidelines, procedures and roles associated with information assets are all about. The domain emphasizes that security is management concern and not the IT concern.