CISSP Domain 8 Review / Mind Map (1 of 2) | Secure Software Development
Вставка
- Опубліковано 31 лип 2024
- Review of the major Secure Software Development concepts and terms, and how they interrelate, to help you review, guide your studies, and help you pass the CISSP exam.
This MindMap review covers:
00:00 Intro
00:29 Overview
01:04 Bake in Security
01:26 SLC
01:47 SDLC
02:35 Development methodologies
04:10 SecDevOps
05:30 Canary deployments
07:21 Maturity models
08:18 APIs
09:01 Code obfuscation
09:52 Acquiring software
10:44 Buffer overflows
Other MindMaps:
Domain 1
Security & Risk Management: • CISSP Domain 1 Review ...
Domain 2
Asset Classification: • CISSP Domain 2 Review ...
Privacy: • CISSP Domain 2 Review ...
Domain 3
Models and Frameworks: • CISSP Domain 3 Review ...
Evaluation Criteria: • CISSP Domain 3 Review ...
Trusted Computing Base: • CISSP Domain 3 Review ...
Vulnerabilities in Systems: • CISSP Domain 3 Review ...
Cloud: • CISSP Domain 3 Review ...
Cryptography: • CISSP Domain 3 Review ...
Digital Certificates, Digital Signatures & PKI: • CISSP Domain 3 Review ...
Cryptanalysis: • CISSP Domain 3 Review ...
Physical Security: • CISSP Domain 3 Review ...
Domain 5
Access Control Overview: • CISSP Domain 5 Review ...
Single Sing-on & Federated Access: • CISSP Domain 5 Review ...
Domain 6
Security Assessment and Testing Overview: • CISSP Domain 6 Review ...
Vulnerability Assessment and Penetration Testing: • CISSP Domain 6 Review ...
Logging & Monitoring: • CISSP Domain 6 Review ...
Domain 7
Investigations: • CISSP Domain 7 Review ...
Incident Response: • CISSP Domain 7 Review ...
Malware: • CISSP Domain 7 Review ...
Patching & Change Management: • CISSP Domain 7 Review ...
Recovery Strategies: • CISSP Domain 7 Review ...
Business Continuity Management (BCM): • CISSP Domain 7 Review ...
Domain 8
Secure Software Development: • CISSP Domain 8 Review ...
Databases: • CISSP Domain 8 Review ...
CISSP Master Instructor, John Berti: / jberti
Visuals, narration and CISSP Master Instructor, Rob Witcher: / robwitcher
Video editing by Nick: threntinfo@gmail.com
Our CISSP MasterClass includes your own personal CISSP mentor who will guide you to confidently passing the CISSP exam: destcert.com/CISSP
All MindMap CISSP Videos are best free preparations for the Exam. Easy to digest and deliver the concept much better other than dry books.. Thanks a lot Rob for great Contribution to the Info Sec community. We really appreciate your great Job..
This is the closest I have found to CISSP study ASMR. I love and appreciate it
I sure hope you’re a professor because you have an uncanny ability to explain complex concepts at a simple level! The visuals help a ton! And the organization of concepts is so nice!
That's lovely to hear. Thanks! And yes, my day job is teaching CISSP courses :)
Hi rob,
I glad to inform today I provisionally passed cissp exam.
It's amazing this mind map videos for clearing my exam.
As u told " hi I am rob witcher today going to help u pass cissp exam..."
That's goes worked on my journey.
Thank you for amazing videos 🙏🙏🙏
Congratulations Ganesh! Well done passing the CISSP exam!
Thanks so much for letting me know. It's great to hear these videos are helping people learn and become better security professionals!
About Waterfall methedology, sybex book mentioned
"the modern waterfall model does allow development to return to the previous phase to correct defects
discovered during the subsequent phase. This is often known as the feedback loop characteristic of the waterfall model."
Thank you for your great efforts.
Yes, the video is referring to the traditional waterfall model, which does not allow a return to the previous phase. As you noted, the modern/modified waterfall DOES allow return to a previous phase.
Thank you for putting these together. Very well laid out.
Great videos Rob! Very clearly and brief to understand. thank you!
Very concise and valuable. This ties it all together, I've been through countless hours of content which go into a lot of detail so this was so helpful in helping to see the bigger picture. Thanks, Rob 👍
This is very helpful. Thank you for putting in so much effort.
You've got some outstanding videos! I appreciate your work and sharing your knowledge, thank you.
Thanks! My pleasure!
Hello Rob , thanks for this wonderful work for society this really helped me to pass cissp exam . I cleared it just 2 days before Thankyou for ur efforts .
Perfect snapshot! Thank you.
These are an excellent resource.
This presentation it's really helpful to add up to my current CISSP studies. Keep up the good work!
The waterfall model was one of the first comprehensive attempts to model the software
development process while taking into account the necessity of returning to previous phases
to correct system faults. However, one of the major criticisms of this model is that it allows
the developers to step back only one phase in the process. It does not make provisions for
the discovery of errors at a later phase in the development cycle.
Gracias por estas explicaciones
"Life-by-Powerpoint." Mr. Witcher, you've obviously put a lot of thought and care into selecting memorable visuals. 😉
very nicely summarized.
amazing vedio Thanks
awesome explanations, waiting for more videos..
Working on them!
I've read the McGraw Hill book on the CISSP. I've got the Sybex official ISC2 book that I'm working on now. I have not found any mention of the representational state transfer (REST) API. Thank you! This is why it is so important to use multiple sources when studying for this exam!!
Indeed. The exam is constantly evolving!
Know your API's: REST & SOAP.
REST and SOAP are very important, buddy.
Waterfall is presented in the OSG with the feedback loop. In that case water does go up
Well detailed video to refresh the topic before exams
All the best in your studies! Let me know when you pass the exam 😁
thanks
Thank you for your work. I am attempting the exam soon. But I have a question, in your video, it was mentioned that the Development step is where the code is written, and there are models for it i.e waterfall, agile, spiral, devops etc, but in these methods, they have their own design, requirement gathering, testing, operations and maintenance phase; are these steps only looping in the Development stage of the SLC / SDLC? I can't connect the Waterfall or Agile phases, when out of Development stage is the Testing stage, is the SLC/SDLC testing stage the test of the entire system? Or the Waterfall stage actually spills out and is not a nested loop? I hope my question makes sense. Thank you again.
Pls do video for SAML like kerberoes
The info is great. Just wanna say that you speak like Teal Swan :)
Thank you! :)
Hey I can't find domain 3 in your videos list..did you skip it?
I'm working my way towards it. Next up is Domain 2, then 3, and then 4. I'll be starting into the 9 videos I have planned for Domain 3 in a couple of weeks!
can we do a MIND MAP for CSSLP please ?
In waterfall you can go back one step
2.0
I like this topic but its quite heavy
Devops is not a development methodology
*just an honest opinion* It's a bit dry but informative enough that I'm listening. I'm following CISSP reference guide as I go and that helps me pay attention. Good tho! TY
There are 8 CISSP domains and 5 of them do the exact same thing…