Features
Features:

Product Tour >

Edraw AI >

Paid Plans:

Individuals >

Business >

Eduaction >
Resources
Blog

History

How-tos & Tips

Discovery

Biography

Business Analysis

Examples

AI concept Map

Free AI Mind Map Generator

Onenote Mind Map

Bcg Matrix Examples

Nike Marketing Strategy

Unilever SWOT Analysis

Make Mind Maps in Google Docs

Guide

FAQs

What's New

Resource Center
Templates
All Templates

Brain Storming Templates

Strategy and Planning Templates

Project Management Templates

Product Management Templates

Human Resources Templates

Agile Workflow Templates

Marketing Templates

Education Templates

Fun and Games Templates

User Gallery
Download
Pricing
Enterprise

MindMap Gallery CISSP Learning Mind Map

CISSP Learning Mind Map

This is a mind map about CISSP learning mind map, which mainly includes: physical security, security architecture and design, cryptography, law, compliance and investigation, business continuity planning, software development security, safe operation and maintenance , security assessment and testing, identity and access management, communications and network security, security engineering, asset security, security and risk management.

Edited at 2025-01-08 16:57:56

Mason·Carter

Recent works View more works>>

CISSP Learning Mind Map

Mason·Carter

Recent works View more works>>

Recommended to you
Outline

Section 5 Quality Design Methods and Tools
- 16
- 1
PlotWizard
Section 4 Basic tools for quality non-data analysis
- 27
- 1
PlotWizard
Section 3 Basic Tools for Quality Data Analysis (Two Figures and One Table Pareto Chart, Cause and Effect Diagram, Countermeasure Table)
- 22
- 2
PlotWizard
Section 2 Basic methods and tools of quality management
- 29
- 1
PlotWizard
Section 1 Quality Management Methods and Tools
- 27
- 1
PlotWizard
Section 5 GB19004 structure, scope of application and relationship with GB19000 and 19001
- 26
PlotWizard
Section 4 The connotation and guidelines of the process method
- 28
PlotWizard
Quality Management System Requirements
- 55
- 1
PlotWizard

CISSP Learning Mind Map

Safety and risk management

Information Security Framework

ISO/IEC 27001 standard

Information security management system

Risk Assessment and Processing

NIST Framework

Protect critical infrastructure

Risk Management Process

Risk Assessment Methods

Qualitative Analysis

Risk Matrix

Impact and possibility assessment

Quantitative analysis

Statistical Methods

Financial impact analysis

Risk response strategy

Risk Avoidance

Project changes

Business process adjustment

Risk transfer

Insurance

Outsourcing

Risk acceptance

Risk retention

Risk tolerance assessment

Risk mitigation

Control measures implementation

Safety training and awareness enhancement

Asset security

Asset classification and control

Data classification

Sensitivity level

Compliance requirements

Physical Asset Protection

Access control

Monitoring system

Data ownership

Data lifecycle management

Data creation

Data storage

Data destruction

Data ownership model

Centralized management

Distributed management

Confidentiality of information and assets

Encryption technology

Symmetric encryption

Asymmetric encryption

Access control model

Role Basic Access Control (RBAC)

Attribute Basic Access Control (ABAC)

Safety Engineering

Security Models and Architecture

Safety Model Theory

Bell-LaPadula Model

Biba Model

Security architecture design

Hierarchical security model

Security domain division

Software Development Security

Safe Development Life Cycle (SDLC)

Requirements Analysis

design

Implementation

test

deploy

Code review and testing

Static code analysis

Dynamic code analysis

Encryption technology

Symmetric encryption algorithm

AES

DES

Asymmetric encryption algorithm

RSA

ECC

Hash function

SHA series

MD5

Communication and network security

Network architecture and design

Network topology

Star type

Ring type

Mesh

Network protocols and standards

TCP/IP

SSL/TLS

Cyber Attack and Defense

Attack Type

DDoS Attack

Man-in-the-middle attack

Defense measures

Firewall

Intrusion Detection System (IDS)

Wireless network security

Wireless protocols and standards

WEP

WPA/WPA2

Wireless network threats

Signal interference

Unauthorized access

Identity and access management

Identity management concept

Identity life cycle

Identity registration

Identity maintenance

Identity revocation

Authentication method

Knowledge verification

Holdings Verification

Biometric verification

Access control model

Role-based access control (RBAC)

Role assignment

Permission Management

Attribute-based access control (ABAC)

Attribute definition

Strategy Implementation

Identity Management Technology

Directory Services

LDAP

Active Directory

Single Sign-On (SSO)

OAuth

SAML

Safety assessment and testing

Safety Assessment Methods

Penetration testing

Manual testing

Automated testing

Vulnerability scanning

Network scanning

Apply scan

Safety testing tools

Open Source Tools

Nmap

Wireshark

Business Tools

Burp Suite

Metasploit

Evaluation report and communication

Report writing

Discovery and suggestions

risk assessment

Communication Strategy

Stakeholder meeting

Risk Mitigation Plan

Safe operation and maintenance

Physical and environmental security

Physical security measures

Access control system

Surveillance camera

Environmental Control

Temperature and humidity control

Power supply and backup

Operational safety

Change Management

Change the approval process

Change implementation monitoring

Backup and restore

Data backup strategy

Disaster recovery plan

Log management and monitoring

Log collection and analysis

System Log

Application log

Intrusion detection and prevention

Real-time monitoring

Incident Response

Software Development Security

Safety requirements and design

Requirements Engineering

Security requirements acquisition

Requirement verification and confirmation

Security architecture design

Safe Mode

Safety control integration

Safe coding practice

Enter verification

Data cleaning

Parameterized query

Error handling and logging

Exception management

Security logging

Software testing and quality assurance

Static and dynamic analysis

Code review

Dynamic analysis tools

Safety Testing

Fuzzy test

Penetration testing

Business Continuity Planning

Risk Assessment and Management

Business Impact Analysis (BIA)

Identification of key business processes

Recover priority sorting

Risk mitigation strategies

Risk transfer

Risk acceptance

Disaster Recovery Plan (DRP)

Backup Strategy

Data backup

System backup

Emergency response plan

Incident Response Team

Communication plan

Business Continuity Plan (BCP)

Recovery of critical business functions

Priority setting

Resource allocation

Testing and maintenance

Simulation drill

Plan updates

Legal, compliance and investigation

Legal and regulatory requirements

International Legal Framework

GDPR

CCPA

Industry-specific regulations

HIPAA

PCI DSS

Compliance procedures and audits

Compliance framework

ISO/IEC 27001

NIST

Internal and external audits

Compliance Check

Audit report

Information security incident management

Incident Response Plan

Event classification

Response Process

Investigation technology

Digital forensics

Log Analysis

Cryptography

Encryption principle

Symmetric encryption

How it works

Common algorithms

Asymmetric encryption

How it works

Common algorithms

Hash functions and digital signatures

Hash function

characteristic

application

Digital signature

effect

Implementation method

Public Key Infrastructure (PKI)

Certificate Management

Certificate Authority (CA)

Certificate life cycle

Key Management

Key generation

Key storage and backup

Security architecture and design

Security architecture principles

Minimum permission principle

Definition and application

Implementation strategies

Depth of defense

Multi-layer defense

Deep defense strategy

System security model

Reference monitoring model

System Components

Monitoring mechanism

Security domain division

Network isolation

Data isolation

Security Architecture Components

Firewall and Intrusion Prevention Systems (IPS)

Functions and functions

Deployment Policy

Virtual Private Network (VPN)

Encryption technology

Remote access security

Physical Security

Physical security policy

Security policies and procedures

Access control

Monitoring and recording

Physical security measures

Access control system

Surveillance camera

Environmental safety

Environmental Threats

Natural disasters

Artificial destruction

Environmental control measures

Temperature and humidity control

Power and UPS systems

Personnel safety

Personnel safety policy

Safety awareness training

Access control policy

Personnel safety measures

Background check

Resignation procedure