If You’re Studying For The CISSP, Watch These Movies

February 24, 2017

 

I knew if I wanted to pass the CISSP the first time, I’d need to eat, sleep, dream, breathe the CISSP.

 

Studying for the CISSP became a strong part of my everyday thinking.  I’d wake up thinking about DRP/BCP, and I’d go to sleep thinking about Mandatory Access Control.

 

When spending some quality time with my wife watching movies, I’d start to notice helpful CISSP concepts in some movies.

 

“Hey, I’m studying that for the CISSP!” I’d say.

 

Here’s a list of movies (and some TV shows) that incorporate aspects of the CISSP, and helps you relate to some practical use of concepts.

 

If you have any suggestion, let me know and I’ll update the list! 

 

Security and Risk Management

Breach – Robert Hanssen worked for the FBI and was a double agent for Soviet and Russian Intelligence.  Hanssen had a high security clearance, and had need-to-know access to a treasure of highly classified files.  At one point, he was put in charge of the very team that was supposed to track down the agency’s mole (which was him all along).  He was the ultimate insider threat.

 

Apollo 13 – DRP/BCP procedures when facing malfunctions aboard a space shuttle.  

 

Interstellar – The importance of not just DRP (resolving the immediate disaster), but also insuring and practing BCP (the long-term approach of keeping the business alive, or in the case of the movie, the human race)

 

The People v. O. J. Simpson: American Crime Story (TV Show) – The importance of proper chain of custody 

 

The Sopranos (TV Show) – A mafia crime family exemplifies the importance of proper security governance, insider threats, and malicious threats to the organization.

 

Asset Security

Hackers – Great film that incorporates aspects of social engineering, shoulder surfing, dumpster diving, phone tapping….and hacking. 

 

WarGames – A great movie that uses the wardialing process to find vulnerable modems

 

Security Engineering

The Imitation Game – A great movie centered around the art of decrypting the German Enigma machine.  It also talks about the father of modern computing Alan Turing, as well as the cryptography concepts of known-plaintext attack.

 

A Beautiful Mind – Another movie with elements of cryptography, namely frequency analysis

 

The Numbers Station – A remote code station in England uses One-Time Pads in order to relay messages between spies and headquarters.

 

U-571 – The story of American sailors who board a German U-Boat in order steal an Enigma cipher machine. 
 

 

Communication and Network Security

White House Down – Hacker helps terrorists take over the White House and nuclear missiles

 

Mr. Robot (TV Show) – Probably one of the most accurate representations of network security in the real world as translated to media.  It also deals with social engineering and physical security.

 

I.T. – An obsessed IT worker stalks his boss and takes over the devices in his house, deals with IoT.

 

Firewall – Use of firewall access lists and bypassing data center security (but not really).

 

The Net - Has social engineering and some good 80s computer hacking scenes.  Probably about 40% based in reality.  

 

Sneakers - Encryption.  General hacking.  Social engineering.  And Robert Redford demonstrates an easy way to defeat an electronic keypad.  

 

Snowden - Encryption.  IPSec VPNs.  Information security espionage.  

 

Swordfish - A former black hat hacker is blackmailed into creating a worm in order to compromise a bank's security.  

 

Identity and Access Management

GoldenEye (or any James Bond movie) – Deals a lot with biometric authentication or voice authentication 

 

Mission Impossible 3 (or any Mission Impossible movie) – Deals with palm, facial, retina, masquerading, DNA authentication and identity confirmation. 

 

Security Assessment and Testing

The Matrix Reloaded – The Architect’s explanation of an anomaly in the Matrix programming which created Neo.  The Matrix code wasn’t tested thoroughly, hence the creation of multiple Neos.

 

Security Operations

Crimson Tide – Shows the use of dual-control

 

The Sum of All Fears – Shows the use of dual-control

 

Software Development Security

Superman 3 – Richard Pryor embezzles money from his company by performing a salami attack

 

Office Space  – Also deals with a salami attack

 

The Matrix – A great movie to relate to the software development security domain as it deals with coding, worms, viruses, buffer overflow, artificial intelligence and software bugs.

 

If you see a movie that could be added to this list, comment below !

Share on Facebook
Share on Twitter
Please reload

STUDY RESOURCES
MEMBERSHIP
  • 231+ CISSP VIDEOS
  • 650+ PRACTICE QUESTIONS
  • PDF NOTES
  • 1,200 FLASHCARDS
  • TELEGRAM GROUP
  • EMAIL UPDATES
  • $29.99 per month
  • $74.99 3-months
  • $144.99 6-months
CRACK THE EXAM

How Zaid Cracked His CISSP Exam

May 22, 2020

1/26
Please reload

LEARN ABOUT

© 2013 Study Notes and Theory
Terms and Conditions/Privacy Policy

Proudly created to make you

a better security professional.