CISSP-Certified Information Systems Security Professional

COURSE OVERVIEW

This course is the most comprehensive review of information security concepts and industry best practices and focuses on the eight domains of the CISSP CBK (Common Body of Knowledge) that are covered in the CISSP exam. You will gain knowledge in information security that will increase your ability to successfully implement and manage security programs in any organization or government entity.

Quote a Price

WHAT YOU’LL LEARN

This course provides in-depth coverage of the eight domains required to pass the CISSP exam:

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communications and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security

Certified Information Systems Security Professional Course Outline

The following subjects will be taught during this five-day CISSP course:

Security and Risk Management:

  • Confidentiality, Integrity, and Availability Concepts
  • Security Governance Principles
  • Compliance
  • Legal and Regulatory Issues
  • Professional Ethics
  • Security Policies, Standards, Procedures, and Guidelines

Asset Security:

  • Information and Asset Classification
  • Ownership
  • Protect Privacy
  • Appropriate Retention
  • Data Security Controls
  • Handling Requirements

Security Architecture and Engineering:

  • Engineering Processes using Secure Design Principles
  • Security Models Fundamental Concepts
  • Security Evaluation Models
  • Security Capabilities of Information Systems
  • Security Architectures, Designs, and Solution Elements Vulnerabilities
  • Web-based Systems Vulnerabilities
  • Mobile Systems Vulnerabilities
  • Embedded Devices and Cyber-Physical Systems Vulnerabilities
  • Cryptography
  • The site and Facility Design Secure Principles
  • Physical Security

Communication and Network Security:

  • Secure Network Architecture Design
  • Secure Network Components
  • Secure Communication Channels
  • Network Attacks

Identity and Access Management (IAM):

  • Physical and Logical Assets Control
  • Identification and Authentication of People and Devices
  • Identity as a Service
  • Third-party Identity Services
  • Access Control Attacks
  • Identity and Access Provisioning Lifecycle

Security Assessment and Testing:

  • Assessment and Test Strategies
  • Security Process Data
  • Security Control Testing
  • Test Outputs
  • Security Architectures Vulnerabilities

Security Operations:

  • Investigations Support and Requirements
  • Logging and Monitoring Activities
  • Provisioning of Resources
  • Foundational Security Operations Concepts
  • Resource Protection Techniques
  • Incident Management
  • Preventative Measures
  • Patch and Vulnerability Management
  • Change Management Processes
  • Recovery Strategies
  • Disaster Recovery Processes and Plans
  • Business Continuity Planning and Exercises
  • Physical Security
  • Personnel Safety Concerns

Software Development Security:

  • Security in the Software Development Lifecycle
  • Development Environment Security Controls
  • Software Security Effectiveness
  • Acquired Software Security Impact

Course Highlights

  • Software Development Security
  • Security Assessment and Testing
  • Security and Risk Management

Get Quote