CISSP (Certified Information Systems Security Professional)

Welcome to Certified Information Systems Security Professional (CISSP). With your completion of the prerequisites and necessary years of experience, you are firmly grounded in the knowledge requirements of today’s security professional. This course will expand upon your knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK) for information systems security professionals. The course will help to prepare you for the exam through the discussion of the how & why of the exam questions and is designed as a test prep course

Retail Price: $3,195.00

Next Date: 08/19/2019

Course Days: 5


Enroll in Next Date

Request Custom Course


AUDIENCE

Students pursuing CISSP training want to establish themselves as credible computer security professionals through a study of all 8 CISSP Common Body of Knowledge domains. Validating this knowledge is the goal of certification; therefore, students attending this training should also meet the requirements needed to sit for the CISSP certification exam. These include five years of direct professional work experience in one or more fields related to 8 CBK security domains, or a college degree and four years of experience. Check with (ISC)2 for the most up-to-date requirements. New certifications have emerged and will continue to emerge from (ISC)2, which may cause changes to base requirements.



PREREQUISITES

Students should have certifications in A+, Network+, or Security+, or possess equivalent professional experience. Students may have one or more of the following certifications or equivalent experience: MCSE, SCNP, CCNP, RHCE, LCE, CNE, SSCP, SANS, or GIAC.


Course Outline

1. Access Control

  • Security Principles and the Principle of Least
  • Privilege
  • Confidentiality
  • Integrity
  • Availability
  • Identification, Authentication, Authorization, Access, and Accounting
  • Authentication Techniques and Standards
  • Access Control Models
  • Access Control Methods and Implementations
  • Access Control Accounting and Auditing

2. Information Security Governance and Risk Management

  • Fundamental Principles of Security
  • Confidentiality
  • Integrity
  • Availability
  • Balancing the Security Principles
  • Security vs. Usability vs. Cost
  • Security Definitions
  • Types of Security Controls
  • Security Frameworks
  • ISO/IEC 27001
  • COSO
  • COBIT
  • Process Management
  • Security Management
  • Risk Management
  • Risk Assessment and Analysis
  • Asset Classification
  • Data Classification
  • Risk Mitigation Strategies
  • Policies
  • Standards
  • Guidelines
  • Baselines
  • Procedures
  • Executive Leadership in Risk Management
  • Implementing Governance and Compliance Strategies

3. Security Architecture and Design

  • Computer System Architecture
  • Operating System Security Architecture
  • Application Security Architecture
  • System Security Models
  • Security Architecture Evaluation and Certification
  • Trusted Computer System Evaluation Criteria (TCSEC, or Orange Book)
  • Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408)
  • System Testing and Certification

4. Business Continuity and Disaster Recovery Planning

  • Standards and Best Practices
  • Planning for Incidents
  • The Business Continuity Process
  • Implementing A Disaster Recovery Plan

5. Cryptography

  • Overview of Cryptography
  • The History of Cryptography (Without Math)
  • The Use of Cryptography (With Math)
  • Symmetric Key (Shared Secret Key) Cryptography
  • Diffie-Hellman Key Agreement
  • Asymmetric Key (Public – Private Key) Cryptography
  • Digital Signature (Hash) Cryptography
  • Implementing All Types of Cryptography in Cryptosystems
  • Public Key Infrastructure (PKI) and Certificates
  • Encrypted VPN Tunnels
  • Digitally Signed Documents and Email
  • Encrypting Data At Rest and In Transit

6. Legal, Regulations, Investigations and Compliance

  • The Complexity of Cybercrime
  • Regions
  • Laws
  • Law Enforcement
  • Privacy Laws
  • Intellectual Privacy Laws
  • Eavesdropping and Workplace Spying Laws
  • Legal Liability and Security Compliance
  • Conducting a Security Investigation
  • Ethics of Information Security

7. Operations Security (formerly Security Operations)

  • The Role of Operations in Information Security
  • Personnel Management and Administration
  • Planning System Security
  • Implementing and Maintaining System Security
  • Applying Controls
  • System Hardening
  • Trusted Recovery
  • Configuration Management
  • Change Control Process
  • Change Control Documentation
  • Change Control Compliance and Auditing
  • Vulnerability Assessment
  • Continuous Security Lifecycle

8. Physical (Environmental) Security

  • The Importance of Physical Security in Information Security
  • Planning Physical Security
  • Identifying and Protecting Assets
  • Internal Physical Security Threats and Controls
  • Perimeter Physical Security Threats and Controls
  • External Physical Security Threats and Controls

9. Software Development Security

  • Security as a Part of Software Development
  • System Development Lifecycle
  • Secure Software Development Lifecycle
  • Software Development Models
  • Change Control and Update Management
  • Cloud Computing
  • Web and Mobile Applications
  • Database Management and Security
  • Malicious Software
  • Viruses
  • Trojan Horses
  • Worms
  • Rootkits
  • Backdoors

10. Telecommunications and Network Security

  • The Open Systems Interconnect Model
  • TCP/IP Security
  • IPv4 Security and Threats
  • IPv6 Security and Threats
  • Network Cabling Types and Security
  • Considerations
  • Network Devices
  • Hubs
  • Switches
  • Routers
  • Bridges
  • Gateways
  • Security Network Devices
  • Firewalls and Content Filters
  • Proxy Servers
  • Intrusion Detection Systems
  • Intrusion Prevention Systems
  • Firewalls
  • WAN Security
  • Dial-Up Network Security
  • Virtual Private Network (VPN) Security
  • Internet Protocol Security (IPsec)

 

Course Dates Course Times (EST) Delivery Mode GTR
8/19/2019 - 8/23/2019 11:00 AM - 7:00 PM Virtual Enroll
11/18/2019 - 11/22/2019 10:00 AM - 6:00 PM Virtual Enroll