CISSP Certification Preparation Training Course

CISSP Certification Preparation Training Course Course Overview

If you are ready to take your security career to the next level, our Certified Information Systems Security Professional (CISSP) exam preparation course will help get you there. Get instruction from our experts with real-world experience as you cover all the material you need to be fully prepared for the (ISC)2 CISSP exam. Delegates will receive a copy of the CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide (Seventh Edition).

Skills Gained

At the end of this course delegates will be able to; In-depth coverage of the eight domains required to pass the CISSP exam: Security and Risk Management Asset Security Security Engineering and Cryptography Communication and Network Security Identity and Access Management Security Assessment and Testing Security Operations Security in the Software Development Lifecycle

Who will the Course Benefit?

IT consultants, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, security engineers, and other security professionals whose positions require CISSP certification.

Requirements

• You must have a minimum of five years of direct full-time security work experience in two or more of these 8 domains of the (ISC)² CISSP CBK:

• Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)

• Asset Security (Protecting Security of Assets)

• Security Engineering (Engineering and Management of Security)

• Communication and Network Security (Designing and Protecting Network Security)

• Identity and Access Management (Controlling Access and Managing Identity)

• Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

• Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery)

• Software Development Security (Understanding, Applying, and Enforcing Software Security)

NOTE: Course technical content is subject to change without notice.

---

Course Contents

Test-Taking Tips and Study TechniquesPreparation for the CISSP ExamSubmitting Required PaperworkResources and Study AidsPassing the Exam the First TimeSecurity and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)Confidentiality, integrity, and availability conceptsSecurity governance principlesComplianceLegal and regulatory issuesProfessional ethicSecurity policies, standards, procedures and guidelinesAsset Security (Protecting Security of Assets)Information and asset classificationOwnership (e.g. data owners, system owners)Protect privacyAppropriate retentionData security controlsHandling requirements (e.g. markings, labels, storage)Security Engineering (Engineering and Management of Security)Engineering processes using secure design principlesSecurity models fundamental conceptsSecurity evaluation modelsSecurity capabilities of information systemsSecurity architectures, designs, and solution elements vulnerabilitiesWeb-based systems vulnerabilitiesMobile systems vulnerabilitiesEmbedded devices and cyber-physical systems vulnerabilitiesCryptographySite and facility design secure principlesPhysical securityCommunication and Network Security (Designing and Protecting Network Security)Secure network architecture design (e.g. IP & non-IP protocols, segmentation)Secure network componentsSecure communication channelsNetwork attacksIdentity and Access Management (Controlling Access and Managing Identity)Physical and logical assets controlIdentification and authentication of people and devicesIdentity as a service (e.g. cloud identity)Third-party identity services (e.g. on-premise)Access control attacksIdentity and access provisioning lifecycle (e.g. provisioning review)Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)Assessment and test strategiesSecurity process data (e.g. management and operational controls)Security control testingTest outputs (e.g. automated, manual)Security architectures vulnerabilitiesSecurity Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery)Investigations support and requirementsLogging and monitoring activitiesProvisioning of resourcesFoundational security operations conceptsResource protection techniquesIncident managementPreventative measuresPatch and vulnerability managementChange management processesRecovery strategiesDisaster recovery processes and plansBusiness continuity planning and exercisesPhysical securityPersonnel safety concernsSoftware Development Security (Understanding, Applying, and Enforcing Software Security)Security in the software development lifecycleDevelopment environment security controlsSoftware security effectivenessAcquired software security impactReview and Q&A SessionFinal Review and Test Prep