CISSP Prep Course Training Class

1. Access Control Systems and Methodologies

• Access control concepts, methodologies, and implementation


• Access controls: detective, corrective, and preventative


• Access control techniques in centralized and decentralized environments


• Access control risks, vulnerabilities, and exposures

2. Security Architecture and Models

• Secure operating system principles, concepts, mechanisms, controls, and
  standards


• Secure architecture design, modeling, and protection


• Security models: confidentiality, integrity, and information flow


• Government and commercial security requirements


• Common criteria, ITSEC, TCSEC, IETF, IPSEC


• Technical platforms


• System security preventative, detective, and corrective measures

3. Disaster Recovery and Business Continuity Planning

• Business continuity planning, business impact analysis, recovery strategies,
  recovery plan development, and implementation


• Disaster recovery planning, implementation, and restoration


• Compare and contrast disaster recovery and business continuity

4. Security Management Practices

• Organizational security roles


• Identification of information assets


• Security management planning


• Security policy development; use of guidelines, standards, and procedures


• Security awareness training


• Data classification and marking


• Employment agreements and practices


• Risk management tools and techniques

5. Law, Investigation, and Ethics

• Computer crime detection methods


• Applicable computer crime, security, and privacy laws


• Evidence gathering and preservation methods


• Computer crime investigation methods and techniques


• Civil, criminal, and investigative law


• Intellectual property law


• ISC2 and IAB ethics application

6. Physical Security

• Prevention, detection, and correction of physical hazards


• Secure site design, configuration, and selection elements


• Access control and protection methods for facility, information, equipment,
  and personnel

7. Operations Security

• Resource protection mechanisms and techniques


• Operation security principles, techniques, and mechanisms; principles of good
  practice and limitation of abuses


• Operations security preventative, detective, and corrective measures


• Information attacks


• Access Control Subversion

8. Cryptography

• Cryptographic concepts, methods, and practices


• Construction of algorithms


• Attacks on cryptosystems


• Ancient cryptography and modern methods


• Public and private key algorithms and uses


• Key distribution and key management


• Digital signature construction and use


• Methods of attack, strength of function

9. Telecommunications and Network Security

• Overview of communications and network security


• Voice communications, data communications, local area, wide area, and remote
  access


• Internet/Intranet/Extranet, firewalls, routers, and network protocols


• Telecommunication and network security preventative, detective, and corrective
  measures

10. Application and System Development

• System development process and security controls


• System development life cycle, change controls, application controls, and
  system and application integrity


• Database structure, concepts, design techniques, and security implications


• Object oriented programming


• Data warehousing and data mining

11. Review and Q&A Session

• Review concepts introduced in previous sessions


• Answer specific questions or concerns regarding CISSP preparation material

12. Testing-Taking Tips and Study Techniques

• Tips for additional preparation for the CISSP exam


• Additional resources


• Techniques for scoring well on the exam

CISSP certification is beneficial to IT consultants, managers, security
policy writers, privacy