Course Description
Welcome to Certified Information Systems Security Professional (CISSP®): Sixth Edition. With your completion of the prerequisites and necessary years of experience, you are firmly grounded in the knowledge requirements of today’s security professional. Th
COURSE OBJECTIVES:In this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.
You will:
Analyze components of the Security and Risk Management domain.
Analyze components of the Asset Security domain.
Analyze components of the Security Architecture and Engineering domain.
Analyze components of the Communication and Network Security domain.
Analyze components of the Identity and Access Management domain.
Analyze components of the Security Assessment and Testing domain.
Analyze components of the Security Operations domain.
Analyze components of the Software Development Security domain
Agenda
Security and Risk Management
- Topic A: Security Concepts
- Topic B: Security Governance Principles
- Topic C: Compliance
- Topic D: Professional Ethics
- Topic E: Security Documentation
- Topic F: Risk Management
- Topic G: Threat Modeling
- Topic H: Risk Response
- Topic I: Business Continuity Plan Fundamentals
- Topic J: Acquisition Strategy and Practice
- Topic K: Personnel Security Policies
- Topic L: Security Awareness and Training
Asset Security
- Topic A: Asset Classification
- Topic B: Secure Data Handling
- Topic C: Resource Provisioning and Protection
- Topic D: Manage Data Lifecycle
- Topic E: Asset Retention
- Topic F: Data Security Control
Security Architecture and Engineering
- Topic A: Security in the Engineering Lifecycle
- Topic B: System Component Security
- Topic C: Security Models
- Topic D: Controls and Countermeasures in Enterprise Security
- Topic E: Information System Security Capabilities
- Topic F: Design and Architecture Vulnerability Mitigation
- Topic G: Vulnerability Mitigation in Emerging Technologies
- Topic H: Cryptography Concepts
- Topic I: Cryptography Techniques
- Topic J: Cryptanalytic Attacks
- Topic K: Site and Facility Design for Physical Security
- Topic L: Physical Security Implementation in Sites and Facilities
Communication and Network Security
- Topic A: Network Protocol Security
- Topic B: Network Components Security
- Topic C: Communication Channel Security
- Topic D: Network Attack Mitigation
Identity and Access Management
- Topic A: Physical and Logical Access Control
- Topic B: Identification and Authentication
- Topic C: Identity as a Service
- Topic D: Authorization Mechanisms
- Topic E: Access Control Attack Mitigation
Security Assessment and Testing
- Topic A: System Security Control Testing
- Topic B: Software Security Control Testing
- Topic C: Security Process Data Collection
- Topic D: Audits
Security Operations
- Topic A: Security Operations Concepts
- Topic B: Change Management
- Topic C: Physical Security
- Topic D: Personnel Security
- Topic E: Detective and Preventive Measures
- Topic F: Patch and Vulnerability Management
- Topic G: Logging and Monitoring
- Topic H: Incident Response
- Topic I: Investigations
- Topic J: Disaster Recovery Planning
- Topic K: Disaster Recovery Strategies
- Topic L: Disaster Recovery Implementation
Software Development Security
- Topic A: Security Principles in the System Lifecycle
- Topic B: Security Principles in the Software Development Lifecycle
- Topic C: Security Controls in the Development Environment
- Topic D: Database Security in Software Development
- Topic E: Software Security Effectiveness Assessment
Audience
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience.