Attend this official (ISC)2® CISSP certification course and get prepared to pass the exam and become a CISSP. You will gain the
foundational knowledge to fully prepare for the exam, including a comprehensive understanding of the CISSP® CBK® 8 domains. Your
course tuition includes the current Official (ISC)2® Guide to the CISSP® CBK®, and a voucher that allows you to take the exam at any
Pearson VUE Test Center.
- Earn CISSP certification — exam voucher included with course tuition
- Official (ISC)2® course materials with a preferred (ISC)2® training partner
- Access to hundreds of exam prep questions
- Official (ISC)2® Guide to the CISSP® CBK® included with tuition
- After-course instructor coaching benefit included
Skills Gained
- Strategically focus your preparation for CISSP Certification
- Protect resources using access control methods and cryptography
- Plan a secure environment aligned with organizational objectives, compliance requirements, and industry-standard architectures
- Develop operational security and continuity through preventive and recovery mechanisms
Prerequisites
CISSP candidates must meet specific requirements, as established by (ISC)2 — see:https://www.isc2.org/cissp/default.aspx
Those without the required experience can take the exam to become an Associate of (ISC)² while working toward the experience needed for full certification.
Important CISSP Certification Course Outline
Security and Risk Management
Aligning security and risk to organizational objectives
- Evaluate and apply security governance principles
- Implement policies, standards and procedures
- Applying compliance
Applying risk management concepts
- Assessing threats and vulnerabilities
- Performing risk analysis and control
- Defining qualitative and quantitative analysis
Preserving the business
- Adhering to Business Continuity Management Code of Practice and Specifications
- Performing a business impact analysis
Investigating legal measures and techniques
- Reviewing intellectual property, liability and law, and compliance
- Differentiating traditional computer crime
- Establish information and asset handling requirements
Asset Security
Examining security models and frameworks
- The Information Security Triad and multi-level models
- Investigating industry standards: ISO 27001/27002
- Evaluating security model fundamental concepts
Exploring system and component security concepts
- Certification and accreditation criteria and models
- Reviewing mobile system/cloud/IoT vulnerabilities
Protecting information by applying cryptography
- Detailing symmetric and asymmetric encryption systems
- Ensuring message integrity through hashing
- Uncovering threats to cryptographic systems
Safeguarding physical resources
- Designing environments to resist hostile acts and threats
Communication and Network Security
Defining a secure network architecture
- TCP/IP and other protocol models
- Protecting from network attacks
- Reviewing secure network components and communication channels
Examining secure networks and components
- Identifying wired and wireless technologies
- Implementing firewalls, secure communications, proxies, and tunnels
Identity and Access Management (IAM)
Controlling access to protect assets
- Defining administrative, technical and physical controls
- Implementing centralized and decentralized approaches
- Investigating biometric and multi-factor authentication
- Identifying common threats
- Manage the identity and access provisioning lifecyle
Security Assessment and Testing
Designing and conducting security assessment strategies
- Leveraging the role of testing and auditing to analyze the effectiveness of security controls
- Differentiating detection and protection systems
Conducting logging and monitoring activities
- Distinguishing between the roles of internal and external audits
- Conduct or facilitate security audits
Security Operations
Maintaining operational resilience
- Managing security services effectively
- Leveraging and supporting investigations and incident response
- Differentiating detection and protection systems
- Securely provisioning resources
Developing a recovery strategy
- Designing a disaster recovery plan
- Implementing test and maintenance processes
- Provisioning of resources
Software Development Security
Securing the software development life cycle
- Applying software development methods and security controls
- Addressing database security concepts and issues
- Define and apply secure coding guidelines and standards
- Reviewing software security effectiveness and security impact