This course runs for a duration of 5 Days.
The class will run daily from 8:30am EST to 4:30pm EST.
Class Location: Atlanta - Atlanta, GA.
This course is the most comprehensive review of information security concepts and industry best practices, and covers the eight domains of the official CISSP CBK (Common Body of Knowledge). You will gain knowledge in information security that will increase your ability to successfully implement and manage security programs in any organization or government entity.
This five-day program is comprised of a total of eight domains and includes:
This five-day program is comprised of a total of eight domains and includes:
Official (ISC)2 Guide to the CISSP Common Body of Knowledge® (CBK) (electronic format)
Official (ISC)2 CISSP Training Handbook
Official (ISC)2 CISSP Flash Cards
CISSP Practice Test Questions
This course covers the eight domains required to pass the CISSP exam in depth:
Security and Risk Management
Asset Security
Security Engineering
Communications and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security
Audience
Part 1: Access Control
Introduction to Access Control
Access Control Key Concepts, Methodologies, and Techniques
System Logging and Monitoring
Access Control Attacks and Threats
Access Control Effectiveness
Identify and Access Provisioning Lifecycle
Part 2: Telecommunications and Network Security
Introduction to Telecommunications and Network Security
Network Models and System Architecture
The Network and IT Security
Understanding the Attack
Tools and Tasks in Network Security
Layer 1: Physical Layer
Layer 2: Data-link Layer
Layer 3: Network Layer
Layer 4: Transport Layer
Layer 5: Session Layer
Layer 6: Presentation Layer
Layer 7: Application Layer
Part 3: Information Security Governance and Risk Management
Introduction to Information Security Governance and Risk Management
Information Security Governance
The Risk Management Process
Ethical Considerations in Information Security
Part 4: Software development Security
System Life Cycle Security
Systems Development Methodologies
Security Issues with Programming Languages
Assessing the Effectiveness of Software Security
Security Controls
Database Security
Application and Database Security Issues
Part 5: Cryptography
Key Concepts and Common Terminology Used in Cryptography
Historical Aspect of Cryptography
Uses of Cryptography
The Cryptographic Life Cycle
Methods of Cryptography
The Different Encryption Systems
Algorithm Concepts
Methods of Cryptanalytic Attacks
Maintaining Network Security
Maintaining Application Security
Information Hiding Alternatives
Part 6: Security Architecture and Design
Key Concepts and Definitions
Types of Security Models
Components of an Architecture
Basic Principles of System Design
Evaluation Models of Information Systems
Common Security Frameworks
Vulnerabilities and Threats
Part 7: Security Architecture and Design
Key Concepts and Definitions
Types of Security Models
Components of an Architecture
Basic Principles of System Design
Evaluation Models of Information Systems
Common Security Frameworks
Vulnerabilities and Threats
Part 8: Security Operations
Security Concepts and Activities
Protection of Resources
Preventive Measures
Change Management and Configuration Management
System Resilience and Fault Tolerance Requirements
Part 9: Business Continuity and Disaster Recovery Planning
Processes Required for Planning the Project
Defining the Organization
Plan Implementation
Part 10: Legal, regulations, Investigations, and Compliance
The Major Legal Systems in Information Security
International Law in Information Security
Supporting the Investigation
The Forensic Investigation
Hardware/Embedded Device Analysis
Compliance Processes and Procedures
Ensure Security in Contractual Agreements and Procurement Processes
Part 11: Physical (Environmental) Security
Definitions and Key Concepts
Site and Facility Design Considerations
Implementation and Operation of Perimeter Security
Implementation and Operation of Internal Security
Implementation and Operation of Facilities Security
Equipment Protection
Personnel Privacy and Safety
The CISSP certification course is for students who have at least four years of recent full-time security professional work experience in two or more of the ten domains of the (ISC)² Certified Information System Security Professional® (CISSP) Common Body of Knowledge® (CBK). The CISSP CBK defines the work experience in architecture, design, management, risk, and controls that assure the security of a business environment.