Certified Information System Security Professional (CISSP) CBK Review
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets a CISSP apart. The credential demonstrates a globally recognized level of competence provided by the (ISC)2® CBK®, which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more.
This course helps you review the 10 domains of the information security practices. It also serves as a strong learning tool for mastering concepts and topics related to all aspects of information systems security.
-
COURSE OBJECTIVES
By the end of the course, you will be able to:
- To prepare for a CISSP examination
- Understand Security and Risk Management
- Understand Asset Security
- Understand Security Architecture and Engineering
- Understand Communication and Network Security
- Understand Identity and Access Management (IAM)
- Understand Security Assessment and Testing
- Understand Security Operations
- Understand Software Development Security
-
COURSE AUDIENCE
This course is made for :
- IT or Systems Security Managers
- Project Managers
- Systems or Network Engineers
- Systems Analyst or Auditor
- Systems or Network Consultant
- Senior Systems or Database Administrators or Programmers
- Anyone who wishes to refresh and broaden their knowledge in all 8 CISSP® CBK® domains to study for the CISSP® exam
-
COURSE OUTLINE
Day One
Access Control
- Security architecture that protects the assets of your systems:
- Concepts, methodologies and techniques
- Effectiveness
- Attacks
Telecommunications & Network Security
- Network architecture and design
- Communication channels
- Network components
- Network attacks
Day Two
Information Security Governance & Risk Management
- Security governance and policy
- Information classification and ownership
- Contractual agreements and procurement processes
- Risk management concepts
- Personnel security
- Security education, training and awareness
- Certification and accreditation
Software Development Security
- Systems Development Life Cycle (SDLC)
- Application environment and security controls
- Effectiveness of application security
Day Three
Cryptography
- Encryption concepts
- Digital signatures
- Cryptanalytic attacks
- Public Key Infrastructure (PKI)
- Information hiding alternatives
Security Architecture & Design
- Fundamental concepts of security models
- Capabilities of information systems (e.g. memory protection, virtualization)
- Countermeasure principles
- Vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)
Day Four
Security Operations
- Resource protection
- Incident response
- Attack prevention and response
- Patch and vulnerability management
Business Continuity & Disaster Recovery Planning
- Business impact analysis
- Recovery strategy
- Disaster recovery process
- Provide training
Day Five
Legal, Regulations, Investigations and Compliance
- Legal issues
- Investigations
- Forensic procedures
- Compliance requirements/procedures
Physical Security
- Site / facility design considerations
- Perimeter security
- Internal security
- Facilities security