Objective
At the end of the program, the participants will be able to:

  1. Identify and correctly answer the five types of CISSP hard questions
  2. Techniques for committing key facts and figures to memory for test preparation
  3. Critical test-taking tips and study techniques for the CISSP exam
  4. Proven techniques for scoring well on the CISSP exam
  5. Key aspects of Security Policy development and Security Management Practices

Target Audience
The CISSP Program is beneficial to Security Consultants, Security Analysts, Security Managers, Security Systems Engineers, IT Directors/Managers, Chief Information Security Officers, Security Auditors, Directors of Security, Security Architects, and Network Architects.

Requirement
Participants are required to have a minimum of five years of cumulative paid full-time work experience in two or more of the eight domains:

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
  • Communications and Network Security

Outline Course

Day 1: Introduction and Security and Risk Management

  • Overview of CISSP and Certification Process
  • Introduction to Security and Risk Management
    • Security Governance Principles
    • Compliance
    • Legal and Regulatory Issues
    • Professional Ethics
    • Security Policies, Standards, Procedures, and Guidelines

Day 2: Asset Security and Security Engineering

  • Asset Security
    • Information and Asset Classification
    • Ownership
    • Privacy Protection
    • Retention
    • Data Security Controls
  • Security Engineering
    • Engineering Processes Using Secure Design Principles
    • Security Models Fundamental Concepts
    • Security Evaluation Models
    • Security Capabilities of Information Systems

Day 3: Communications and Network Security and Identity and Access Management

  • Communications and Network Security
    • Secure Network Architecture and Design
    • Secure Network Components
    • Secure Communication Channels
    • Network Attacks
  • Identity and Access Management
    • Physical and Logical Access to Assets
    • Identification and Authentication of People and Devices
    • Identity Management Implementation
    • Authorization Mechanisms

Day 4: Security Assessment and Testing and Security Operations

  • Security Assessment and Testing
    • Assessment and Test Strategies
    • Security Control Testing
    • Collect Security Process Data
    • Analysis and Report Findings
  • Security Operations
    • Investigations Support and Requirements
    • Logging and Monitoring Activities
    • Provisioning of Resources
    • Foundational Security Operations Concepts
    • Resource Protection Techniques

Day 5: Software Development Security and Review

  • Software Development Security
    • Security in the Software Development Lifecycle
    • Development Environment Security Controls
    • Software Security Effectiveness
    • Acquired Software Security Impact

[yikes-mailchimp form=”2″]

× Apa yang bisa kami bantu?