Objective
At the end of the program, the participants will be able to:
- Identify and correctly answer the five types of CISSP hard questions
- Techniques for committing key facts and figures to memory for test preparation
- Critical test-taking tips and study techniques for the CISSP exam
- Proven techniques for scoring well on the CISSP exam
- Key aspects of Security Policy development and Security Management Practices
Target Audience
The CISSP Program is beneficial to Security Consultants, Security Analysts, Security Managers, Security Systems Engineers, IT Directors/Managers, Chief Information Security Officers, Security Auditors, Directors of Security, Security Architects, and Network Architects.
Requirement
Participants are required to have a minimum of five years of cumulative paid full-time work experience in two or more of the eight domains:
- Security and Risk Management
- Asset Security
- Security Engineering
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security
- Communications and Network Security
Outline Course
Day 1: Introduction and Security and Risk Management
- Overview of CISSP and Certification Process
- Introduction to Security and Risk Management
- Security Governance Principles
- Compliance
- Legal and Regulatory Issues
- Professional Ethics
- Security Policies, Standards, Procedures, and Guidelines
Day 2: Asset Security and Security Engineering
- Asset Security
- Information and Asset Classification
- Ownership
- Privacy Protection
- Retention
- Data Security Controls
- Security Engineering
- Engineering Processes Using Secure Design Principles
- Security Models Fundamental Concepts
- Security Evaluation Models
- Security Capabilities of Information Systems
Day 3: Communications and Network Security and Identity and Access Management
- Communications and Network Security
- Secure Network Architecture and Design
- Secure Network Components
- Secure Communication Channels
- Network Attacks
- Identity and Access Management
- Physical and Logical Access to Assets
- Identification and Authentication of People and Devices
- Identity Management Implementation
- Authorization Mechanisms
Day 4: Security Assessment and Testing and Security Operations
- Security Assessment and Testing
- Assessment and Test Strategies
- Security Control Testing
- Collect Security Process Data
- Analysis and Report Findings
- Security Operations
- Investigations Support and Requirements
- Logging and Monitoring Activities
- Provisioning of Resources
- Foundational Security Operations Concepts
- Resource Protection Techniques
Day 5: Software Development Security and Review
- Software Development Security
- Security in the Software Development Lifecycle
- Development Environment Security Controls
- Software Security Effectiveness
- Acquired Software Security Impact