CISSP Training

Course #:TP2527

CISSP Training

This course can be done in 4 or 5 days (the difference being the experience level of students). And covers the latest (2015) objectives (the new 8 domains).  IT fully covers all the items needed to take and pass the CISSP test.


5 Days

Outline of CISSP Training

1. Security and Risk Management

  • CIA Triad (Confidentiality, Integrity, Availability)
  • Compliance
  • Computer Crime and related regulations
  • Ethics
  • Risk Assessments
  • Business Continuity
  • Threat Modelling
  • Risk Assessment
  • BIA

2. Asset Security

  • Data Classification
  • File Permission Terminology and Concepts
  • Protect Data at Rest and Data in Transit
  • Access Control Methodologies
  • Type I, II, III
  • Biometrics
  • Administer Permissions in various environments
  • Attacks such as Permission Escalation and Effective Permissions

3. Security Engineering

  • Secure Design Principles
  • Cryptography advantages, weaknesses and attacks
  • DRM (Digital Rights Management)
  • Non-Repudiation
  • Site Security and Design
  • Heating and Cooling advantages and weaknesses

4. Communications and Network Security

  • Network Infrastructure Concepts
  • OSI Model
  • Wireless Security Models
  • Securely Configuring Network Hardware
  • Secure Communications
  • Network Attacks and Mitigation

5. Identity and Access Management

  • Access Control: Physical and Logical
  • Access Control Methodologies
  • User Identification and Administration
  • Authentication
  • CHAP, Kerberos, Sesame, etc.

6. Security Assessment and Testing

  • Vulnerability Assessment and Penetration Testing
  • Log Management
  • Internal and 3rd Party Auditing
  • Simulating attack scenarios
  • User Training and Awareness

7. Security Operations

  • Chain of Custody
  • Documentation
  • Requirements for Investigations
  • Intrusion Detection/Prevention
  • Exfiltration
  • Disaster Recovery
  • Incident Management
  • Business Continuity

8. Software Development Security

  • Secure Development Methodologies
  • Use of the SDLC, and security throughout the process
  • Attacks such as Buffer Overflow and hard-coded Backdoors
  • Auditing development practices
  • Assess Acquired Software
We regularly offer classes in these and other cities. Atlanta, Austin, Baltimore, Calgary, Chicago, Cleveland, Dallas, Denver, Detroit, Houston, Jacksonville, Miami, Montreal, New York City, Orlando, Ottawa, Philadelphia, Phoenix, Pittsburgh, Seattle, Toronto, Vancouver, Washington DC.