Course Catalog  > Security
TP3421

CISSP Training and Certification Exam Preparation Training

This official (ISC)2® CISSP certification course prepares attendees to pass the exam and become a CISSP. Attendees learn the foundational knowledge to fully prepare for the exam.

Request Information
Request On-Site or Customized Course Info
Course Details

Duration

5 days

Prerequisites

CISSP candidates must meet specific requirements, as established by (ISC)2; see https://www.isc2.org/cissp/default.aspx. Those without the required experience can take the exam to become an Associate of (ISC)2 while working toward the experience needed for full certification.

Skills Gained

  • Strategically focus your preparation for CISSP Certification
  • Protect resources using access control methods and cryptography
  • Plan a secure environment aligned with organizational objectives, compliance requirements, and industry-standard architectures
  • Develop operational security and continuity through preventive and recovery mechanisms
Course Outline
  • CISSP Certification Introduction
  • Security and Risk Management
    • Aligning security and risk to organizational objectives
      • Evaluate and apply security governance principles
      • Implement policies, standards and procedures
      • Applying compliance
    • Applying risk management concepts
      • Assessing threats and vulnerabilities
      • Performing risk analysis and control
      • Defining qualitative and quantitative analysis
    • Preserving the business
      • Adhering to Business Continuity Management Code of Practice and Specifications
      • Performing a business impact analysis
    • Investigating legal measures and techniques
      • Reviewing intellectual property, liability and law, and compliance
      • Differentiating traditional computer crime
      • Establish information and asset handling requirements
  • Asset Security
    • Examining security models and frameworks
      • The Information Security Triad and multi-level models
      • Investigating industry standards: ISO 27001/27002
      • Evaluating security model fundamental concepts
    • Exploring system and component security concepts
      • Certification and accreditation criteria and models
      • Reviewing mobile system/cloud/IoT vulnerabilities
    • Protecting information by applying cryptography
      • Detailing symmetric and asymmetric encryption systems
      • Ensuring message integrity through hashing
      • Uncovering threats to cryptographic systems
    • Safeguarding physical resources
      • Designing environments to resist hostile acts and threats
  • Communication and Network Security
    • Defining a secure network architecture
      • TCP/IP and other protocol models
      • Protecting from network attacks
      • Reviewing secure network components and communication channels
    • Examining secure networks and components
      • Identifying wired and wireless technologies
      • Implementing firewalls, secure communications, proxies, and tunnels
  • Identity and Access Management (IAM)
    • Controlling access to protect assets
      • Defining administrative, technical and physical controls
      • Implementing centralized and decentralized approaches
      • Investigating biometric and multi-factor authentication
      • Identifying common threats
      • Manage the identity and access provisioning lifecyle
  • Security Assessment and Testing
    • Designing and conducting security assessment strategies
      • Leveraging the role of testing and auditing to analyze the effectiveness of security controls
      • Differentiating detection and protection systems
    • Conducting logging and monitoring activities
      • Distinguishing between the roles of internal and external audits
      • Conduct or facilitate security audits
    • Security Operations
      • Maintaining operational resilience
      • Managing security services effectively
      • Leveraging and supporting investigations and incident response
      • Differentiating detection and protection systems
      • Securely provisioning resources
    • Developing a recovery strategy
      • Designing a disaster recovery plan
      • Implementing test and maintenance processes
      • Provisioning of resources
  • Software Development Security
    • Securing the software development life cycle
      • Applying software development methods and security controls
      • Addressing database security concepts and issues
      • Define and apply secure coding guidelines and standards
      • Reviewing software security effectiveness and security impact
  • Conclusion