The CISSP course covers all relevant concepts, case studies, and workshops for key technical areas across the eight domains. ISC2 has recently introduced the new ‘drag and drop’ questions; these form part of the course.
Overview:
The CISSP course covers all relevant concepts, case studies, and workshops for key technical areas across the eight domains. ISC2 has recently introduced the new ‘drag and drop’ questions; these form part of the course. All of our instructors have extensive experience in delivering CISSP training around the world. They are Industry Certified Professionals who deliver our events with pride and passion.
The 8 CISSP Domains:
Security and Risk Management
• Understand and apply concepts of confidentiality, integrity and availability
• Establish and manage information security education, training, and awareness
• Apply security governance principles
• Understand legal and regulatory issues that pertain to information security in a global context
• Understand professional ethics
• Develop and implement documented security policy, standards, procedures, and guidelines
• Understand business continuity requirements
• Contribute to personnel security policies
• Understand and apply risk management concepts
• Understand and apply threat modelling
• Integrate security risk considerations into acquisition strategy and practice
Asset Security
• Classify information and supporting assets (e.g., sensitivity, criticality)
• Determine and maintain ownership (e.g., data owners, system owners, business/mission owners)
• Protect privacy
• Ensure appropriate retention (e.g., media, hardware, personnel)
• Determine data security controls (e.g., data at rest, data in transit)
• Establish handling requirements (markings, labels, storage, destruction of sensitive information)
Security Engineering
• Implement and manage engineering processes using secure design principles
• Understand the fundamental concepts of security models (e.g., Confidentiality, Integrity, and Multi-level Models)
• Select controls and countermeasures based upon systems security evaluation models
• Understand security capabilities of information systems (e.g., memory protection, virtualization, trusted platform module, interfaces, fault tolerance)
• Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
Communications and Network Security
• Apply secure design principles to network architecture (e.g., IP & non-IP protocols, segmentation)
• Secure network components
• Design and establish secure communication channels
• Prevent or mitigate network attacks
Identity and Access Management
• Control physical and logical access to assets
• Manage identification and authentication of people and devices
• Integrate identity as a service (e.g., cloud identity)
• Integrate third-party identity services (e.g., on premise)
• Implement and manage authorization mechanisms
• Prevent or mitigate access control attacks
• Manage the identity and access provisioning lifecycle (e.g., provisioning, review)
Security Assessment and Testing
• Design and validate assessment and test strategies
• Conduct security control testing
• Collect security process data (e.g., management and operational controls)
• Analyse and report test outputs (e.g., automated, manual)
• Conduct or facilitate internal and third party audits
Security Operations
• Understand and support investigations
• Understand requirements for investigation types
• Conduct logging and monitoring activities
• Secure the provisioning of resources
• Understand and apply foundational security operations concepts
• Employ resource protection techniques
• Conduct incident management
Software Development Security
• Understand and apply security in the software development lifecycle
• Enforce security controls in development environments
• Assess the effectiveness of software security
• Assess security impact of acquired software
We are a Scottish SME on a mission to be the only training provider your company will ever need. To date we’ve run over 9,000 courses in more than 1,100 organisations, across public and private sectors. 96% of course attendees rate their training experience with us as excellent or very good.
CISA (Certified Information System Auditor) is a globally recognized and accepted certification course, approved by ISACA (Information System Audit and Control Association).
This COBIT®5 Foundation training course enables delegates to gain knowledge and understanding of the COBIT5 guidance, understand the enterprise governance and management of enterprise IT, and create awareness with their business executives and senior IT management.
This five-day intensive course enables participants to develop the necessary expertise to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.
An essential part of the maintenance of an ISMS is auditing, which acts as a tool for identifying potential risks, meeting the requirements of ISO/IEC 27001, and identifying better ways to keep information secure.
Prior to starting the process of becoming a CISSP certified professional, individuals need to fulfill certain requisites. This has increased the entry barrier for CISSP Certification making it one of the distinguished credentials in information technology.
© 2024 coursetakers.com All Rights Reserved. Terms and Conditions of use | Privacy Policy