Certified Information Systems Security Professional (CISSP)

This course is designed for anyone seeking The Certified Information Systems Security Professional (CISSP) certification. The course covers topics ranging from operations security, telecommunications, network and internet security, identity and access management systems and methodology, and business continuity planning.

This training course is developed to build a cybersecurity professional who is well-versed with the latest security standards and can help establish an information security system that is secure and scalable while also aligning to the business IT goals.

The course seeks to prepare individuals for the CISSP certification exam. Objectives are accomplished mainly through Extensive simulation test papers and interactive exercises.

This 120hrs (Lectures + hands-on Lab) training is designed to educate candidate on a variety of topics that all information assurance IT professionals should master. Some of the topics that will be covered in the various lessons include access control systems and methodology, business continuity planning, network and internet security, identity and access management, security operations, security assessment and testing, and communication and network security.

This training course is developed to build a cybersecurity professional who is well-versed with the latest security standards and can help establish an information security system that is secure and scalable while also aligning to the business IT goals.

The course seeks to prepare individuals for the Certified Information Systems Security Professional (CISSP) certification exam. Objectives are accomplished mainly through Extensive simulation test papers and interactive exercises.

The key to a high success rate is based on the program’s objectives as follows:

• Course contents are based on The Certified Information Systems Security Professional (CISSP) course outlines.
• Dedicated Monitoring to evaluate and report candidate’s progress.
• Extensive simulation test papers and interactive exercises.
• Industry acclaimed, experienced and certified instructors.

Objectives:

• Understanding of information security aspects in an organization.
• Optimizing security operations in an enterprise.
• Access control systems and various methodologies that complement IT Security and governance for an enterprise.
• Design and validate assessment and test strategies.
• Conduct security testing and assessments.
• Understand and apply security assessment tools and techniques.
• Prevent and mitigate network attacks.
• Defining the architecture, design, and management of IT security.
• Understanding of all the 8 domains prescribed in the ISC2 CISSP Common Body of Knowledge (CBK).
• Understand and apply concepts of confidentiality, integrity, and availability.
• Implement and manage security governance and compliance.
• Understand legal and regulatory issues related to information security.
• Understand and apply security governance principles.

Course Topics:

• This course is aimed at imparting knowledge and skills for planning, managing, and designing the security framework of the organization.
• The course seeks to prepare individuals for the Certified Information Systems Security Professional (CISSP) certification exam.
• The following topics are general guidelines to better reflect the contents of the course and for clarity purposes, the guidelines below may change at any time without notice. CISSP® - Certified Information Systems Security Professional: Course Topics
• CISSP Course Introduction
• Domain 1: Security and Risk Management
• Introduction
• Introduction to Security and Risk Management
• Understand, adhere to, and Promote Professional Ethics
• Understand and Apply Security Concepts
• Evaluate and Apply Security Governance Principle
• Goals, Mission, and Objectives
• Control Frameworks, Due Care, and Due Diligence
• Determine Compliance and Other Requirements
• Understand Legal and Regulatory Issues that Pertain to Information Security in a Holistic Context
• Types of Intellectual Properties (IP) Law
• OECD Principles, GDPR, and Data Protection principles
• Data Protection Principles
• Understand Requirements for Investigation Types
• Develop, Document, and Implement Security Policy, Standards,Procedures, and Guidelines
• Need for Business Continuity Planning (BCP)
• Business Continuity Planning Phases
• Business Impact Analysis
• Identify Preventive Controls
• Contribute and Enforce Personnel Security Policies and Procedures
• Introduction to Risk Management Concepts
• Risk Analysis
• Risk Analysis and Assessment
• Countermeasure Selection
• Risk Handling and Security Control Assessment
• Security Control Assessment (SCA)
• Risk Monitoring and Continuous Improvement
• Understand and Apply Threat Modeling Concepts and Methodologies
• Threat Modeling Steps
• DREAD Rating
• Apply Supply Chain Risk Management (SCRM) Concepts
• Third-Party Management and Risks
• Third-Party Risk Management Life Cycle
• Domain 2: Asset Security
• Introduction
• Introduction to Asset Security
• Identify and Classify Information and Assets
• Information Classification Objectives
• Establish Information and Asset Handling Requirements
• Provision Resources Securely
• Manage Data Life Cycle
• Data Life Cycle: Create, Store, and Use
• Data Life Cycle: Share, Archive, and Destroy
• Data Remanence and Data Destruction
• Ensure Appropriate Asset Retention
• Data and Data Security Controls
• How to Select Controls
• Digital Rights Management (DRM)
• Data Loss Prevention (DLP)
• Quick Recap
• Domain 3: Security Architecture and Engineering
• Introduction
• Introduction to Security Engineering
• Research, Implement, and Manage Engineering Processes Using
• Trust but Verify and Zero Trust
• Privacy by Design
• Understand the Fundamental Concepts of Security Models
• _State Machine Model, Multilevel Lattice Model, Non-Interference Model, and Information Flow Model
• Types of Security Models
• Composition Theories, Covert Channels, and Open and Closed Systems
• Select Controls Based on System Security Requirements
• Security Capabilities of Information Systems
• Assess and Mitigate the Vulnerabilities of Security Architectures
• SCADA
• Security Concerns of ICS
• Cloud Computing
• Categorization of Cloud
• Internet of Things
• Fog and Edge Computing
• Select and Determine Cryptographic Solutions
• And more.