CISSP Certification Course

Take your career to the next level by earning one of the most in-demand cybersecurity certifications. Infosec's CISSP training provides a proven method for mastering the broad range of knowledge required to become a Certified Information Systems Security Professional.

Course Outline

Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)

• Understand and Apply Concepts of Confidentiality, Integrity, and Availability

• Apply Security Governance Principles

• Compliance

• Understand Legal and Regulatory Issues that Pertain to Information Security in a Global Context

• Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines

• Understand Business Continuity Requirements

• Contribute to Personnel Security Policies

• Understand and Apply Risk Management Concepts

• Understand and Apply Threat Modeling

• Integrate Security Risk Considerations into Acquisitions Strategy and Practice

• Establish and Manage Security Education, Training, and Awareness

Asset Security (Protecting Security of Assets)

• Classify Information and Supporting Assets

• Determine and Maintain Ownership

• Protect Privacy

• Ensure Appropriate Retention

• Determine Data Security Controls

• Establish Handling Requirements

Security Engineering (Engineering and Management of Security)

• Implement and Manage an Engineering Life Cycle Using Security Design Principles

• Understand Fundamental Concepts of Security Models

• Select Controls and Countermeasures Based Upon Information Systems Security Standards

• Understand the Security Capabilities of Information Systems

• Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements

• Assess and Mitigate Vulnerabilities in Web-based Systems

• Assess and Mitigate Vulnerabilities in Mobile Systems

• Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems

• Apply Cryptography

• Apply Secure Principles to Site and Facility Design

• Design and Implement Facility Security

Communications and Network Security (Designing and Protecting Network Security)

• Apply Secure Design Principles to Network Architecture

• Securing Network Components

• Design and Establish Secure Communication Channels

• Prevent or Mitigate Network Attacks

Identity and Access Management (Controlling Access and Managing Identity)

• Control Physical and Logical Access to Assets

• Manage Identification and Authentication of People and Devices

• Integrate Identity as a Service (IDaaS)

• Integrate Third-Party Identity Services

• Implement and Manage Authorization Mechanisms

• Prevent or Mitigate Access Control Attacks

• Manage the Identity and Access Provisioning Life Cycle

Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

• Design and Validate Assessment and Test Strategies

• Conduct Security Control Testing

• Collect Security Process Data

• Conduct or Facilitate Internal and Third-Party Audits

Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

• Understand and Support Investigations

• Understand Requirements for Investigation Types

• Conduct Logging and Monitoring Activities

• Secure the Provisioning of Resources through Configuration Management

• Understand and Apply Foundational Security Operations Concepts

• Employ Resource Protection Techniques

• Conduct Incident Response

• Operate and Maintain Preventative Measures

• Implement and Support Patch and Vulnerability Management

• Participate in and Understand Change Management Processes

• Implement Recovery Strategies

• Implement Disaster Recovery Processes

• Test Disaster Recovery Plan

• Participate in Business Continuity Planning

• Implement and Manage Physical Security

• Participate in Personnel Safety

Software Development Security (Understanding, Applying, and Enforcing Software Security)

• Understand and Apply Security in the Software Development Life Cycle

• Enforce Security Controls in the Development Environment

• Assess the Effectiveness of Software Security

• Assess Software Acquisition Security