CISSP Certified Information Systems Security Professional

Course Introduction

CISSP Certified Information Systems Security Professional is a 5-day training course that delivers the eight knowledge domains of the common body of knowledge for information systems security professionals.

By attending this CISSP course, the candidates will get prepare for the CISSP Certified Information Systems Security Professional exam. Delegates will learn about the theory based methodology of the security process, security management, architecture, and engineering.

Overview

A decrease in the number of domains, from ten to eight, was introduced in April 2015. A reviewed and efficient content comprising the most current and best practice topics for today's safety landscape.

From 15 April 2015 the CISSP Courses domains changed:

• Security and Risk Management.

• Security Engineering.

• Communications and Network Security.

• Asset Security.

• Security Assessment and Testing.

• Security Operations.

• Software Development Security.

• Identity and Access Management.

Course Content

Security and Risk Management

• Defining concepts of confidentiality, integrity, and availability.

• Implementation of security governance principles.

• Recognise legal and supervisory issues that affect to information security in a global context.

• Recognise professional principles.

• Develop and implement documented Security Policy, Morales, Actions, and Strategies.

• Comprehend business continuity necessities.

• Contribute to personnel security rules.

• Recognise risk management concepts.

• Understand and apply threat modelling.

• Assimilate security risk deliberations into attainment strategy and practice.

• Create and access information security education, exercise, and consciousness.

Asset Security

• Categorise information and supporting effects.

• Regulate and maintain possession.

• Protect privacy.

• Guarantee suitable retention.

• Define data safety controls.

• Launch handling necessities.

Security Engineering

• Implement and manage manufacturing procedures using secure design principles.

• Comprehend the vital concepts of security models.

• Select controls and countermeasures based upon systems security evaluation models.

• Comprehend security abilities of info systems.

• Measure and lessen the vulnerabilities of security architectures.

• Assess and mitigate the vulnerabilities in web-based systems.

• Assess and mitigate weaknesses in mobile systems.

• Assess and mitigate susceptibilities in embedded devices and cyber-physical systems.

• Apply cryptography.

Network Security and Communication

• Appliance secure design philosophies to network architecture.

• Analysing Secure network components.

• Design and establish secure communication stations.

• Avert or diminish network spasms.

Access & Identity Management

• Control logical and physical access to possessions.

• Manage identification and verification of people and devices.

• Incorporate uniqueness as a service.

• Assimilate third-party identity amenities.

• Apply and manage authorization tools.

• Avoid or alleviate access control attacks.

• Manage the identity and access provisioning lifecycle.

Security Assessment & Testing

• Plan and authenticate assessment and test plans.

• Conduct security control testing.

• Gather security process data.

• Examine and report test outputs.

• Comprehend the weaknesses of security architectures.

Security Operations

• Comprehend and support inquiries.

• Understand necessities for investigation types.

• Conduct logging and monitoring actions.

• Secure the provisioning of resources.

• Understand and apply foundational security processes concepts.

• Service resource protection methods.

• Conduct incident management.

• Function and sustain preventative measures.

Software Security Development

• Understand and apply security in the software development lifecycle.

• Apply security controls in development environments.

• Measure the effectiveness of software security.

• Evaluate security influence of acquired software.

Prerequisites

The participants should have an experience in two of the domains in the (CBK) for a minimum of 4-5 years in the relevant industry. The complete certification for this CISSP course will be allotted only when their right amount of experience is obtained.

Further, students are recommended to know the basics of all CBK domains and reading from the ISC2.org about the course will be beneficial.

Students are suggested to do extra revision/readings to get the certification exam cleared successfully. This will also depend on the prior knowledge the student is carrying along about all CBK domains.

Target Audience

Professionals who are aiming to get certified in Information Systems Security Professional (CISSP) exam are recommended to choose the course as this will prepare them for the examinations.

Delegates Will Learn How To

Tthe delegates will have learnt the following concepts by the time the course completes:

• Safeguarding and managing software and network systems

• Protecting assets

• Security engineering

• Network safety and security operations

• Security assessment

• Software development security