CISSP – Certified Information Systems Security Professional

by Elite Training Claim Listing

With today's complex and diverse enterprise networks, maintaining security is one of the greatest challenges organisations face. It is difficult to properly configure systems and networks for maximum security.

£1895

Contact the Institutes

Fill this form

Advertisement

Elite Training Logo

img Duration

5 Days

Course Details

With today's complex and diverse enterprise networks, maintaining security is one of the greatest challenges organisations face. It is difficult to properly configure systems and networks for maximum security.

Any weakness in the defence is enough to render the organisation vulnerable. The skill set required of the security team is very wide. In an effort to define the knowledgebase required for enterprise security (ISC)2 have defined the Common Body of Knowledge (CBK), which consists of ten test domains.

The Certified Information Systems Security Professional CISSP® exam is built from a pool of multiple-choice questions drawn from the CBK.

 

Prerequisites:

For CISSP ISC2 exam requires that candidates have work experience (4 years with degree or 5 years without degree) in two, or more of the ten test domains of the information systems [IS] security Common Body of Knowledge (CBK). Note that candidates for CISSP without the required work experience can still sit the exam and become an associate CISSP. 

 

Course Content

Security Management Practices

  • Identification of information assets

  • Policies, standards, procedures

  • Confidentiality, integrity, and availability.

  • Data classification,

  • Risk management, risk assessment, and risk analysis;

  • Countermeasure evaluation

  • Security roles

  • Security awareness training

  • Personnel policy

Security Architecture & Models

  • Computer architectures

  • Security models

  • Trusted Computer Base

  • ITSEC

  • TCSEC

  • Common Criteria

  • OS security components

  • IETF IPSEC

  • Certification and Accreditation

  • Security issues associated with system architectures

Access Control Systems & Methodology

  • Access Control techniques

  • Access Control Administration

  • Access Control Models

  • Identification and Authentication Techniques

  • Single Sign-On (SSO)

  • Access Control Methodologies and Implementation

  • File and Data Ownership and Custodianship

  • Methods of Attack

  • Monitoring

  • Penetration Testing 

Applications & Systems Development

  • Systems development management

  • Change Control

  • Certification

  • Accreditation

  • Security Control Architecture

  • Malicious Code

  • Virus writers Hackers, crackers, and phreaks

  • Virus protection, types of computer viruses

  • Mobile code security issues

Cryptography

  • Cryptographic basics

  • Comparison of cryptographic algorithms

  • Key management

  • Key Distribution Methods

  • Kerberos,

  • ISAKMP

  • Public Key Algorithms

  • Public Key Infrastructure (PKI)

  • Certificate Authorities

  • Smart cards and tokens

  • Methods of Attack

Telecommunications & Network Security

  • ISO/OSI Layers and Characteristics

  • Remote Access Dial-In User System/Terminal Access Control

  • RADIUS/TACACS

  • Internet/Intranet/Extranet

  • Secure communication protocols

  • Virtual Private Network (VPN)

  • Network Address Translation

  • E-mail security

  • Facsimile security

  • Secure Voice Communications

  • Security boundaries and how to translate security policy to controls

  • Network Attacks and Countermeasures

Operations Security

  • Administrative Management

  • Separation of Duties and Responsibilities

  • Backup of Critical information

  • Standards of Due Care/Due Diligence

  • Record retention

  • Control Types

  • Operations Controls

  • Resource Protection

  • Auditing

  • Reporting mechanisms

  • Monitoring tools and techniques

  • Failure recognition and response

  • Intrusion detection

  • Penetration testing techniques

  • Inappropriate activities

  • Internal threats and Countermeasures

  • Violations, Breaches, and Reporting

Physical Security

  • Physical site security controls

  • Electronic site access controls

  • Environment/Life Safety

  • Physical security threats and countermeasures

  • Fire (sensors, sprinklers, flooding systems, extinguishers)

  • Water (leakage and flooding)

  • Electrical (UPS and generators)

  • Environmental

Business Continuity & Disaster Recovery Planning

  • Business Continuity Planning

  • Cold/Warm/Hot/Mobile Sites

  • Recovery processes

  • Disaster Recovery Planning

  • Recovery Plan Development

  • Emergency Response

  • Reconstruction from Backups

  • Crisis Management

  • BCP/DRP Events

Law, Investigation & Ethics

  • Legal categories

  • Criminal Law

  • Civil Law

  • Administrative Law

  • Investigations

  • Rules of Evidence

  • Collection and preservation of evidence

  • Investigation Processes and Techniques

  • Major categories of computer crime

  • Incident Handling

  • Ethics

  • (ISC2) Code of Ethics 

  • Glasgow Branch

    1 Blythswood Square, Glasgow
  • Liverpool Branch

    Liverpool Science Park Innovation Centre 131 Mount Pleasant, Liverpool

Check out more CISSP courses in UK

Nemstar Logo

CRISC (Certified in Risk & Information Security Control)

This event fully covers the current CRISC exam syllabus by explaining how to use COBIT, ValIT and RiskIT to implement an InfoSec Risk Management process while supporting the core business strategy. Sample exam questions, exam techniques and study plans are also covered

by Nemstar [Claim Listing ]
Datrix Training Logo

COBIT® Foundation Training

Over the course of two days, delegates who are taking the COBIT® training course will learn a series of skills. They will provided with thorough knowledge of the course during their first day, given to them by experienced trainers who are of a very high quality.

by Datrix Training [Claim Listing ]
Pink Elephant Logo

COBIT® 2019 Foundation

From its foundation in the IT audit community, COBIT has developed into a broader and more comprehensive information and technology (I&T) governance and management framework and continues to establish itself as a generally accepted framework for I&T governance.

by Pink Elephant [Claim Listing ]
Net Security Training Logo

Certified in Risk & Information Systems Control (CRISC)

CRISC course is offered by Net Security Training for all skill level. Net Security Training is an independent specialist Cyber Security training company whose total focus is the provision of specialised courses and appreticeships catering for Cyber Security and Information Assurance professionals...

by Net Security Training [Claim Listing ]
Bywater Training Limited Logo

ISO 27001 Lead Auditor Training Course

Auditing is an essential tool in the battle to identify, assess and address information security risks posed by challenges such as employee error and data breaches.

by Bywater Training Limited [Claim Listing ]

© 2024 coursetakers.com All Rights Reserved. Terms and Conditions of use | Privacy Policy