CISSP Certified Information Systems Security Professional

A Quick Glance

• Pass the CISSP exam

• Gain vital cybersecurity skills

• Implement and manage security programs

• Prove your security expertise and knowledge

Modern businesses require proven security professionals to help them defend against threats to their data and systems. CISSP (Certified Information Systems Security Professional)-certified professionals have vast knowledge and expertise to design, implement and manage IT security systems.

Our CISSP training is designed to help learners prepare for the CISSP exam, providing a full understanding of the 8 domains of the CISSP CBK which the exam assesses and ensuring delegates are ready to pass confidently.

Who should take this course

• Security Consultants

• Security Managers

• Security Analysts

• IT Managers

• Security Directors

• Network Architects

• Security Auditors

• Security Architects

• Security Systems Engineers

• Chief Information Security Officers

Prerequisites

There are no requirements for this course, but  4-5 years of experience in at least 2 of the 8 CBK domains is required for full CISSP certification.

What Will You Learn

• Prepare for the CISSP exam

• Understand the 8 domains of the CISSP CBK

• Understand what is expected of a cybersecurity professional

• Learn the fundamentals of security management

Course Overview

Over 5 days, our expert instructors will go through each of the 8 CISSP CBK domains using a theory-based approach teaching all the concepts, tools and knowledge required for the modern cybersecurity professional to do their job effectively, all with the aim of passing the exam and achieving this highly sought-after certification.

Course Content

Security and Risk Management

• Confidentiality, Integrity, and Availability Concepts

• Security Governance Principles

• Compliance

• Legal and Regulatory Issues

• Professional Ethics

• Security Policies, Standards, Procedures, and Guidelines

Asset Security

• Information and Asset Classification

• Ownership

• Protect Privacy

• Appropriate Retention

• Data Security Controls

• Handling Requirements

Security Architecture and Engineering

• Engineering Processes using Secure Design Principles

• Security Models Fundamental Concepts

• Security Evaluation Models

• Security Capabilities of Information Systems

• Security Architectures, Designs, and Solution Elements Vulnerabilities

• Web-based Systems Vulnerabilities

• Mobile Systems Vulnerabilities

• Embedded Devices and Cyber-Physical Systems Vulnerabilities

• Cryptography

• Site and Facility Design Secure Principles

• Physical Security

Communication and Network Security

• Secure Network Architecture Design

• Secure Network Components

• Secure Communication Channels

• Network Attacks

Identity and Access Management (IAM)

• Physical and Logical Assets Control

• Identification and Authentication of People and Devices

• Identity as a Service

• Third-party Identity Services

• Access Control Attacks

• Identity and Access Provisioning Lifecycle

Security Assessment and Testing

• Assessment and Test Strategies

• Security Process Data

• Security Control Testing

• Test Outputs

• Security Architectures Vulnerabilities

Security Operations

• Investigations Support and Requirements

• Logging and Monitoring Activities

• Provisioning of Resources

• Foundational Security Operations Concepts

• Resource Protection Techniques

• Incident Management

• Preventative Measures

• Patch and Vulnerability Management

• Change Management Processes

• Recovery Strategies

• Disaster Recovery Processes and Plans

• Business Continuity Planning and Exercises

• Physical Security

• Personnel Safety Concerns

Software Development Security

• Security in the Software Development Lifecycle

• Development Environment Security Controls

• Software Security Effectiveness

• Acquired Software Security Impact