Introduction
To obtain the CISSP certification, candidates need to pass an exam that consists of mostly multiple-choice questions. The purpose of this course is to prepare you for the certification exam by introducing you to the concepts and terminology you need to know to pass.
This course is designed to provide you with extensive knowledge, learning strategies, and instructor support along the way. In addition to the exam, you must meet a few other requirements in order to become a Certified Information Systems Security Professional. You must demonstrate that you follow the CISSP Code of Ethics, have a minimum of five years full-time paid work experience in the systems security field, and hold an IS or IT degree. At the end of this course you will be equipped with everything you need to successfully pass the exam and earn your CISSP certification.
Course Objectives of Certified Information Systems Security Professional (CISSP)
Throughout this course, you will learn about:
- Basics of Security Governance, asset security, cryptography
- Basics of security and risk management, various threats and attacks.
- Understanding of the regulations, laws, policies, standards, and encryption protocols.
- Explore the different security models & designs, Thereats & Attacks
- The terminology for Network Architecture & Traffic
prerequisites for Certified Information Systems Security Professional (CISSP)
Basic knowledge in networking and some knowledge of systems operations
Target Audience for Certified Information Systems Security Professional (CISSP)
- Chief Information Security Officer
- Chief Information Officer
- Director of Security
- IT Director/Manager
- Security Systems Engineer
- Security Analyst
- Security Manager
- Security Auditor
- Security Architect
- Security Consultant
- Network Architect
Course Outline for Certified Information Systems Security Professional (CISSP)
Day 1
Security Governance
-
CIA Triad: Confidentiality, Integrity & Availability
- Identification, Authentication, Authorization, Auditing, and Accounting
-
Threat Modeling
-
Security Policies
- Risk Management
Laws, Standards and Regulations
Day 2
Data and Asset Security
Classifying Data and Assets
-
Data Ownership
-
Storing and Disposing of Data
Cryptography
-
Introduction to Cryptography
-
Asymmetric and Symmetric Encryption
-
Ciphers
-
Public Key Infrastructure (PKI)
-
Hashing Algorithms
-
Cryptographic Attacks
Day 3
Security Models and Design
Threats and Attacks
-
Motives
-
Attack Vectors
-
Threat Classification
-
Attack Classification
Day 4
Network Architecture
-
OSI vs. TCP/IP
-
TCP/IP
-
Wireless Access Point
-
Wireless Network Attacks
-
Firewalls
-
Network Hardware
-
Network Topologies
Network Traffic
-
Network Security Mechanisms
-
Email Security
-
VPN and Virtualization
-
Network Address Translation (NAT)
-
Wide-Area Networks (WANs)
-
Network Attack Mitigation
Identification and Authentication
Day 5
Security Assessments
Disaster Prevention, Response, and Recovery
-
Security Operations
-
Responding to Incidents
-
Log - Monitor - Audit
-
Software Development Security Principles
-
The Software Development Lifecycle (SDLC)
-
Data and Information Storage
-
Malicious Code
How to Prepare for the Exam
