CISSP Security Professional Course Description

Our Certified Information Systems Security Professional (CISSP) program will teach you the Broad Range of Security Subjects, Technology and Concepts you’ll need to learn to effectively pass the CISSP Exam.  Our Structured Learning Methodology provides you the Course Materials that will teach you Technology to be successful on the job and with passing your CISSP Certification Exam.  The Course Materials include the best CISSP Hard Cover Book, Online CBT (Computer Based Training) and Online Practice Exam that will prepare you to Pass Your CISSP Certification Exam the first time.  In addition to this our Continuous Hands-On Lab Training will give you the CISSP Security Skills to be confident and productive on the Job Day 1.

The CISSP Exam Consist of Training from all 10 CISSP Domains;

CISSP-01 – Access Control Systems & Methodology

  • Discuss the relationship between access control and accountability.
  • Define common access control techniques.
  • Detail the specifics of access control administration.
  • Explain access control models.
  • Explain identification and authentication techniques.
  • Discuss centralized/decentralized control.
  • Describe common methods of attack.
  • Explain intrusion detection.

CISSP-02 – Telecommunications & Network Security

  • Identify the key areas of knowledge of telecommunications and network security.
  • Explain the International Standards Organization/Open Systems Interconnection (ISO/OSI) layers and characteristics.
  • Describe the design and function of communications and network security.
  • Describe the components, protocols, and services involved in Internet/intranet/extranet design.
  • Define and describe communications security techniques to prevent, detect, and correct errors so that integrity, availability and confidentiality of transactions over networks may be maintained.
  • Define and describe specific areas of communication and how they can be secured.
  • Explain current forms of network attacks and their countermeasures.

CISSP-03 – Security Management Practices

  • Understand the principles of security management.
  • Know what management’s responsibility is in the information security environment.
  • Understand risk management and how to use risk analysis to make information security management decisions.
  • How to set policies and how to derive standards, guidelines and implement procedures to meet policy goals.
  • Set information security roles and responsibilities throughout your organization.
  • Understand how the various protection mechanisms are used in information security management.
  • Understand the considerations and criteria for classifying data.
  • Determine how employment policies & practices are used to enhance information security in your organization.
  • Use change control to maintain security.
  • Know what is required for security awareness training.

CISSP-04 – Applications & Systems Development Security

  • Explore software/data issues and describe software and data handling applications.
  • Discuss the types of attacks made on software vulnerabilities.
  • Describe and define malicious code.
  • Discuss system development controls.
  • Use coding practices that reduce system vulnerability.

CISSP-05 – Cryptography

  • Discuss the uses of cryptography including confidentiality, integrity, authentication and non-repudiation.
  • Compare and contrast symmetric and asymmetric algorithms.
  • Describe PKI and key management.
  • Detail common methods of attacking encryption including general and specific attacks.

CISSP-06 – Security Architecture & Models

  • Explain the difference between public versus government requirements for security architecture and models.
  • Discuss examples of security models.
  • Explain the basics of security architecture.
  • Describe and contrast information system security standards.
  • Describe the Internet Protocol Security (IPSec) standard.

CISSP-07 – Operations Security

  • Identify the key roles of operations security.
  • Define threats and countermeasures.
  • Explain how audit and monitoring can be used as operations security tools.
  • Define the role of Administrative management in operations security.
  • Define operations security concepts and describe operations security best practices

CISSP-08 – Business Continuity & Disaster Recovery Planning

  • Explain the difference between Disaster Recovery Planning (DRP) and Business Continuity Planning (BCP) and the importance of developing plans that include both.
  • Document the natural and man-made events that need to be considered in making disaster recovery and business continuity plans.
  • Detail the business continuity planning process.
  • Detail the disaster recovery planning process, including recovery plan development, implementation, maintenance and the restoration of business functions.
  • Explain the need for, and development of, a backup strategy. Include information on determining what to back up, how often to back up, as well as the proper storage facility for backups.

CISSP-09 – Laws, Investigations & Ethics

  • Explain the fundamentals of law.
  • Define what constitutes a computer crime and how such a crime is proven in court.
  • Explain the laws of evidence.
  • Introduce techniques for obtaining and preserving computer evidence.
  • Identify and plan for computer security incidents.
  • Discuss computer ethics.

CISSP-10 – Physical Security

  • Understand the idea of classifying assets and identifying threats and countermeasures that apply to classes.
  • Understand some of the most common vulnerabilities and how they affect different asset classes differently.
  • Know the elements involved in choosing, designing, constructing and maintaining a secure site.
  • Understand issues and controls related to removable electronic media.
  • Understand issues relating to storage of paper.
  • Know the most common issues relating to disposal or erasure of data.
  • Describe physical intrusion detection methodologies and products.

 

Cisco CompTIA PMI Microsoft ISC2