Certified Information Systems Security Professional (CISSP)

Enroll in the Certified Information Systems Security Professional (CISSP) exam and validates your deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

40 hours 0 Enrolled No ratings yet Intermediate

Curriculum
Description

Module 1: Security and Risk Management

Understand, adhere to, and promote professional ethics

Understand and apply security concepts

Evaluate and apply security governance principles

Determine compliance and other requirements

Understand legal and regulatory issues that pertain to information security in a holistic context

Understand requirements for investigation types

Develop, document, and implement security policy, standards, procedures, and guidelines

Identify, analyze, and prioritize Business Continuity (BC) requirements

Contribute to and enforce personnel security policies and procedures

Understand and apply risk management concepts

Understand and apply threat modeling concepts and methodologies

Apply Supply Chain Risk Management (SCRM) concepts

Establish and maintain a security awareness, education, and training program
Module 2: Asset Security

Identify and classify information and assets

Establish information and asset handling requirements

Provision resources securely

Manage data lifecycle

Ensure appropriate asset retention (e.g., End-of-Life (EOL), End-of-Support (EOS))

Determine data security controls and compliance requirements
Module 3: Security Architecture and Engineering

Research, implement and manage engineering processes using secure design principles

Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)

Select controls based upon systems security requirements

Understand security capabilities of Information Systems (IS)

Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements

Select and determine cryptographic solutions

Understand methods of cryptanalytic attacks

Apply security principles to site and facility design

Design site and facility security controls
Module 4: Communication and Network Security

Assess and implement secure design principles in network architectures

Secure network components

Implement secure communication channels according to design
Module 5: Identity and Access Management (IAM)

Control physical and logical access to assets

Manage identification and authentication of people, devices, and services

Federated identity with a third-party service

Implement and manage authorization mechanisms

Manage the identity and access provisioning lifecycle

Implement authentication systems
Module 6: Security Assessment and Testing

Design and validate assessment, test, and audit strategies

Conduct security control testing

Collect security process data (e.g., technical and administrative)

Analyze test output and generate a report

Conduct or facilitate security audits
Module 7: Security Operations

Understand and comply with investigations

Conduct logging and monitoring activities

Perform Configuration Management (CM) (e.g., provisioning, baselining, automation)

Perform Configuration Management (CM) (e.g., provisioning, baselining, automation)

Apply resource protection

Conduct incident management

Operate and maintain detective and preventative measures

Implement and support patch and vulnerability management

Understand and participate in change management processes

Implement recovery strategies

Implement Disaster Recovery (DR) processes

Test Disaster Recovery Plans (DRP)

Participate in Business Continuity (BC) planning and exercises

Implement and manage physical security

Address personnel safety and security concerns
Module 8: Software Development Security

Understand and integrate security in the Software Development Life Cycle (SDLC)

Identify and apply security controls in software development ecosystems

Assess the effectiveness of software security

Assess security impact of acquired software

Define and apply secure coding guidelines and standards

About The Course

The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security market. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

The broad spectrum of topics included in the CISSP Common Body of Knowledge (CBK®) ensures its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following eight domains:

Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management (IAM)
Security Assessment and Testing
Security Operations
Software Development Security

Course Objectives

This course teaches you about core aspects such as;

Security and risk management
Asset security architecture and design
Cryptography OSI and TCP IP models
IP addresses
Network security
Identity and access management
Security assessment and testing
Software development security

Pre-Requisites

Candidates who wish to take up the Certified Information Systems Security Professional (CISSP) training have a minimum of 5 years of work experience in two or more of the 8 domains prescribed by ISC2 in their CISSP Common Body of Knowledge (CBK)

There can be a waiver of 1 year from the required 5-year experience if the candidate has a 4-year college degree or any additional certification credential from ISC2 approved course list.

What's included

40 Hours Training Course
Certificate
8 Module
24/7 Support

upskillfinder

4.8Instructor Rating

2

Students

230

Courses

4

Reviews

View Details

Certified Information Systems Security Professional (CISSP)

Sign in

What's included

Audience

upskillfinder

2

230

4