Certified Information Systems Security Professional (CISSP) (CS8502)

Welcome to Certified Information Systems Security Professional Training (CISSP)!

This course complements your knowledge and experience in large-scale information security. It expands your knowledge by browsing the eight domains defined by the Common Body of Knowledge (CBK) for information security professionals. The training offers an approach based on the use of a corporate security process, while also being the preparation tool for CISSP certification.

CISSP Certification is a highly-rated information security certification in the world of today's technology and security. This remains because the organization (ISC) ² is constantly improving content through the engagement of industry experts, ensuring that the material and issues remain relevant despite the current turbulence and changes in the security field. In defining the eight CBK domains, an industry standard has been developed and CISSP training is exploiting all of them. The skills and knowledge you will get from this course will help you to understand these eight areas. It will establish credibility and success for every professional in the field of information security.

Lesson 1: Security and Risk Management

• Security Governance Principles

• Compliance

• Professional Ethics

• Security Documentation

• Risk Management

• Threat Modeling

• Business Continuity Plan Fundamentals

• Acquisition Strategy and Practice

• Personnel Security Policies

• Security Awareness and Training

Lesson 2: Asset Security

• Asset Classification

• Privacy Protection

• Asset Retention

• Data Security Controls

• Secure Data Handling

Lesson 3: Security Engineering

• Security in the Engineering Lifecycle

• System Component Security

• Security Models

• Controls and Countermeasures in Enterprise Security

• Information System Security Capabilities

• Design and Architecture Vulnerability Mitigation

• Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems

• Cryptography Concepts

• Cryptography Techniques

• Site and Facility Design for Physical Security

• Physical Security Implementation in Sites and Facilities

Lesson 4: Communications and Network Security

• Network Protocol Security

• Network Components Security

• Communication Channel Security

• Network Attack Mitigation

Lesson 5: Identity and Access Management

• Physical and Logical Access Control

• Identification, Authentication, and Authorization

• Identity as a Service

• Authorization Mechanisms

• Access Control Attack Mitigation

Lesson 6: Security Assessment and Testing

• System Security Control Testing

• Software Security Control Testing

• Security Process Data Collection

• Audits

Lesson 7: Security Operations

• Security Operations Concepts

• Physical Security

• Personnel Security

• Logging and Monitoring

• Preventative Measures

• Resource Provisioning and Protection

• Patch and Vulnerability Management

• Change Management

• Incident Response

• Investigations

• Disaster Recovery Planning

• Disaster Recovery Strategies

• Disaster Recovery Implementation

Lesson 8: Software Development Security

• Security Principles in the System Lifecycle

• Security Principles in the Software Development Lifecycle

• Database Security in Software Development

• Security Controls in the Development Environment

• Software Security Effectiveness Assessment