CISSP Certification Preparation Training Course

Module 1. Security and Risk Management

Aligning security and risk to organisational objectives

• Evaluate and apply security governance principles
• Implement policies, standards and procedures
• Applying compliance

Applying risk management concepts

• Assessing threats and vulnerabilities
• Performing risk analysis and control
• Defining qualitative and quantitative analysis

Preserving the business

• Adhering to Business Continuity Management Code of Practise and Specifications
• Performing a business impact analysis

Investigating legal measures and techniques

• Reviewing intellectual property, liability and law, and compliance
• Differentiating traditional computer crime
• Establish information and asset handling requirements

Module 2. Asset Security

Examining security models and frameworks

• The Information Security Triad and multi-level models
• Investigating industry standards: ISO 27001/27002
• Evaluating security model fundamental concepts

Exploring system and component security concepts

• Certification and accreditation criteria and models
• Reviewing mobile system/cloud/IoT vulnerabilities

Protecting information by applying cryptography

• Detailing symmetric and asymmetric encryption systems
• Ensuring message integrity through hashing
• Uncovering threats to cryptographic systems

Safeguarding physical resources

• Designing environments to resist hostile acts and threats
• Designing environments to resist hostile acts and threats

Module 3. Communication & Network Security

Defining a secure network architecture

• TCP/IP and other protocol models
• Protecting from network attacks
• Reviewing secure network components and communication channels

Examining secure networks and components

• Identifying wired and wireless technologies
• Implementing firewalls, secure communications, proxies, and tunnels

Module 4. Identity & Access Management

Controlling access to protect assets

• Defining administrative, technical and physical controls
• Implementing centralised and decentralised approaches
• Investigating biometric and multi-factor authentication
• Identifying common threats
• Manage the identity and access provisioning lifecyle

Module 6. Security Assessment & Testing

Designing and conducting security assessment strategies

• Leveraging the role of testing and auditing to analyse the effectiveness of security controls
• Differentiating detection and protection systems

Conducting logging and monitoring activities

• Distinguishing between the roles of internal and external audits
• Conduct or facilitate security audits

Module 7. Security Operations

Maintaining operational resilience

• Managing security services effectively
• Leveraging and supporting investigations and incident response
• Differentiating detection and protection systems
• Securely provisioning resources

Developing a recovery strategy

• Designing a disaster recovery plan
• Implementing test and maintenance processes
• Provisioning of resources

Module 8. Software Security Development

Securing the software development life cycle

• Applying software development methods and security controls
• Addressing database security concepts and issues
• Define and apply secure coding guidelines and standards
• Reviewing software security effectiveness and security impact

CISSP is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:

• Chief Information Security Officer
• Chief Information Officer
• Director of Security
• IT Director/Manager
• Security Systems Engineer
• Security Analyst
• Security Manager
• Security Auditor
• Security Architect
• Security Consultant
• Network Architect

Please note CISSP candidates must meet specific requirements, as established by ISC² — see: ISC². Those without the required experience can take the exam to become an Associate of (ISC)² while working toward the experience needed for full certification

This course includes:

• Training from a certified CISSP trainer
• CISSP courseware and study materials
• Refreshments