Certified Information Systems Security Professional (CISSP): Sixth Edition
Course Description Overview
Welcome to Certified Information Systems Security Professional (CISSP®): Sixth Edition . With your completion of the prerequisites and necessary years of experience, you are firmly grounded in the knowledge requirements of today’s security professional. This course will expand upon your knowledge by addressing the essential elements of the eight domains that comprise a Common Body of Knowledge (CBK®) for information systems security professionals. The course offers a job-related approach to the security process, while providing a framework to prepare for CISSP certification.
CISSP is the premier certification for today’s information systems security professional. It remains the premier certification because the sponsoring organization, the International Information Systems Security Certification Consortium, Inc. (ISC)2 ®, regularly updates the test by using subject matter experts (SMEs) to make sure the material and the questions are relevant in today’s security environment. By defining eight security domains that comprise a CBK, industry standards for the information systems security professional have been established. The skills and knowledge you gain in this course will help you master the eight CISSP domains and ensure your credibility and success within the information systems security field.
You will:
- Analyze components of the Security and Risk Management domain.
- Analyze components of the Asset Security domain.
- Analyze components of the Security Architecture and Engineering domain.
- Analyze components of the Communication and Network Security domain.
- Analyze components of the Identity and Access Management domain.
- Analyze components of the Security Assessment and Testing domain.
- Analyze components of the Security Operations domain.
- Analyze components of the Software Development Security domain
Each computer will need to have the following software installed. Unless otherwise specified, the software should be full licensed versions.
- Microsoft® Windows® 7 or greater.
- Adobe® Acrobat® Reader or an equivalent PDF viewer.
- If necessary, software for viewing the course slides. (Instructor machine only.)
For this course, you will need one computer for each student and one for the instructor. Each computer will need the following minimum hardware configurations:
- 1 gigahertz (GHz) 64-bit (x64) processor.
- 4 gigabytes (GB) of Random Access Memory (RAM).
- 32 GB available storage space.
- Monitor capable of a screen resolution of at least 1,024 × 768 pixels, at least a 256-color display, and a video adapter with at least 4 MB of memory.
- Bootable DVD-ROM or USB drive.
- Keyboard and mouse or a compatible pointing device.
- Fast Ethernet (100 Mb/s) adapter or faster and cabling to connect to the classroom network.
- IP addresses that do not conflict with other portions of your network.
- Internet access (contact your local network administrator).
- (Instructor computer only) A display system to project the instructor's computer screen.
Lesson 1: Security and Risk Management
Topic A: Security Concepts
Topic B: Security Governance Principles
Topic C: Compliance
Topic D: Professional Ethics
Topic E: Security Documentation
Topic F: Risk Management
Topic G: Threat Modeling
Topic H: Risk Response
Topic I: Business Continuity Plan Fundamentals
Topic J: Acquisition Strategy and Practice
Topic K: Personnel Security Policies
Topic L: Security Awareness and Training
Lesson 2: Asset Security
Topic A: Asset Classification
Topic B: Secure Data Handling
Topic C: Resource Provisioning and Protection
Topic D: Manage Data Lifecycle
Topic E: Asset Retention
Topic F: Data Security Controls
Lesson 3: Security Architecture and Engineering
Topic A: Security in the Engineering Lifecycle
Topic B: System Component Security
Topic C: Security Models
Topic D: Controls and Countermeasures in Enterprise Security
Topic E: Information System Security Capabilities
Topic F: Design and Architecture Vulnerability Mitigation
Topic G: Vulnerability Mitigation in Emerging Technologies
Topic H: Cryptography Concepts
Topic I: Cryptography Techniques
Topic J: Cryptanalytic Attacks
Topic K: Site and Facility Design for Physical Security
Topic L: Physical Security Implementation in Sites and Facilities
Lesson 4: Communication and Network Security
Topic A: Network Protocol Security
Topic B: Network Components Security
Topic C: Communication Channel Security
Topic D: Network Attack Mitigation
Lesson 5: Identity and Access Management
Topic A: Physical and Logical Access Control
Topic B: Identification and Authentication
Topic C: Identity as a Service
Topic D: Authorization Mechanisms
Topic E: Access Control Attack Mitigation
Lesson 6: Security Assessment and Testing
Topic A: System Security Control Testing
Topic B: Software Security Control Testing
Topic C: Security Process Data Collection
Topic D: Audits
Lesson 7: Security Operations
Topic A: Security Operations Concepts
Topic B: Change Management
Topic C: Physical Security
Topic D: Personnel Security
Topic E: Detective and Preventive Measures
Topic F: Patch and Vulnerability Management
Topic G: Logging and Monitoring
Topic H: Incident Response
Topic I: Investigations
Topic J: Disaster Recovery Planning
Topic K: Disaster Recovery Strategies
Topic L: Disaster Recovery Implementation
Lesson 8: Software Development Security
Topic A: Security Principles in the System Lifecycle
Topic B: Security Principles in the Software Development Lifecycle
Topic C: Security Controls in the Development Environment
Topic D: Database Security in Software Development
Topic E: Software Security Effectiveness Assessment