Certified Information Systems Security Professional (CISSP): Sixth Edition

Course Description Overview

Course Number:
093064
Course Length:
5 days
Course Description Overview:

Welcome to Certified Information Systems Security Professional (CISSP®): Sixth Edition . With your completion of the prerequisites and necessary years of experience, you are firmly grounded in the knowledge requirements of today’s security professional. This course will expand upon your knowledge by addressing the essential elements of the eight domains that comprise a Common Body of Knowledge (CBK®) for information systems security professionals. The course offers a job-related approach to the security process, while providing a framework to prepare for CISSP certification.


CISSP is the premier certification for today’s information systems security professional. It remains the premier certification because the sponsoring organization, the International Information Systems Security Certification Consortium, Inc. (ISC)2 ®, regularly updates the test by using subject matter experts (SMEs) to make sure the material and the questions are relevant in today’s security environment. By defining eight security domains that comprise a CBK, industry standards for the information systems security professional have been established. The skills and knowledge you gain in this course will help you master the eight CISSP domains and ensure your credibility and success within the information systems security field.

Course Objectives:
In this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.

You will:

  • Analyze components of the Security and Risk Management domain.
  • Analyze components of the Asset Security domain.
  • Analyze components of the Security Architecture and Engineering domain.
  • Analyze components of the Communication and Network Security domain.
  • Analyze components of the Identity and Access Management domain.
  • Analyze components of the Security Assessment and Testing domain.
  • Analyze components of the Security Operations domain.
  • Analyze components of the Software Development Security domain
Target Student:
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience.
Prerequisites:
It is highly recommended that students have obtained CompTIA® Network+® or Security+® certifications, or possess equivalent professional experience upon entering CISSP training.
Course-specific Technical Requirements Software:

Each computer will need to have the following software installed. Unless otherwise specified, the software should be full licensed versions.

  • Microsoft® Windows® 7 or greater.
  • Adobe® Acrobat® Reader or an equivalent PDF viewer.
  • If necessary, software for viewing the course slides. (Instructor machine only.)
Course-specific Technical Requirements Hardware:

For this course, you will need one computer for each student and one for the instructor. Each computer will need the following minimum hardware configurations:

  • 1 gigahertz (GHz) 64-bit (x64) processor.
  • 4 gigabytes (GB) of Random Access Memory (RAM).
  • 32 GB available storage space.
  • Monitor capable of a screen resolution of at least 1,024 × 768 pixels, at least a 256-color display, and a video adapter with at least 4 MB of memory.
  • Bootable DVD-ROM or USB drive.
  • Keyboard and mouse or a compatible pointing device.
  • Fast Ethernet (100 Mb/s) adapter or faster and cabling to connect to the classroom network.
  • IP addresses that do not conflict with other portions of your network.
  • Internet access (contact your local network administrator).
  • (Instructor computer only) A display system to project the instructor's computer screen.
Certification reference (where applicable)
Course Content:

Lesson 1: Security and Risk Management

Topic A: Security Concepts

Topic B: Security Governance Principles

Topic C: Compliance

Topic D: Professional Ethics

Topic E: Security Documentation

Topic F: Risk Management

Topic G: Threat Modeling

Topic H: Risk Response

Topic I: Business Continuity Plan Fundamentals

Topic J: Acquisition Strategy and Practice

Topic K: Personnel Security Policies

Topic L: Security Awareness and Training


Lesson 2: Asset Security

Topic A: Asset Classification

Topic B: Secure Data Handling

Topic C: Resource Provisioning and Protection

Topic D: Manage Data Lifecycle

Topic E: Asset Retention

Topic F: Data Security Controls


Lesson 3: Security Architecture and Engineering

Topic A: Security in the Engineering Lifecycle

Topic B: System Component Security

Topic C: Security Models

Topic D: Controls and Countermeasures in Enterprise Security

Topic E: Information System Security Capabilities

Topic F: Design and Architecture Vulnerability Mitigation

Topic G: Vulnerability Mitigation in Emerging Technologies

Topic H: Cryptography Concepts

Topic I: Cryptography Techniques

Topic J: Cryptanalytic Attacks

Topic K: Site and Facility Design for Physical Security

Topic L: Physical Security Implementation in Sites and Facilities


Lesson 4: Communication and Network Security

Topic A: Network Protocol Security

Topic B: Network Components Security

Topic C: Communication Channel Security

Topic D: Network Attack Mitigation


Lesson 5: Identity and Access Management

Topic A: Physical and Logical Access Control

Topic B: Identification and Authentication

Topic C: Identity as a Service

Topic D: Authorization Mechanisms

Topic E: Access Control Attack Mitigation


Lesson 6: Security Assessment and Testing

Topic A: System Security Control Testing

Topic B: Software Security Control Testing

Topic C: Security Process Data Collection

Topic D: Audits


Lesson 7: Security Operations

Topic A: Security Operations Concepts

Topic B: Change Management

Topic C: Physical Security

Topic D: Personnel Security

Topic E: Detective and Preventive Measures

Topic F: Patch and Vulnerability Management

Topic G: Logging and Monitoring

Topic H: Incident Response

Topic I: Investigations

Topic J: Disaster Recovery Planning

Topic K: Disaster Recovery Strategies

Topic L: Disaster Recovery Implementation


Lesson 8: Software Development Security

Topic A: Security Principles in the System Lifecycle

Topic B: Security Principles in the Software Development Lifecycle

Topic C: Security Controls in the Development Environment

Topic D: Database Security in Software Development

Topic E: Software Security Effectiveness Assessment


Appendix A: Mapping Course Content to (ISC)2 ® Certified Information Systems Security Professional (CISSP®) April 2021 Certification Exam Outline


Appendix B: Supplemental Information

Registration
Register Now