5 Day (Monday - Friday)

Category: Information Security

Registration Link

Course Description:

The official CISSP training course reviews the eight CISSP certification domains featured in the (ISC)² Common Body of Knowledge (CBK). Reviewing the CBK will help students successfully prepare for the CISSP exam while also develop their overall competencies in information security. In this course you will review the following domains 8:

Domain 1: Security and Risk Management

Domain 2: Asset Security

Domain 3: Security Engineering

Domain 4: Communications and Network Security

Domain 5: Identity and Access Management

Domain 6: Security Assessment and Testing

Domain 7: Security Operations

Domain 8: Software Development Security

Domain 1: Security and Risk Management

The first domain reviewed in this official CISSP training program covers a broad spectrum of general information security and risk management topics. This domain will begin by reviewing the fundamental security principles of confidentiality, availability and integrity upon which all information security functions are based. Additionally, this domain will also build upon these concepts in the areas of security governance and compliance.

CISSP Training / Exam Topics

Confidentiality, Integrity and Availability (CIA) Concepts

Security Governance Principles

Compliance Requirements

Global Legal and Regulatory Issues

Professional Ethics

Security Policies, Standards, Procedures and Guidelines

Business Continuity Requirements

Personnel Security Policies and Procedures

Risk Management Concepts

Threat Modeling Concepts and Methodologies

Risk-Based Management and the Supply Chain

Security Awareness, Education, and Training Program

Domain 2: Asset Security

Asset Security is the second domain reviewed in this (ISC)² authorized training seminar for CISSP. In it, students cover the collection, handling and protection of information throughout its lifecycle.

CISSP Training / Exam Topics

Information and Asset Classification

Information and Asset Ownership (ex. Data Owners, System Owners)

Protect Privacy

Asset Retention

Data Security Controls

Information and Asset Handling Requirements (ex. Markings, Labels, Storage)

Domain 3: Security Engineering

Security Engineering is the third CISSP domain. The information students review focuses on the implementation and management of security engineering processes by using secure design principles.

CISSP Training / Exam Topics

Engineering Processes Using Secure Design Principles

Fundamental Concepts of Security Models

Security Evaluation Models

Security Capabilities of Information Systems

Vulnerabilities Relating to Security Architectures, Designs, and Solution Elements

Web-Based System Vulnerabilities

Mobile System Vulnerabilities

Embedded Device Vulnerabilities

Cryptography

Site and Facility Security Principles

Physical Security Controls (Design and Implement)

Domain 4: Communications and Network Security

Domain 4 prepares students for the CISSP certification exam by focusing on the network architecture, transmission methods, transport protocols, control devices, and the security measures used to maintain the confidentiality, integrity and availability of information transmitted over both private and public communication networks.

CISSP Training / Exam Topics

Secure Network Architecture Designs (ex. IP & Non-IP Protocols, Segmentation)

Secure Network Components

Secure Communication Channels

Domain 5: Identity and Access Management

The fifth domain students review in our CISSP training is called “Identity and Access Management”. This domain will cover the identification and authorization of users, systems and services.

CISSP Training / Exam Topics

Controlling Access to Physical and Logical Assets

Identification and Authentication of People, Device, and Services

Integrating Identity as a Third-Party Service

Authorization Mechanisms

Identity and Access Provisioning Lifecycle (ex. Provisioning Review)

Domain 6: Security Assessment and Testing

The Security Assessment and Testing domain focuses on the evaluation of information assets and associated infrastructure using various tools and techniques for the purposes of identifying and mitigating risk due to architectural issues, design flaws, configuration errors, hardware and software vulnerabilities, coding errors, and any other weaknesses that may affect an information systems ability to deliver its intended functionality in a secure manner. Additionally, students will also review the continuous validation of the application of organizational information security plans, policies, processes and procedures.

CISSP Training / Exam Topics

Assessment, Test, and Audit Strategies

Security Control Testing

Collecting Security Process Data

Test Outputs and Reports

Security Audits

Domain 7: Security Operations

Domain 7, “Security Operations”, covers a broad range of topics involving the application of information security concepts and best practices to the operation of enterprises computing systems. This domain is practical in nature and highlights the tasks and situations that information security professionals are expected to perform or are presented with daily. This domain also reviews the areas where security professionals spend most of their time, making domain 7 the largest in terms of individual topics on the CISSP certification exam.

CISSP Training / Exam Topics

Support and Requirements for Investigations

Investigation Types

Logging and Monitoring Activities

Securely Provisioning Resources

Foundational Security Operations Concepts

Resource Protection

Incident Management

Detective and Preventative Measures

Patch and Vulnerability Management

Change Management Processes

Recovery Strategies

Disaster Recovery Processes and Plans

Business Continuity Planning and Exercises

Physical Security

Personnel Safety and Security Concerns

Domain 8: Software Development Security

The last domain in this official CISSP training seminar is “Software Development Security”. It covers the application of security concepts and best practices to production and development software environments.

CISSP Training / Exam Topics

Security in the Software Development Life Cycle (SDLC)

Development Environments and Security Controls

Software Security Effectiveness

Acquired Software Security Impact

Secure Coding Guidelines and Standards