Certified Information Systems Security Professional (CISSP)®

Welcome to Certified Information Systems Security Professional (CISSP)®. With your completion of the prerequisites and necessary years of experience, you are firmly grounded in the knowledge requirements of today’s security professional. This course will expand upon your knowledge by addressing the essential elements of the 10 domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals. The course offers a job-related approach to the security process, while providing the basic skills required to prepare for CISSP certification.

 

You will control access to data and information systems using common access control best practices. You will discover how networks are designed for security, and the components, protocols, and services that allow telecommunications to occur in a secure manner. Next, you will learn about the principles of security management and how to manage risk as part of a comprehensive information security management program. You will explore applications and systems development security controls. Then, you will learn how to perform cryptography and how to secure system architecture. You will examine operations security and the appropriate controls and best practices to use to keep operations secure. You will learn how to perform business continuity planning and apply physical security to protect organizational assets and resources. Finally, you will explore law, investigations, and ethics with respect to information systems security and computer forensics.

 
Class Agenda:

Lesson 1: Controlling Access to Information Systems

  • Control Data Access
  • Control System Access
  • Determine an Access Control Administration Method
  • Perform a Penetration Test

Lesson 2: Networking Systems and Telecommunications

  • Design Data Networks
  • Provide Remote Access to a Data Network
  • Secure a Data Network
  • Manage a Data Network

Lesson 3: Defining Security Management

  • Determine Security Management Goals
  • Classify Information
  • Develop a Security Program
  • Manage Risk

Lesson 4: Creating Applications Security

 
  • Perform Software Configuration Management
 
  • Implement Software Controls
 
  • Secure Database Systems

Lesson 5: Performing Cryptography

 
  • Apply a Basic Cipher
 
  • Select a Symmetric Key Cryptography Method
 
  • Select an Asymmetric Key Cryptography Method
 
  • Determine Email Security
 
  • Determine Internet Security

Lesson 6: Securing System Architecture

 
  • Evaluate Security Models
 
  • Choose a Security Mode
 
  • Provide System Assurance

Lesson 7: Executing Operations Security

 
  • Control Operations Security
 
  • Audit and Monitor Systems
 
  • Handle Threats and Violations

Lesson 8: Performing Business Continuity Planning

 
  • Sustain Business Processes
 
  • Perform Business Impact Analysis
 
  • Define Disaster Recovery Strategies
 
  • Test the Disaster Recovery Plan

Lesson 9: Applying Physical Security

 
  • Control Physical Access
 
  • Monitor Physical Access
 
  • Establish Physical Security Methods
 
  • Design Secure Facilities

Lesson 10: Applying Law, Investigations, and Ethics

 
  • Interpret Computer Crime Laws and Regulations
 
  • Apply the Evidence Life Cycle
 
  • Perform an Investigation
 
  • Identify Codes of Conduct

Appendix A: CISSP Certification Exam Objectives

Appendix B: SSCP Certification Exam Objectives

At Completion:

Upon successful completion of this course, students will be able to:

 
  • Control access to information systems.
 
  • Network systems and telecommunications.
 
  • Define security management.
 
  • Create applications security.
 
  • Perform cryptography.
 
  • Secure system architecture.
 
  • Execute operations security.
 
  • Perform business continuity planning.
 
  • Apply physical security.
 
  • Apply law, investigations, and ethics.

Prerequisites:Students should have certifications in A+, Network+, or Security+, or possess equivalent professional experience. Students may have one or more of the following certifications or equivalent experience: MCSE, SCNP, CCNP, RHCE, LCE, CNE, SSCP, SANS, or GIAC.

Target Student:Students pursuing CISSP training want to establish themselves as credible computer security professionals through a study of all 10 CISSP Common Body of Knowledge domains. Validating this knowledge is the goal of certification; therefore, students attending this training should also meet the requirements needed to sit for the CISSP certification exam. These include four years of direct professional work experience in one or more fields related to 10 CBK security domains, or a college degree and three years of experience. Check with (ISC)2 for the most up-to-date requirements. New certifications have emerged and will continue to emerge from (ISC)2, which may cause changes to base requirements.

Materials Furnished: Course Manual

Course Length: 5 days