CISSP: Certified Information Systems Security Professional

Home > Course Catalog > Choose By Topics > Cybersecurity > CISSP: Certified Information Systems Security Professional

$2,995

Contact for Group Training

Course Overview

CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam.

Led by an authorized instructor, this training course provides a comprehensive review of information security concepts and industry best practices, covering the 8 domains of the CISSP CBK:

Security and Risk Management
Asset Security
Security Engineering
Communications and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security

Schedule

Start Date	Delivery Format	Days	Time	Status	Price	Enroll
Coming Soon	Live Virtual Led	5	10:00 am	Enrolling Now	$2,995	CISSP: Certified Information Systems Security Professional quantity
Coming Soon	Live Virtual Led	5	10:00 am	Enrolling Now	$2,995	CISSP: Certified Information Systems Security Professional quantity
Coming Soon	Live Virtual Led	5	10:00 am	Enrolling Now	$2,995	CISSP: Certified Information Systems Security Professional quantity

Looking for Corporate/Group Training?

Leave us a message

Who Should Attend

This training course is intended for professionals who have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training seminar is ideal for those working in positions such as, but not limited to:

Security Consultant
Security Manager
IT Director/Manager
Security Auditor
Security Architect
Security Analyst
Security Systems Engineer
Chief Information Security Officer
Director of Security
Network Architect

The CISSP Helps You:

Validate your proven competence gained through years of experience in information security
Demonstrate your technical knowledge, skills, and abilities to effectively develop a holistic security program set against globally accepted standards
Differentiate yourself from other candidates for desirable job openings in the fast-growing information security market
Affirm your commitment to the field and ongoing relevancy through continuing professional education and understanding of the most current best practices
Gain access to valuable career resources, such as networking and ideas exchange with peers

The CISSP Helps Employers:

Protect against threats with qualified professionals who have the expertise to competently design, build, and maintain a secure business environment
Ensure professionals stay current on emerging threats, technologies, regulations, standards, and practices through the continuing professional education requirements
Increase confidence that candidates are qualified and committed to information security
Ensure employees use a universal language, circumventing ambiguity with industry-accepted terms and practices
Increase organizations’ credibility when working with clients and vendors

Prerequisites

Candidates must have a minimum of five (5) years of cumulative paid full-time professional security work experience in two or more of the 8 domains of the CISSP CBK.

Candidates may receive a one year experience waiver with a four-year college degree, or regional equivalent OR additional credential from the approved list, thus requiring four (4) years of direct full-time professional security work experience in two or more of the ten domains of the CISSP CBK.

Candidates who have not completed the 5 years of experience to take the CISSP, can take an Associate CISSP exam. This will give them a credential showing their knowledge until they are able to meet the experience requirements for the CISSP.

Objectives

Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference)
Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization’s security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization’s core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organization’s information assets
Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization’s security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization’s core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity
Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise.
Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture.
Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process
Protect and control information processing assets in centralized and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently.
Understand the Software Development Life Cycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security

Course Outline

Security and Risk Management

Security governance principles
Compliance
Legal and regulatory issues
Professional ethic
Security policies, standards, procedures and guidelines

Asset Security

Information and asset classification
Ownership (e.g. data owners, system owners)
Protect privacy
Appropriate retention
Data security controls
Handling requirements (e.g. markings, labels, storage)

Security Engineering

Engineering processes using secure design principles
Security models fundamental concepts
Security evaluation models
Security capabilities of information systems
Security architectures, designs, and solution elements vulnerabilities
Web-based systems vulnerabilities
Mobile systems vulnerabilities
Embedded devices and cyber-physical systems vulnerabilities
Cryptography
Site and facility design secure principles
Physical security

Communication and Network Security

Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
Secure network components
Secure communication channels
Network attacks

Identity and Access Management

Physical and logical assets control
Identification and authentication of people and devices
Identity as a service (e.g. cloud identity)
Third-party identity services (e.g. on-premise)
Access control attacks
Identity and access provisioning lifecycle (e.g. provisioning review)

Security Assessment and Testing

Assessment and test strategies
Security process data (e.g. management and operational controls)
Security control testing
Test outputs (e.g. automated, manual)
Security architectures vulnerabilities

Security Operations

Investigations support and requirements
Logging and monitoring activities
Provisioning of resources
Foundational security operations concepts
Resource protection techniques
Incident management
Preventative measures
Patch and vulnerability management
Change management processes
Recovery strategies
Disaster recovery processes and plans
Business continuity planning and exercises
Physical security
Personnel safety concerns

Software Development Security

Security in the software development lifecycle
Development environment security controls
Software security effectiveness
Acquired software security impact

Click here to view course outline Close