CISSP: Certified Information Systems Security Professional

Duration:
Instructor-led Classroom Learning - 5 Day(s)

Outline:

Lesson 1: Information Security and Risk Management Information Security Management

Security Awareness Training and Education
Risk Management
Ethics

Lesson 2: Access Control

Definitions and Key Concepts
Information Classification
Access Control Categories and Types
Access Control Threats
Access to Systems/Data
Access Control Technologies
Assurance Mechanisms

Lesson 3: Cryptography Key Concepts and Definitions

History
Encryption Systems
Symmetric and Asymmetric Algorithms
Message Integrity Controls
Digital Signatures
Management of Cryptographic Systems
Threats and Attacks

Lesson 4: Physical Security Definitions and Key Concepts

Site Location
Layered Defense Model
Infrastructure Support Systems
Equipment Protection

Lesson 5: Security Architecture and Design Components and Principles

System Security Techniques
Hardware
Software
Security Models and Architecture Theory
Security Evaluation Methods and Criteria

Lesson 6: Business Continuity Planning and Disaster Recovery Planning Project Scope Development and Planning

Business Impact Analysis
Emergency Assessment
Continuity and Recovery Strategy
Plan Design and Development
Implementation
Restoration
Plan Management

Lesson 7: Telecommunications and Network Security Key Concepts and Definitions

Networks
Protocols
Remote Access
Network Components
Telephony

Lesson 8: Application Security System Lifecycle Security

Application Environment and Security Controls
Programming Languages and Tools
Databases and Data Warehouses
Applications Systems Threats and Vulnerabilities
Applications Security Controls

Lesson 9: Operations Security Resource Protection

Change Control Management
Physical Security Controls
Privileged Entity Control

Lesson 10: Legal, Regulations, Compliance and Investigation Major Legal Systems

Legal Concepts
Regulatory Issues
Investigation
Computer Forensicsntent