Course Description
In this course, students will analyze a wide range of information systems security subjects that are organized into 10 domains for CISSP exam certification.
Who Should Attend?
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all 10 CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. The CISSP exam is intentionally difficult and should not be taken lightly. Even students with years of security experience should assume that they will have additional study time after class. Because the domains are so varied, it is unlikely that any one student will have experience in all 10 domains.
Course Length
5 days
Course Outline
Lesson 1: Information Systems Access Control
- Data Access Principles
- System Access and Authentication
- Penetration Tests
Lesson 2: Security Architecture and Design
- Security Models
- Security Modes
- System Assurance
Lesson 3: Network and Telecommunications Security
- Data Network Design
- Remote Data Access
- Data Network Security
- Data Network Management
Lesson 4: Information Security Management Goals
- Organizational Security
- The Application of Security Concepts
Lesson 5: Information Security Classification and Program Development
- Information Classification
- Security Program Development
Lesson 6: Risk Management and Ethics
- Risk Management
- Ethics
Lesson 7: Software Development Security
- Software Configuration Management
- Software Controls
- Database System Security
Lesson 8: Cryptography
- Ciphers and Cryptography
- Symmetric-Key Cryptography
- Asymmetric-Key Cryptography
- Hashing and Message Digests
- Email, Internet, and Wireless Security
- Cryptographic Weaknesses
Lesson 9: Physical Security
- Physical Access Control
- Physical Access Monitoring
- Physical Security Methods
- Facilities Security
Lesson 10: Operations Security
- Operations Security Control
- Operations Security Auditing and Monitoring
- Operational Threats and Violations
Lesson 11: Business Continuity and Disaster Recovery Planning
- Business Continuity Plan Fundamentals
- Business Continuity Plan Implementation
- Disaster Recovery Plan Fundamentals
- Disaster Recovery Plan Implementation
Lesson 12: Legal, Regulations, Compliance, and Investigations
- Computer Crime Laws and Regulations
- Computer Crime Incident Response
Prerequisites
It is highly recommended that students have certifications in Network+ or Security+, or possess equivalent professional experience upon entering CISSP training. It will be beneficial if students have one or more of the following security-related or technology-related certifications or equivalent industry experience: MCSE, MCTS, MCITP, SCNP, CCNP, RHCE, LCE, CNE, SSCP®, GIAC, CISA™, or CISM®. It is highly recommended that students have certifications in Network+ or Security+, or possess equivalent professional experience upon entering CISSP training. It will be beneficial if students have one or more of the following security-related or technology-related certifications or equivalent industry experience: MCSE, MCTS, MCITP, SCNP, CCNP, RHCE, LCE, CNE, SSCP®, GIAC, CISA™, or CISM®.
Course Director
Patrick von Schlag
Mr. von Schlag has more than 25 years of real-world experience managing IT and business organizations. He has served as a consultant, facilitator, and instructor in support of more than 200 ITSM program deployments, with a focus on practical benefits. He holds all 11 ITIL 2011 certifications and runs an accredited learning consultancy focused on Making ITIL Work ™ in real organizations. His customer list includes The Walt Disney Company, Microsoft, Nike, Sears, US Marine Corps, US Army, US Air Force, 2nd and 5th Fleet US Navy, DISA, IRS, Federal Reserve, The Hartford, Citigroup, Amgen, Los Angeles County, Port of Long Beach, GDIT, Accenture, Serco, Deloitte, and hundreds of other market-leading companies.