CISSP Prep Course

Duration: 5 days

If you are ready to take your security career to the next level, our Certified Information Systems Security Professional (CISSP) exam preparation course will help get you there. Get instruction from our experts with real-world experience as you cover all the material you need to be fully prepared for the (ISC)² CISSP exam. Our study guide contains relevant, up-to-date information and includes summary charts, insightful data, and practice exams. Along with our custom course material, you will receive a free copy of McGraw-Hill's CISSP Certification All-in-One Exam Guide, 4th Edition and a CISSP certification practice exam.

Certification

(ISC)² requires exam candidates to have a minimum of five years of relevant work experience in two or more of the ten domains, four years of work experience with an applicable college degree, or a credential from the (ISC)²-approved list.

The CISSP certification requires successfully passing the CISSP exam (administered by (ISC)²) and having met the experience requirements.

• Systems administration experience, familiarization with TCP/IP, and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course.

In-depth coverage of the ten domains required to pass the CISSP exam:

1. Operations Security
2. Information Security and Risk Management
3. Physical (Environmental) Security
4. Cryptography
5. Access Control
6. Security Architecture and Design
7. Telecommunications and Network Security
8. Business Continuity and Disaster Recovery Planning
9. Application Security
10. Legal, Regulations, Compliance, and Investigations

1. Test-Taking Tips and Study Techniques

• Preparation for the CISSP Exam
• Submitting Required Paperwork
• Resources and Study Aids
• Passing the Exam the First Time

2. Operations Security

• Change Control/Configuration Management
• Dual Control, Separation of Duties, Rotation of Duties
• Vulnerability Assessment and Pen-Testing

3. Access Control

• AAA
• Authentication Methods (Types 1, 2, & 3)
• Authorization - DAC, RBAC, MAC
• Accounting - Logging, Monitoring, Auditing
• Central/Decentralized and Hybrid Management
• Single Sign-on - Kerberos, Radius, Diameter, TACACS
• Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering

4. Cryptography

• Intro - History
• Symmetric
• Asymmetric
• Hashing
• Cryptosystems - SSL, S/MIME, PGP
• PKI
• Cryptanalysis

5. Security Architecture and Design

• Layering, Data Hiding and Abstraction
• Processors
• Memory - Segmentation/Rings, Types of Memory
• Operating Systems
• Models
• Assurance - TCSEC, ITSEC, CC
• Architecture Problems - Covert Channels + TOC/TOU, Object Reuse

6. Telecommunications and Network Security

• OSI/DoD TCP/IP Models
• TCP/UDP/ICMP/IP
• Ethernet
• Devices - Routers/Switches/Hubs
• Firewalls
• Wireless
• WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
• Voice - PBX/Cell Phones/VOIP
• IPSec
• Network Vulnerabilities

7. Application Security

• SDLC
• Change (Lifecycle) Management
• Database Security
• AI
• OOD
• Mobil Code
• Malware

8. Disaster Recovery and Business Continuity

• Policy
• Roles and Teams
• BIA
• Data Backups, Vaulting, Journaling, Shadowing
• Alternate Sites
• Emergency Response
• Required Notifications
• Tests

9. Legal, Regulations, Compliance, and Investigations

• Ethics - Due Care/Due Diligence
• Intellectual Property
• Incident Response
• Forensics
• Evidence
• Laws - HIPAA, GLB, SOX

10. Physical (Environmental) Security

• CPTED
• Facility Design
• Fire Safety
• Electrical Security
• HVAC
• Perimeter Security - Fences, Gates, Lighting
• Physical Access Control - Transponders, Badges, Swipe Cards
• Theft
• Intrusion Detection - CCTV, Alarms, Guards, & Dogs

11. Information Security and Risk Management

• CIA
• Roles and Responsibilities - RACI
• Asset Management
• Taxonomy - Information Classification
• Risk Management
• SDLC (Security Development Lifecycle)
• Certification and Accreditation
• Policies, Procedures, Standards, Guidelines, Baselines
• Knowledge Transfer - Awareness, Training, Education

12. Review and Q&A Session

• Final Review and Test Prep

• IT consultants, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, security engineers, and other security professionals whose positions require CISSP certification.

No details for the moment

No details for the moment