Certified Information System Security Professional

Course details

This course trains students in all areas of the security Common Body of Knowledge. They will learn security policy development, secure software development procedures, network vulnerabilities, attack types and corresponding countermeasures, cryptography concepts and their uses, disaster recovery plans and procedures, risk analysis, crucial laws and regulations, forensics basics, computer crime investigation procedures, physical security, and more.

Who Should Attend:

Students who wish to pass the CISSP certification exam will benefit from this class.

BENEFITS OF AlTTENDADCE:

Upon completion of this course, students will be able to:

• Confidently meet the challenge of CISSP certification exam

Prerequisites:

• There are no prerequisites for this course, although having taken other security courses is extremely helpful.

Course OUTLINE:

Access Codtrol Systems AND METHODOLOGIES

• Access control concepts, methodologies, and implementation
• Access controls: detective, corrective, and preventative
• Access control techniques in centralized and decentralized environments
• Access control risks, vulnerabilities, and exposures

Security Architecture Rno Mooels

• Secure operating system principles, concepts, mechanisms, controls, and standards
• Securearchitecture design, modeling, and protection
• Security models: confidentiality, integrity, and information flow
• Government and commercial security requirements
• Common criteria. ITSEC, TCSEC. IETF, IPSEC
• Technical platforms
• System security preventative, detective, and corrective measures

Disaster Recovery nno Business ConTinurrr Pimranc

• Business continuity planning, business impact analysis, recovery strategies, recovery plan development, and implementation
• Disaster recovery planning, implementation, and restoration
• Compare and contrast disaster recovery and business continuity

SECURITY MANAGEMENT PRACTICES

• Organizational security roles
• Identification of information assets
• Security management planning
• Security policy development; use of guidelines, standards, and procedures
• Security awareness training
• Data classification and marking
• Employment agreements and practices
• Risk management tools and techniques

LAW, INVESTIGATION, AND ETHICS

• Computer crime detection methods
• Applicable computer crime, security, and privacy laws
• Evidence gathering and preservation methods
• Computer crime investigation methods and techniques
• Civil, criminal, and investigative law
• Intellectual property law
• ISC2 and IAB ethics application

Physical Security

• Prevention, detection, and correction of physical hazards
• Secure site design, configuration, and selection elements
• Access control and protection methods for facility, information, equipment, and personnel

Operation Security

• Resource protection mechanisms and techniques
• Operation security principles, techniques, and mechanisms; principles of good practice and limitation of abuses
• Operations security preventative, detective, and corrective measures
• Information attacks
• Access Control Subversion

Cryptography

• Cryptographic concepts, methods, and practices
• Construction of algorithms
• Attacks on cryptosystems
• Ancient cryptography and modern methods
• Public and private key algorithms and uses
• Key distribution and key management
• Digital signature construction and use
• Methods of attack.strength of function

TELECOMMUNICATIONS AND NETWORK SECURITY

• Overview of communications and network security
• Voice communications, data communications, local area, wide area, and remote access
• Internet/Intranet/Extranet, firewalls, routers, and network protocols
• Telecommunication and network security preventative, detective, and corrective measures
• System development process and security controls
• System development life cycle, change controls, application controls, and system and application integrity
• Database structure, concepts, design techniques, and security implications
• Object oriented programming
• Data warehousing and data mining

REVIEW AND Q&A SESSION

• Review concepts introduced in previous sessions
• Answer specific questions or concerns regarding CISSP preparation material

TESTING-TAKING TIPS AND STUDY TECHNIQUES

• Tips for additional preparation for the CISSP exam
• Additional resources
• Techniques for scoring well on the exam