This course will expand upon your knowledge by addressing the essential elements of the eight domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals. The course offers a job-related approach to the security process, while providing a framework to prepare for CISSP certification. CISSP is the premier certification for today’s information systems security professional.
Interested in attending? Have a suggestion about running this event near you?
Register your interest now
Description
Module 1: Security and Risk Management
Lessons:
- Security Governance Principles
- Compliance
- Professional Ethics
- Security Documentation
- Risk Management
- Threat Modeling
- Business Continuity Plan Fundamentals
- Acquisition Strategy and Practice
- Personnel Security Policies
- Security Awareness and Training
Module 2: Asset Security
Lessons:
- Asset Classification
- Privacy Protection
- Asset Retention
- Data Security Controls
- Secure Data Handling
Module 3: Security Engineering
Lessons:
- Security in the Engineering Lifecycle
- System Component Security
- Security Models
- Controls and Countermeasures in Enterprise Security
- Information System Security Capabilities
- Design and Architecture Vulnerability Mitigation
- Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
- Cryptography Concepts
- Cryptography Techniques
- Site and Facility Design for Physical Security
- Physical Security Implementation in Sites and Facilities
Module 4: Communications and Network Security
Lessons:
- Network Protocol Security
- Network Components Security
- Communication Channel Security
- Network Attack Mitigation
Module 5: Identity and Access Management
Lessons:
- Physical and Logical Access Control
- Identification, Authentication, and Authorization
- Identity as a Service
- Authorization Mechanisms
- Access Control Attack Mitigation
Module 6: Security Assessment and Testing
Lessons:
- System Security Control Testing
- Software Security Control Testing
- Security Process Data Collection
- Audits
Module 7: Security Operations
Lessons:
- Security Operations Concepts
- Physical Security
- Personnel Security
- Logging and Monitoring
- Preventative Measures
- Resource Provisioning and Protection
- Patch and Vulnerability Management
- Change Management
- Incident Response
- Investigations
- Disaster Recovery Planning
- Disaster Recovery Strategies
- Disaster Recovery Implementation
Module 8: Software Development Security
Lessons:
- Security Principles in the System Lifecycle
- Security Principles in the Software Development Lifecycle
- Database Security in Software Development
- Security Controls in the Development Environment
- Software Security Effectiveness Assessment
Audience Profile
- Chief Information Security Officer (CISO)
- Chief Security Officer (CSO)
- Senior Security Engineer
- Security Consultant
- Security Manager
- Security Auditor
- Security Architect
- Network Architect
Prerequisites
It is highly recommended that students have security certifications or possess equivalent professional experience upon entering CISSP training.