CISSP

DURATION
5 Days
COURSE DESCRIPTION
This course trains students in all areas of the security Common Body of Knowledge. They will learn 1) Access Control, 2) Telecommunications and Network Security, 3) Information Security Governance and Risk Management, 4) Software Development Security, 5) Cryptography, 6) Security Architecture and Design, 7) Operations Security, Business Continuity and Disaster Recovery Planning, 9) Legal, Regulations, Investigations and Compliance, 10) Physical (Environmental) Security, and more. There are four processes a candidate must successfully complete to become a certified CISSP. To sit for an exam, a candidate must assert that he or she possesses a minimum of five years of professional experience in the information security field or four years of experience plus a college degree. Professional experience has to be in two or more of these 10 (ISC)² CISSP domains listed above.
Who Should attend
Students who wish to pass the CISSP certification exam will benefit from this class.
BENEFIT OF ATTENDANCE
Upon completion of this course, students will be able to:
· Confidently meet the challenge of CISSP certification exam
PEREQUISITE
There are no prerequisites for this course, although having taken other security courses is extremely helpful.

COURSE OUTLINE
· Access Control
1. Effectiveness
2. Attacks
· Telecommunications and Network Security
1. Network architecture and design
2. Communication channels
3. Network components
4. Network attacks
· Information Security Governance and Risk Management
1. Security governance and policy
2. Information classification/ownership
3. Contractual agreements and procurement processes
4. Risk management concepts
5. Personnel security
6. Security education, training and awareness
7. Certification and accreditation
· Software Development Security
1. Systems development life cycle (SDLC)
2. Application environment and security controls
3. Effectiveness of application security
· Cryptography
1. Encryption concepts
2. Digital signatures
3. Cryptanalytic attacks
4. Public Key Infrastructure (PKI)
5. Information hiding alternatives
· Security Architecture and Design
1. Fundamental concepts of security models
2. Capabilities of information systems (e.g. memory protection, virtualization)
3. Countermeasure principles
4. Vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)
· Operations Security
1. Resource protection
2. Incident response
3. Attack prevention and response
4. Patch and vulnerability management
· Business Continuity and Disaster Recovery Planning
1. Business impact analysis
2. Recovery strategy
3. Disaster recovery process
4. Provide training
· Legal, Regulations, Investigations and Compliance
1. Legal issues
2. Investigations
3. Forensic procedures
4. Compliance requirements/procedures
· Physical (Environmental) Security
1. Site/facility design considerations
2. Perimeter security
3. Internal security
4. Facilities security

Email [email protected] for more info