Students should have certifications in A+, Network+, or Security+, or possess equivalent professional experience. Students may have one or more of the following certifications or equivalent experience: MCSE, SCNP, CCNP, RHCE, LCE, CNE, SSCP, SANS, or GIAC.
Security Governance Through Principles and Policies
Personnel Security and Risk Management Concepts
Students pursuing CISSP training want to establish themselves as credible computer security professionals through a study of all 8 CISSP Common Body of Knowledge domains. Validating this knowledge is the goal of certification; therefore, students attending this training should also meet the requirements needed to sit for the CISSP certification exam. These include four years of direct professional work experience in one or more fields related to 8 CBK security domains, or a college degree and three years of experience. Check with (ISC)2 for the most up-to-date requirements. New certifications have emerged and will continue to emerge from (ISC)2, which may cause changes to base requirements.
Welcome to Certified Information Systems Security Professional (CISSP). With your completion of the prerequisites and necessary years of experience, you are firmly grounded in the knowledge requirements of today’s security professional. This course will expand upon your knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK) for information systems security professionals. The course offers a job-related approach to the security process, while providing the basic skills required to prepare for CISSP certification.
You will control access to data and information systems using common access control best practices. You will discover how networks are designed for security, and the components, protocols, and services that allow telecommunications to occur in a secure manner. Next, you will learn about the principles of security management and how to manage risk as part of a comprehensive information security management program. You will explore applications and systems development security controls. Then, you will learn how to perform cryptography and how to secure system architecture. You will examine operations security and the appropriate controls and best practices to use to keep operations secure. You will learn how to perform business continuity planning and apply physical security to protect organizational assets and resources. Finally, you will explore law, investigations, and ethics with respect to information systems security and computer forensics.
The eight domains are:
Security and Risk Management
Communication and Network Security
Identity and Access Management
Business Continuity Planning
Laws, Regulations, and Compliance
Protecting Security of Assets
Cryptography and Symmetric Key Algorithms
PKI and Cryptographic Applications
Principles of Security Models, Design, and Capabilities
Security Vulnerabilities, Threats, and Countermeasures
Physical Security Requirements
Secure Network Architecture and Securing Network Components
Secure Communications and Network Attacks
Managing Identity and Authentication
Controlling and Monitoring Access
Security Assessment and Testing
Managing Security Operations
Preventing and Responding to Incidents
Disaster Recovery Planning
Incidents and Ethics
Software Development Security
Malicious Cods and Application Attacks