CISSP Certification

The Certified Information Systems Security Professional (CISSP) certification is the World Beater in the field of information security. This course is aligned with (ISC)² CBK 2015 requirements and it Up skills you to become an information assurance professional who sets out all aspects of IT security, including architecture, design, management, and controls. Most IT security positions rely on or gravitate a CISSP certification, so get started with your CISSP training today.

Key features
  • 32 hours of instructor-led training
  • 32 hours of self-paced videos
  • 5 simulation exams (250 questions each) for practice
  • Offers the requisite 30 CPEs for taking the CISSP examination
  • 8 domain-specific test papers (10 questions each) to prepare you for CISSP certification

Course description


00 - Introduction
  • 1 CISSP®—Introduction
  • 2 Objectives
  • 3 CISSP®
  • 4 (ISC)²®
  • 5 CISSP® Domains
  • 6 Benefits of CISSP® for Professionals
  • 7 Benefits of CISSP® for Employers
  • 8 CISSP® Certification Requirements
  • 9 CISSP® Certification Requirements (contd.)
  • 10 CISSP® Certification Requirements (contd.)
  • 11 CISSP® Certification Requirements (contd.)
  • 12 CISSP® Examination
  • 13 CISSP® Examination (contd.)
  • 14 Conclusion
01—Security and Risk Management
  • 1 Domain 01—Security and Risk Management
  • 2 Objectives
  • 3 Importance of Information Security and Risk Management
  • 4 Role and Importance of CIA in ISM
  • 5 Confidentiality
  • 6 Integrity
  • 7 Availability
  • 8 Information Security
  • 9 Information Security Management
  • 10 Information Security Governance
  • 11 IT Security and Organizational Goals, Mission, and Objectives
  • 12 Goals, Mission, and Objectives
  • 13 Aligning Security with Goals, Mission, and Objectives
  • 14 Business Scenario
  • 15 Organizational Processes
  • 16 Auditing
  • 17 Control Framework
  • 18 Due Care
  • 19 Due Diligence
  • 20 Security Controls
  • 21 Service Level Agreements
  • 22 Managing Third - Party Governance
  • 23 Offshoring Privacy Requirements and Compliance
  • 24 Business Scenario
  • 25 Layers of Responsibility
  • 26 Security Policies
  • 27 Types of Security Policies
  • 28 Security Policy Implementation
  • 29 Policy Chart
  • 30 Standards, Guidelines, Procedures, and Baselines
  • 31 Business Scenario
  • 32 Compliance—Need for Compliance
  • 33 Regulatory Compliance
  • 34 Compliance
  • 35 Compliance (contd.)
  • 36 Compliance (contd.)
  • 37 Standards/Manuals/Guidelines for Compliance
  • 38 Computer Crimes
  • 39 Introduction to Computer Crime
  • 40 Categories of Computer Crimes
  • 41 Business Scenario
  • 42 Major Legal Systems
  • 43 Common Law and Civil Law
  • 44 Customary Law and Religious Law
  • 45 Mixed Law
  • 46 Business Scenario
  • 47 Introduction to Intellectual Property (IP) Law
  • 48 Types of Intellectual Property (IP) Law
  • 49 Types of Intellectual Property (IP) Law (contd.)
  • 50 Types of Intellectual Property (IP) Law (contd.)
  • 51 Business Scenario
  • 52 Import or Export Controls and Trans - Border Data Flow
  • 53 Introduction to Privacy
  • 54 U.S. Privacy Laws
  • 55 U.S. Privacy Laws (contd.)
  • 56 U.S. Guidelines for Managing Privacy
  • 57 EU Council Directive (Law) on Data Protection
  • 58 The U.S.-European Union Safe Harbor
  • 59 Security Definitions
  • 60 Information Risk Management
  • 61 Business Scenario
  • 62 Introduction to Risk Analysis
  • 63 Goals of Risk Analysis
  • 64 Risk Analysis Team
  • 65 Steps for Risk Analysis
  • 66 Information and Assets Valuation
  • 67 Risk Analysis Types
  • 68 Quantitative Risk Analysis—Steps
  • 69 Quantitative Risk Analysis—Problem
  • 70 Qualitative Risk Analysis
  • 71 Delphi Technique
  • 72 Quantitative vs.Qualitative
  • 73 Hybrid Analysis
  • 74 Countermeasure Selection—Problem
  • 75 Countermeasure Selection—Other Factors
  • 76 Handling Risk
  • 77 Business Scenario
  • 78 Threat Modeling
  • 79 Need for Business Continuity Planning
  • 80 Basic Concepts—Disruptive Events
  • 81 Basic Concepts—Business Continuity Planning
  • 82 Importance of Business Continuity Planning
  • 83 Business Continuity Planning Phases
  • 84 BCP/DRP Phase 1—Project Initiation and Scoping
  • 85 BCP/DRP Phase 2—Business Impact Analysis (BIA)
  • 86 BIA—Goals
  • 87 BIA—Steps
  • 88 BIA Steps—Business Unit Level
  • 89 Maximum Tolerable Downtime (MTD)
  • 90 Failure and Recovery Metrics
  • 91 Failure and Recovery Metrics (contd.)
  • 92 Stages of Failure and Recovery
  • 93 BCP/DRP Phase 3—Identify Preventive Controls
  • 94 Importance of Managing Personnel Security
  • 95 Managing Personnel Security—Hiring Practices
  • 96 Managing Personnel Security—Employee Termination
  • 97 Vendor, Contractors, and Consultant Controls
  • 98 Best Work Practices
  • 99 Business Scenario
  • 100 Importance of Security Awareness Training
  • 101 Security Awareness Training: Awareness, Training, and Education
  • 102 Implementation of Security Awareness Training Program
  • 103 Importance of Content Updates
  • 104 Importance of Managing Security Function
  • 105 Best Practices—Budget and Establish Security Metrics
  • 106 Best Practices—Resources and Develop and Implement Strategies
  • 107 Best Practices—Completeness and Effectiveness of the Program
  • 108 Business Scenario
  • 109 (ISC)² Code of Ethics
  • 110 Quiz
  • 112 Conclusion
02 - Asset Security
  • 1 Domain 02 Asset Security
  • 2 Objectives
  • 3 Importance of Asset Security
  • 4 Need for Information Classification
  • 5 Information Classification Objectives
  • 6 Government or Military Sector Classification
  • 7 Commercial or Private Sector Classification
  • 8 Information Classification Criteria
  • 9 Data Classification Considerations
  • 10 Role Responsible for Data Classification
  • 11 Business Scenario
  • 12 Data Management
  • 13 Best Practices for Data Management
  • 14 Data Policy
  • 15 Data Ownership
  • 16 Data Ownership Best Practices
  • 17 Data Custodians
  • 18 Data Custodians (contd.)
  • 19 Data Quality
  • 20 Data Quality—Aspects
  • 21 Data Quality Assurance and Quality Control
  • 22 Data Documentation
  • 23 Data Documentation Practices
  • 24 Data Standards
  • 25 Data Control Lifecycle
  • 26 Data Specification and Modeling
  • 27 Database Maintenance
  • 28 Data Audit
  • 29 Data Storage and Archiving
  • 30 Data Security
  • 31 Data Access, Sharing, and Dissemination
  • 32 Data Publishing
  • 33 Data Handling Requirements
  • 34 Media Resource Protection
  • 35 Data Remanence
  • 36 Business Scenario
  • 37 Asset Management
  • 38 Software Licensing
  • 39 Equipment Lifecycle
  • 40 Protecting Privacy
  • 41 Ensuring Appropriate Retention
  • 42 Data Security Controls
  • 43 Data in Transit—Best Practices
  • 44 Scoping and Tailoring
  • 45 Scoping and Tailoring (contd.)
  • 46 Standards Selection—US DoD
  • 47 Standards Selection—International Standards
  • 48 Standards Selection National Cyber Security Framework Manual
  • 49 Standards Selection Center for Strategic and International Studie
  • 50 Standards Selection Critical Security Controls
  • 51 Standards Selection Security Content Automation Protocol
  • 52 Framework for Improving Critical Infrastructure Cybersecurity
  • 53 Business Scenario
  • 54 Quiz
  • 55 Summary
  • 56 Conclusion
03 - Security Engineering
  • 1 Domain 03 Security Engineering
  • 2 Objectives
  • 3 Security Architecture and Design - Case Study
  • 4 Security Engineering
  • 5 Architecture Framework
  • 6 Zachman Framework
  • 7 TOGAF
  • 8 ITIL
  • 9 Creating a Security Architecture
  • 10 Enterprise Security Architecture
  • 11 Common Security Services in ESA
  • 12 SABSA Framework
  • 13 SABSA Matrix
  • 14 Business Scenario
  • 15 ISO/IEC 27001:2013 Security Standards
  • 16 ISO/IEC 27002 Code of Practice for Information Security Management
  • 17 Security Models
  • 18 State Machine Model
  • 19 Multilevel Security Models
  • 20 Matrix-Based Model
  • 21 Non-Interference Model
  • 22 Information flow model
  • 23 Examples of Security Models: Bell–LaPadula Confidentiality Model
  • 24 Examples of Security Models: Biba Integrity Model
  • 25 Examples of Security Models: Clark–Wilson integrity model
  • 26 Brewer Nash, Graham Denning, and Harrison Ruzzo Ullman models
  • 27 Business Scenario
  • 28 Evaluation Criteria
  • 29 CSEC
  • 30 Information Technology Security Evaluation Criteria
  • 31 Common Criteria
  • 32 Common Criteria Evaluation Process
  • 33 Common Criteria Levels
  • 34 Payment Card Industry Data Security Standard
  • 35 Certification and Accreditation
  • 36 Certification and Accreditation Standards
  • 37 SEI—CMMI
  • 38 SEI—CMMI Levels
  • 39 Business Scenario
  • 40 System Security Architecture
  • 41 Mainframes and Other Thin Client Systems
  • 42 Middleware and Embedded Systems
  • 43 Pervasive Computing and Mobile Computing Devices
  • 44 System Components Processors
  • 45 System Components Memory
  • 46 System Components Storage
  • 47 System Components Trusted Computing Base (TCB)
  • 48 System Components Reference Monitor
  • 49 System Components—Trusted Platform Module (TPM)
  • 50 System Components Peripherals and Other Input/Output Devices
  • 51 System Components Operating System
  • 52 System Components Ring Model
  • 53 System Components System Kernel
  • 54 Distributed Systems
  • 55 Virtualization
  • 56 Hypervisor
  • 57 Cloud Computing
  • 58 Service models
  • 59 Grid Computing
  • 60 Peer to Peer Networking (P2P)
  • 61 Business Scenario
  • 62 Security Threats and Countermeasures
  • 63 Assessing and Mitigating Vulnerabilities and Threats
  • 64 Assessing and Mitigating Vulnerabilities and Threats (contd.)
  • 65 Assessing and Mitigating Vulnerabilities and Threats (contd.)
  • 66 Best Practices
  • 67 Best Practices (contd.)
  • 68 Best Practices Techniques and Technologies
  • 69 Best Practices Techniques and Technologies (contd.)
  • 70 Best Practices Techniques and Technologies (contd.)
  • 71 Best Practices Techniques and Technologies (contd.)
  • 72 Best Practices Techniques and Technologies (contd.)
  • 73 Introduction to Cryptography
  • 74 Cryptographic Lifecycle
  • 75 Algorithm or Protocol Governance
  • 76 Cryptography Terms
  • 77 Strength of a Cryptosystem
  • 78 Cryptography Methods Substitution Cipher
  • 79 Cryptography Methods Transposition Cipher
  • 80 Cryptography Methods Book or Running Key Cipher
  • 81 Cryptography Methods Concealment Cipher
  • 82 Cryptography Methods Steganography and DRM
  • 83 Business Scenario
  • 84 Introduction to Symmetric Cryptography
  • 85 Symmetric Key Ciphers
  • 86 Block Cipher
  • 87 Stream Cipher
  • 88 Block Cipher Designs
  • 89 Data Encryption Standard (DES)
  • 90 DES Algorithm
  • 91 DES Operation Modes Electronic Code Book
  • 92 DES Operation Modes Cipher Block Chaining
  • 93 DES Operation Modes Cipher Feed Back
  • 94 DES Operation Modes Output Feed Back
  • 95 DES Operation Modes—Counter
  • 96 Triple DES
  • 97 Advanced Encryption Standard (AES)
  • 98 AES Algorithm
  • 99 AES Algorithm Key Expansion and Initial Round
  • 100 Advanced Encryption Standard (AES) Algorithm—Rounds
  • 101 AES Algorithm Final Round
  • 102 Other Symmetric Systems
  • 103 Other Symmetric Systems (contd.)
  • 104 Business Scenario
  • 105 Introduction to Asymmetric Cryptography
  • 106 Introduction to Asymmetric Cryptography Diagram
  • 107 Introduction to RSA Algorithm
  • 108 RSA Algorithm Process
  • 109 Other Types of Asymmetric Cryptography Elliptic Curve Cryptosystems
  • 110 Other Types of Asymmetric Cryptography Diffie-Hellman Key Exchange
  • 111 Public Key Cryptography
  • 112 Symmetric vs. Asymmetric Cryptography
  • 113 Advantages and Disadvantages
  • 114 Introduction to Public Key Infrastructure
  • 115 PKI Certification
  • 116 PKI Certification (contd.)
  • 117 PKI Steps—Part 1
  • 118 PKI Steps—Part 2
  • 119 One-Way Hash
  • 120 Hashing Algorithms
  • 121 Hashing Algorithms (contd.)
  • 122 Salting
  • 123 Message Authentication Code (MAC)
  • 124 Digital Signatures
  • 125 Key Management
  • 126 Key Management Principles
  • 127 Escrowed Encryption
  • 128 Business Scenario
  • 129 Need for Physical and Environmental Security
  • 130 Business Scenario
  • 131 Site and Facility Design Criteria
  • 132 Information Protection Environment
  • 133 Crime Prevention Through Environmental Design (CPTED)
  • 134 Site Location
  • 135 Construction
  • 136 Support Facilities
  • 137 Business Scenario
  • 138 Secure Operational Areas
  • 139 Business Scenario
  • 140 Environmental Controls
  • 141 Environmental Controls (Contd.)
  • 142 Fire Detection and Suppression
  • 143 Power Supply
  • 144 Power Supply (contd.)
  • 145 HVAC
  • 146 Training and Awareness
  • 147 Business Scenario
  • 148 Quiz
  • 149 Summary
  • 150 Conclusion
04 - Communications and Network Security
  • 1 Domain 04—Communications and Network Security
  • 2 Objectives
  • 3 Importance of Communications and Network Security—Case Study
  • 4 Introduction to Secure Network Architecture and Design
  • 5 Open Systems Interconnection
  • 6 OSI Model Layers
  • 7 Physical Layer
  • 8 Data Link Layer
  • 9 Network Layer
  • 10 Transport Layer
  • 11 Session Layer
  • 12 Presentation Layer
  • 13 Application Layer
  • 14 Transmission Control Protocol/Internet Protocol (TCP/IP) Model
  • 15 Network Access Layer and Internet Layer
  • 16 Host-to-Host Layer and Application Layer
  • 17 Comparison of OSI and TCP/IP Models
  • 18 Introduction to IP Addressing
  • 19 IPv4 and IPv6
  • 20 Classful IP Addressing
  • 21 Class A
  • 22 Class B
  • 23 Class C
  • 24 Class D and Class E
  • 25 Classless Inter-Domain Routing
  • 26 Private Networks and Loopback Address
  • 27 Types of IP Addressing
  • 28 Routed and Routing Protocols
  • 29 Types of Network Protocols
  • 30 Transmission Control Protocol (TCP)
  • 31 User Datagram Protocol (UDP)
  • 32 Internet Protocol
  • 33 Address Resolution Protocol
  • 34 Internet Control Message Protocol (ICMP)
  • 35 Hypertext Transfer Protocol (HTTP)
  • 36 Implications of Multi-Layer Protocols
  • 37 Distributed Network Protocol
  • 38 LAN/Network Technologies
  • 39 Transmission Media
  • 40 Twisted Pair
  • 41 Coaxial Cable Box
  • 42 Fiber-Optic Cable Box
  • 43 Network Topologies
  • 44 Media Access Technologies
  • 45 Carrier-Sense Multiple Access with Collision Detection
  • 46 Carrier-Sense Multiple Access with Collision Avoidance
  • 47 Flavors of LAN transmission methods
  • 48 List of Networking Devices
  • 49 VLANs
  • 50 Gateways
  • 51 Network Access Control Devices
  • 52 Packet-Filtering and Application-Level
  • 53 Circuit-Level and Stateful-Inspection
  • 54 Firewall Architectures
  • 55 Network Security Terms
  • 56 Business Scenario
  • 57 Networks
  • 58 Types of Networks
  • 59 WAN Technologies
  • 60 WAN Switching and Devices
  • 61 Network Address Translation and Frame Relay
  • 62 Multi-Protocol Label Switching and VoIP
  • 63 Fiber Channel over Ethernet and Internet Small Computer System Interface
  • 64 Virtualized Networks
  • 65 Introduction to Remote Access
  • 66 VPN using PPTP and L2TP
  • 67 Internet Security Protocol (IPsec)
  • 68 Internet Security Protocol (IPsec) Modes of Operation
  • 69 IPsec Security Protocols—Authentication Header (AH)
  • 70 IPsec Security Protocols—Encapsulating Security Payload (ESP)
  • 71 Components of the IPsec Process
  • 72 Components of the IPsec Process (contd.)
  • 73 IPsec Process
  • 74 Secure Access Protocols
  • 75 Secure Access Protocols (contd.)
  • 76 Secure Access Protocols (contd.)
  • 77 Remote Access Security Methods
  • 78 Multimedia Collaboration
  • 79 Wireless Technologies
  • 80 IEEE Wireless Standards and Spread-Spectrum Technologies
  • 81 Direct Sequence Spread Spectrum and Frequency-Hopping Spread Spectrum
  • 82 WLAN Operational Modes
  • 83 Bluetooth
  • 84 Bluetooth Attack
  • 85 Blue Jacking and Blue Snarfing
  • 86 Blue Bugging, Backdoor Attacks, and Denial of Service Attacks
  • 87 Wireless Security
  • 88 Business Scenario
  • 89 Network Attacks
  • 90 Network Attacks (contd.)
  • 91 Network Attacks—Countermeasures
  • 92 Quiz
  • 93 Summary
  • 94 Conclusion
05 - Identity and Access Management
  • 1 Domain 05—Identity and Access Management
  • 2 Objectives
  • 3 Importance of Identity and Access Management in Information Security
  • 4 Controlling Physical and Logical Access to Assets
  • 5 Controlling Physical and Logical Access to Assets (contd.)
  • 6 Access Subject Object and Access controls
  • 7 Identity and Access Management Policy
  • 8 Identification Authentication and Authorization
  • 9 Identity Management
  • 10 Identity and Access Provisioning Lifecycle
  • 11 Identity and Access Provisioning Lifecycle (contd.)
  • 12 Guidelines for User Identification
  • 13 Verifying Identification Information
  • 14 Strong Authentication
  • 15 Biometrics—Characteristics
  • 16 Types of Biometrics
  • 17 FRR FAR CER
  • 18 Passwords
  • 19 Password Types
  • 20 Tokens
  • 21 Token Device—Synchronous
  • 22 Token Device—Asynchronous
  • 23 Memory Cards and Smart Cards
  • 24 Attacks on Smart Cards—Fault Generation and Micro-Probing
  • 25 Access Criteria
  • 26 Authorization Concepts
  • 27 Identity Management Implementation
  • 28 Password Management
  • 29 Directory Management
  • 30 Directory Technologies
  • 31 Accounts Management
  • 32 Profile Management
  • 33 Web Access Management
  • 34 Single Sign-On (SSO)
  • 35 SSO Technologies
  • 36 Kerberos
  • 37 Kerberos Steps
  • 38 Problems with Kerberos
  • 39 Business Scenario
  • 40 Access Control Types—Security Layer
  • 41 Access Control Types—Functionality
  • 42 Business Scenario
  • 43 Access Control Models—DAC
  • 44 Access Control Models—MAC
  • 45 Access Control Models—RBAC
  • 46 Business Scenario
  • 47 Access Control Concepts
  • 48 Types of Access Control Administration
  • 49 Remote Authentication Dial-In User Service (RADIUS)
  • 50 TACACS and TACACS+
  • 51 DIAMETER
  • 52 Accountability
  • 53 Accountability (contd.)
  • 54 Session Management
  • 55 Registration and Proof of Identity
  • 56 Credential Management Systems
  • 57 Credential Management Systems—Risks and benefits
  • 58 Federated Identity Management
  • 59 Federated Identity Management Models
  • 60 Federated Identity Management Models (contd.)
  • 61 Federated Identity Management Models (contd.)
  • 62 Identity as a Service
  • 63 Identity as a Service—Functionality
  • 64 Identity as a Service—Possible Issues
  • 65 Integrate Third-Party Identity Services
  • 66 Integrate Third-Party Identity Services (contd.)
  • 67 Unauthorized Disclosure of Information
  • 68 Threats to Access Control
  • 69 Protection against Access Control Attacks
  • 70 Access Control Best Practices
  • 71 Access Control Best Practices (contd.)
  • 72 Quiz
  • 73 Summary
  • 74 Conclusion
06 - Security Assessment and Testing
  • 1 Domain 06—Security Assessment and Testing
  • 2 Objectives
  • 3 Security Assessment and Testing—Introduction
  • 4 Assessment and Test Strategies
  • 5 Vulnerability Assessment
  • 6 Penetration Testing
  • 7 Log Management
  • 8 Log Management—Advantages and Challenges
  • 9 Log Management—Best Practices
  • 10 Log Management—Operational Process
  • 11 Logged Events
  • 12 Synthetic Transactions
  • 13 Reasons to Use Synthetic Transactions
  • 14 Code Review and Testing
  • 15 Testing Techniques
  • 16 Security Testing in the SDLC
  • 17 Software Product Testing Levels
  • 18 Misuse Case Testing
  • 19 Misuse Case Testing—Scenarios
  • 20 Test Coverage Analysis
  • 21 Interface Testing
  • 22 API Testing (contd.)
  • 23 Interface Testing (contd.)
  • 24 GUI Testing
  • 25 Common Software Vulnerabilities
  • 26 Business Scenario
  • 27 Information Security Continuous Monitoring
  • 28 Information Security Continuous Monitoring—Strategy and Process
  • 29 Risk Evaluation and Control—Metrics
  • 30 Security Controls Monitoring Frequencies
  • 31 ISCM—Benefits
  • 32 Key Performance and Risk Indicators
  • 33 Internal and Third Party Audits
  • 34 Audit Frequency and Scope
  • 35 Statement on Auditing Standards No. 70
  • 36 Service Organization Controls
  • 37 SOC 1 Report
  • 38 SOC 2 Report
  • 39 SOC 2 Reports (contd.)
  • 40 SOC 3 Report
  • 41 SOC 1, SOC 2, and SOC 3 Comparison
  • 42 Audit Process—Audit Preparation Phase
  • 43 Audit Process—Audit Phase
  • 44 Business Scenario
  • 45 Quiz
  • 46 Summary
  • 47 Conclusion
07 - Security Operations
  • 1 Domain 07—Security Operations
  • 2 Objectives
  • 3 Importance of Security Operations—Case Study
  • 4 Introduction to Investigations
  • 5 Investigation Challenges
  • 6 Investigations—Primary Activities
  • 7 Crime Scene
  • 8 Forensic Investigation Guidelines
  • 9 Incident Response Terminologies
  • 10 Incident Response Goals
  • 11 Incident Response Team
  • 12 Incident Response Procedures
  • 13 Incident Response Procedures (contd.)
  • 14 Incident Response Procedures (contd.)
  • 15 Incident Response Procedures (contd.)
  • 16 Business Scenario
  • 17 Evidence
  • 18 Evidence Lifecycle
  • 19 Chain of Evidence
  • 20 Types of Evidence
  • 21 Computer Forensics Procedure
  • 22 Requirements for Investigation Types
  • 23 Logging and Monitoring Activities
  • 24 Intrusion Detection System
  • 25 Intrusion Prevention System
  • 26 Security Information and Event Management (SIEM)
  • 27 Security Information and Event Management (SIEM)—Characteristics
  • 28 Continuous Monitoring
  • 29 Egress Filtering
  • 30 Data Leak or Loss Prevention (DLP)
  • 31 Steganography and Digital Watermarking
  • 32 Business Scenario
  • 33 Secure Provisioning of Resources through Configuration Management
  • 34 Secure Provisioning of Resources through Configuration Management (contd.)
  • 35 Introduction to Security Operations
  • 36 Security Operations Concepts
  • 37 Security Operations
  • 38 Effects of Operations Controls on C.I.A.
  • 39 Business Scenario
  • 40 Operational Resilience
  • 41 Threats to Operations
  • 42 Threats to Operations (contd.)
  • 43 Vulnerabilities
  • 44 Controls
  • 45 Business Scenario
  • 46 Need for Controlling Privileged Accounts
  • 47 Identity and Access Management
  • 48 Types of Accounts
  • 49 Commonly Used Roles
  • 50 Commonly Used Roles (contd.)
  • 51 Monitoring Special Privileges
  • 52 Service Level Agreements (SLAs)
  • 53 Business Scenario
  • 54 Protect Valuable Assets
  • 55 Protecting Physical Assets
  • 56 Protecting Information Assets
  • 57 Protecting Resources
  • 58 Controls for Protecting Assets—Hardware Controls
  • 59 Controls for Protecting Assets—Software Controls
  • 60 Controls for Protecting Assets—Media Controls
  • 61 Controls for Protecting Assets—Administrative Controls
  • 62 Cloud and Virtual Storage
  • 63 Cloud and Virtual Storage Security Issues
  • 64 Types of Virtualized Storage
  • 65 Hard Copy Records
  • 66 Business Scenario
  • 67 Incident Management
  • 68 Security Measurements, Metrics, and Reporting
  • 69 Managing Security Technologies
  • 70 Incident Management—Detection Phase
  • 71 Intrusion Detection System
  • 72 Security Information Event Management (SIEM)
  • 73 Anti-Malware Systems
  • 74 Monitoring Techniques—Violation Analysis
  • 75 Incident Management—Other Phases
  • 76 Trusted Recovery and System Recovery
  • 77 Problem Management
  • 78 Operating and Maintaining Preventive Measures
  • 79 Patch Management
  • 80 Vulnerability Management
  • 81 Change Management
  • 82 Change Control Process
  • 83 Configuration Management
  • 84 Configuration Management (contd.)
  • 85 Business Scenario
  • 86 Develop a Recovery Strategy
  • 87 Types of Recovery—Business Recovery and Facility and Supply Recovery
  • 88 Types of Recovery—User Recovery
  • 89 Types of Recovery—Operational Recovery
  • 90 Recovery Partners Strategy
  • 91 Backup Sites
  • 92 Backup Sites (contd.)
  • 93 Backup Sites (contd.)
  • 94 Backup Methods
  • 95 Importance of Maintaining Resilient Systems
  • 96 Redundancy and Fault Tolerance
  • 97 Redundancy and Fault Tolerance Methods
  • 98 Redundancy and Fault Tolerance Methods (contd.)
  • 99 Best Practices for Backup and Recovery
  • 100 Business Scenario
  • 101 Disaster Recovery—Planning Design and Development
  • 102 Planning Design and Development—Step 1 and Step 2
  • 103 Planning Design and Development—Step 3 and Step 4
  • 104 Disaster Recovery Phases—Implementation, Testing, and Training
  • 105 Importance of Testing
  • 106 Types of Testing
  • 107 Types of Testing (contd.)
  • 108 Types of Testing (contd.)
  • 109 Training
  • 110 Disaster Recovery Phases—Maintenance
  • 111 Disaster Recovery Phases—Maintenance (contd.)
  • 112 Business Scenario
  • 113 Perimeter Security
  • 114 Barriers
  • 115 Fences
  • 116 Gates
  • 117 Walls and Bollards
  • 118 Perimeter Intrusion Detection
  • 119 Business Scenario
  • 120 Importance of Lighting
  • 121 Types of Lighting Systems
  • 122 Types of Lights
  • 123 Access Control
  • 124 Types of Access Control Systems
  • 125 Business Scenario
  • 126 Building and Inside Security
  • 127 Personnel Security
  • 128 Business Scenario
  • 129 Quiz
  • 130 Summary
  • 131 Conclusion
Domain 08 - Software Development Security
  • 1 Domain 08 - Software Development Security
  • 2 Objectives
  • 3 Importance of Software Development Security
  • 4 System Environments
  • 5 Distributed Environment
  • 6 Client/Server Systems and Local Environment
  • 7 Distributed Data Processing and Agents
  • 8 Applets
  • 9 Programming Concepts
  • 10 Complier Vs Interpreter
  • 11 Programming and Software
  • 12 Threats in the Software Environment
  • 13 Threats in the Software Environment (contd.)
  • 14 Threats in the Software Environment (contd.)
  • 15 Threats in the Software Environment (contd.)
  • 16 Threats in the Software Environment (contd.)
  • 17 Threats in the Software Environment (contd.)
  • 18 Business Scenario
  • 19 System Life Cycle and Systems Development
  • 20 Systems Development Life Cycle
  • 21 SDLC—Operation and Maintenance
  • 22 Integrated Product Team (IPT)
  • 23 DevOps
  • 24 Software Testing Methods
  • 25 Software Testing Levels
  • 26 Application Controls
  • 27 Software Development Methods
  • 28 Software Development Methods (contd.)
  • 29 Software Development Methods (contd.)
  • 30 Software Development Methods (contd.)
  • 31 Software Development Methods (contd.)
  • 32 Java Security
  • 33 Secure Software Development Best Practices
  • 34 Business Scenario
  • 35 Object - Oriented Programming Terms
  • 36 Object - Oriented Programming Terms (contd.)
  • 37 Object-Oriented Programming—Definition
  • 38 Distributed Object-Oriented Systems
  • 39 Object Request Brokers
  • 40 COM—Component Object Model
  • 41 DCOM—Distributed Component Object Model
  • 42 CORBA—Common Object Request Broker Architecture
  • 43 Software Security and Assurance
  • 44 Software Security and Assurance (contd.)
  • 45 Software Security and Assurance (contd.)
  • 46 Software Security and Assurance (contd.)
  • 47 Software Security and Assurance (contd.)
  • 48 Software Security and Assurance (contd.)
  • 49 Software Security and Assurance (contd.)
  • 50 Software Security and Assurance (contd.)
  • 51 Software Security and Assurance (contd.)
  • 52 Software Security and Assurance (contd.)
  • 53 Software Security and Assurance (contd.)
  • 54 Software Security and Assurance (contd.)
  • 55 Software Security and Assurance (contd.)
  • 56 Software Security : XML and Security Assertion Markup Language
  • 57 Software Security: SOA
  • 58 Audit and Assurance Mechanisms
  • 59 Assessing the Effectiveness of Software Security
  • 60 Assessing the Effectiveness of Software Security (contd.)
  • 61 Assessing the Security Impact of Acquired Software
  • 62 Code Repositories and Application Programming Interfaces
  • 63 Business Scenario
  • 64 Database and Data Warehousing Environments
  • 65 Database Terms
  • 66 Types of Databases
  • 67 Types of Databases (contd.)
  • 68 Types of Databases (contd.)
  • 69 Types of Databases (contd.)
  • 70 Types of Databases (contd.)
  • 71 Database—Threats and Vulnerabilities
  • 72 Introduction to Data Warehousing
  • 73 Data Warehousing Concepts
  • 74 Database Normalization
  • 75 DBMS Controls
  • 76 Business Scenario
  • 77 Malwares—Types
  • 78 Malware Protection
  • 79 Business Scenario
  • 80 Importance and Role of Knowledge Management
  • 81 Knowledge-Based System/Artificial Intelligence
  • 82 Knowledge-Based System—Expert System
  • 83 Knowledge-Based System—Neural Network
  • 84 Web Application Environment—Threats and Vulnerabilities
  • 85 Web Application Environment Security
  • 86 Web Application Environment Security (contd.)
  • 87 Web Application Environment Security (contd.)
  • 88 Web Application Environment Security (contd.)
  • 89 The Ten Best Practices for Secure Software Development—(ISC)
  • 90 Quiz
  • 91 Summary
  • 92 Conclusion

What are the course objectives?

COEPD's CISSP certification training is buttressing the (ISC)² CBK 2015 requirements. The course would edify you in the industry’s latest best practices, which will help you to bail out the exam in the very first attempt. The certification nurses you with expertise in defining the architecture and in designing, building, and maintaining a secure business environment for your organization using globally approved Information Security standards.

With unprecedented security breaches now being reported, the demand for IT security professionals has never been higher. Frost and Sullivan report that there will be a shortage of 1.5 million security professionals by 2019.

What skills will you learn?

By the end of this CISSP training, you will:

  • Develop viable strategies to define the architecture, design, and management of the security of your organization.
  • To Snap up the relevant knowledge and skills required to Excel the CISSP certification exam.
  • Earn the requisite 30 CPEs required to take up the CISSP certification exam.
  • To break the mould of working knowledge in the 8 domains prescribed by the CISSP Common Book of Knowledge, 2015.
Who should take this course?

The CISSP certification is the essence of IT Security domain. This certification is best suited for:

  • Security Consultants/Managers
  • IT Directors/Managers
  • Security Auditors/Architects
  • Security Systems Engineers
  • Chief Information Security Officers
  • Network Architects
Exam & certification
How do I become a CISSP certified professional?

You must get through the CISSP exam to become certified. The CISSP exam is a computer-based test (CBT) administered at Pearson VUE Testing centers around the world.

Link: https://cert.isc2.org/cissp-exam-outline-form/

For US, Canada, and Europe students: Exam Pass Guarantee*

COEPD offers “Exam Pass Guarantee” to our students who complete our course training. We offer a voucher (free of charge) to the students to resist the exam in case they fail ISC2 CISSP final exam.

T&C for claiming the retake voucher as a part of exam pass guarantee:

  • Attend at least one full-fledged instructor-led class
  • Secure over 85% in at least 3 of the 5 test papers provided along with the course
  • Must give final exam within 30 days from the date of course completion
  • Produce exam failure notice received from ISC2
What are the prerequisites for CISSP certification?

This CISSP training is Paved for professionals who want to drift and acquire the credibility to advance within their current Information Security careers. To claim the CISSP certificate from ISC2 it is mandatory that you have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP – CBK 2015. In the case that you do not yet have the required 5 years of experience, you will be awarded an ISC2 associate title which will be replaced with the CISSP certificate after you gain and submit proof of your experience.

What do I need to do to unlock my COEPD certificate? Online Classroom:

Be a part of one full-fledged training batch and get through one simulation test with a minimum grade of 60 %

Online Self-learning:
  • Finish up to 85 % of the course lap.
  • Complete one simulation test with a minimum grade of 60%

FAQs:


What tools do I need to attend the training sessions?

The tools you’ll need to attend training are:

  • Windows: Windows XP SP3 or higher
  • Mac: OSX 10.6 or higher
  • Internet speed: Preferably 512 Kbps or higher
  • Headset, speakers, and microphone: You’ll need headphones or speakers to hear instruction clearly, as well as a microphone to talk to others. You can use a headset with a built-in microphone, or separate speakers and microphone.
What else will I receive as part of the CISSP training?

You will get a fair shake of our e-learning content along with the practice simulation tests, complemented by our tips and tricks videos that help you to douse the toughest exam questions. You will also get an online participant handbook with cross-references to the e-learning segments for learning reinforcement.

Who are our instructors and how are they selected?

We have a dedicated, experienced and expert team of subject matter experts with a whopping track record of more than 16 years in the field and 10-12 years of relevant teaching experience.Each of them has gone through a rigorous selection process that includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating remain on our faculty.

© 2015 4cLearn. All Rights Reserved.