top of page

CISSP

cissp-logo-325w.gif

CISSP® is a globally-recognized certification in the information security field from (ISC)2. Required by many governments and organizations around the world, this credential demonstrates deep technical knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

Cecure Data’s Certified Information Systems Security Professional (CISSP) Exam Preparation course will expose students to the eight domains of knowledge required to pass the exam:

  • Security and Risk Management

  • Asset Security

  • Security Engineering

  • Communications and Network Security

  • Identity and Access Management

  • Security Assessment and Training

  • Security Operations

  • Software Development Security

Our course has been prepared with great care to provide the most exhaustive survey of the CISSP information, test taking techniques, and preparation materials available in the industry. While other CISSP courses on the market require extensive reading and practice test preparation between finishing the class and taking the exam, our students have consistently found that the high quality of our course and its in-class practice test result in a minimum of extra time spent preparing for a successful pass of the exam.


In today’s hectic business conditions, time is of the essence!

Who Needs to Attend

CISSP certification is beneficial to IT consultants, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers.

Course Outline

1. Access Control Systems and Methodologies

  • Access control concepts, methodologies, and implementation

  • Access controls: detective, corrective, and preventative

  • Access control techniques in centralized and decentralized environments

  • Access control risks, vulnerabilities, and exposures

2. Security Architecture and Models

  • Secure operating system principles, concepts, mechanisms, controls, and standards

  • Secure architecture design, modeling, and protection

  • Security models: confidentiality, integrity, information flow

  • Government and commercial security requirements

  • Common criteria, ITSEC, TCSEC, IETF IPSEC

  • Technical platforms

  • System security preventative, detective, and corrective measures

3. Disaster Recovery and Business Continuity Planning

  • Business continuity planning, business impact analysis, recovery strategies, recovery plan development, and implementation

  • Disaster recovery planning, implementation, and restoration

  • Compare and contrast disaster recovery and business continuity

4. Security Management Practices

  • Organizational security roles

  • Identification of information assets

  • Security management planning

  • Security policy development; use of guidelines, standards, and procedures

  • Security awareness training

  • Data classification and marking

  • Employment agreements and practices

  • Risk management tools and techniques

5. Law, Investigation, and Ethics

  • Computer crime detection methods

  • Applicable computer crime laws

  • Evidence gathering and preservation methods

  • Computer crime investigation methods and techniques

  • ISC2 and IAB ethics application

6. Physical Security

  • Secure site design, configuration, and selection elements

  • Access control and protection methods for facility, information, equipment, and personnel

7. Operations Security

  • Resource protection mechanisms and techniques

  • Operation security principles, techniques, and mechanisms; principles of good practice and limitation of abuses

  • Operations security preventative, detective, and corrective measures

8. Cryptography

  • Cryptographic concepts, methods, and practices

  • Public and private key algorithms and uses

  • Key distribution and key management

  • Digital signature construction and use

  • Methods of attack, strength of function

9. Telecommunications and Network Security

  • Overview of communications and network security

  • Voice communications, data communications, local area, wide area, and remote access

  • Internet/Intranet/Extranet, firewalls, routers, and network protocols

  • Telecommunication and network security preventative, detective, and corrective measures

10. Application and System Development

  • System development process and security controls

  • System development life-cycle, change controls, application controls, system and application integrity

  • Database structure, concepts, design techniques, and security implications

11. Review and Q&A Session

  • Review concepts introduced in previous sessions

  • Answer specific questions or concerns regarding CISSP preparation material

12. Testing Taking Tips and Study Techniques

  • Tips for additional preparation for the CISSP exam

  • Additional resources

  • Techniques for scoring well on the exam

bottom of page