Help Icon

ETG8196

Course
ETG8196
Course Title
Certified Information Systems Security Professional (CISSP)

Description

The CISSP Certification Training program is an engaging, fully online program, that provides in-depth instruction in keys areas related to information/cyber security. Designed by industry professionals, this program provides approximately 150 hours of instruction. You will experience a wide range of learning activities, including streaming video lectures, multiple assignments and hands-on lab exercises, guided readings, and multiple assessments. Along the way, you will have access to a team of well-qualified individuals for assistance, questions about the materials, and guidance through the program.

This is an advanced level program. Students should have a base knowledge or certification in SSCP. If students wish to take the course without the foundational topics of SSCP, the student is expected to supplement course materials with outside resources.

For certification through (ISC)2, an individual must have a minimum of five-years of paid, full-time work experience in two of the eight domains of CISSP. A one-year experience waiver can be used in place of a four-year college degree or equivalent through an (ISC)2 approved list.

Once a person passes the (ISC)2 vendor exam, an endorsement is also required. This endorsement form must be signed by two (ISC)2 professional who are active members and can verify your professional experience.

Objectives

  • Understand security concepts as they relate to the day-to-day operations of an organization
  • Apply learned concepts to establishing and maintain security practices and operations within and organization
  • Provide and apply assessment and testing strategies of security mechanisms for an organization
  • Engineer proper security strategies to compensate for vulnerabilities within an organization’s infrastructure

Content

I. Security and Risk Management

A. Security Governance

B. Security Policies

C. Confidentiality

D. Business Continuity

E. Legal and Regulatory

F. Professional Ethic

G. Risk Management

II. Asset Security

A. Information Classification

B. Handling Requirements

C. Ownership

D. Data Security Controls

E. Protect Privacy

F. Retention

III. Security Engineering

A. Security Models

B. Security Designs

C. Engineering Processes

D. Vulnerabilities

E. Cryptography

F. Embedded Devices

G. Site Design and Security

IV. Communication and Network Security

A. Network Architecture Design

B. Network Components

C. Communication Channels

D. Network Attacks

V. Identity and Access Management

A. Physical and Logical Assets Control

B. Identification and Authentication

C. Third-Party Identity Services

D. Identity as a Service

E. Provisioning Lifecycle

F. Authorization Mechanisms

VI. Security Assessment and Testing

A. Assessment and Test Strategies

B. Test Outputs

C. Security Control Testing

D. Security Process Data

E. Security Architectures

VII. Security Operations

A. Foundational Security Operations Concepts

B. Logging, Monitoring and Investigating Activities

C. Provisioning of Resources

D. Management Processes

E. Physical Security

F. Preventative Measures

G. Business Continuity

VIII. Software Development Security

A. Security in the Software Development Lifecycle

B. Development Environment Security Controls

C. Software Security Effectiveness

D. Software Security Impact

Method of Instruction

Online

Evaluation

Class participation