Security

Certifed Information Systems Security Professional

Course Objective;

The CISSP curriculum covers subject matter in a variety of Information Security topics. The CISSP examination is based on what (ISC)² terms the Common Body of Knowledge (or CBK). According to (ISC)², "the CISSP CBK is a taxonomy -- a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss debate and resolve matters pertaining to the profession with a common understanding."
 
Who Should Attend

IT Auditor, IT Manager, IT Specialist, Auditor, IT Consultant, IT Operation, MIS Manager
 
Pre-Requisites

Network Concept, IT Knowledge, Information System Concept
 
CISSP Modules?

Security Trends

  • How Security Became an Issue
  • Areas of Security
  • Information Warfare
  • Hacking and Attacking
  • Management
  • Internet and Web Activities

Access Control Systems and Methodologies

  • Access control concepts, methodologies, and implementation
  • Access controls: detective, corrective, and preventative
  • Access control techniques in centralized and decentralized environments
  • Access control risks, vulnerabilities, and exposures

Security Architecture and Models

  • Secure operating system principles, concepts, mechanisms, controls, and standards
  • Secure architecture design, modeling, and protection
  • Security models: confidentiality, integrity, and information flow
  • Government and commercial security requirements
  • Common criteria, ITSEC, TCSEC, IETF, IPSEC
  • Technical platforms
  • System security preventative, detective, and corrective measures

Disaster Recovery and Business Continuity Planning

  • Business continuity planning, business impact analysis, recovery strategies, recovery plan development, and implementation
  • Disaster recovery planning, implementation, and restoration
  • Compare and contrast disaster recovery and business continuity

Security Management Practices

  • Organizational security roles
  • Identification of information assets
  • Security management planning
  • Security policy development; use of guidelines, standards, and procedures
  • Security awareness training
  • Data classification and marking
  • Employment agreements and practices
  • Risk management tools and techniques

Law, Investigation, and Ethics

  • Computer crime detection methods
  • Applicable computer crime, security, and privacy laws
  • Evidence gathering and preservation methods
  • Computer crime investigation methods and techniques
  • Civil, criminal, and investigative law
  • Intellectual property law
  • ISC2 and IAB ethics application

Physical Security

  • Prevention, detection, and correction of physical hazards
  • Secure site design, configuration, and selection elements
  • Access control and protection methods for facility, information, equipment, and personnel

Operations Security

  • Resource protection mechanisms and techniques
  • Operation security principles, techniques, and mechanisms; principles of good practice and limitation of abuses
  • Operations security preventative, detective, and corrective measures
  • Information attacks
  • Access Control Subversion

Cryptography

  • Cryptographic concepts, methods, and practices
  • Construction of algorithms
  • Attacks on cryptosystems
  • Ancient cryptography and modern methods
  • Public and private key algorithms and uses
  • Key distribution and key management
  • Digital signature construction and use
  • Methods of attack, strength of function

Telecommunications and Network Security

  • Overview of communications and network security
  • Voice communications, data communications, local area, wide area, and remote access
  • Internet/Intranet/Extranet, firewalls, routers, and network protocols
  • Telecommunication and network security preventative, detective, and corrective measures

Application and System Development

  • System development process and security controls
  • System development life cycle, change controls, application controls, and system and application integrity
  • Database structure, concepts, design techniques, and security implications
  • Object oriented programming
  • Data warehousing and data mining

Review and Q&A Session

  • Review concepts introduced in previous sessions
  • Answer specific questions or concerns regarding CISSP preparation material

Testing-Taking Tips and Study Techniques

  • Tips for additional preparation for the CISSP exam
  • Additional resources
  • Techniques for scoring well on the exam

 

Duration

35 hours
 

 

 

 

INQUIRY FORM

Please fill in the form below.

Name *
Title
Business address *
Telephone *
Fax *
E-mail *
Mobile Phone *
Info Request
 
* Must
 
 
 
Profile

Partner

Contact

 General IT   Project Management
  • PM
  • PMPT

    • E-Business
  • Disaster Recovery Planning
  • Customer Relationshiop Management
  • Enterprise Resource Planning

    •  

    		 Supply Chain
  • CSCP
  • CWDP
  • CMPP

    		•
    IT Security  
    Entry Level
  • Security 5
  • Network 5
  • Wireless 5
    		•  Professional Level
  • Certified Ethical Hacker
  • Computer Hacking Forensic Investigator
  • EC-Council Certified Security Analyst
  • Licensed Penetration Tester
  • Certified Information Systems Security Profesional
  • Network Security Administrator
    		•