| |
You Will Learn How To
- Prepare for CISSP Certification based on the (ISC)2 CBK
- Identify the access control mechanisms that create a security architecture and protect assets
- Recognise the cryptography principles, means and methods of disguising information
- Explore business continuity and disaster recovery planning for the preservation of business operations
- Examine core elements of network security including network structures and transmission methods
- Inspect the key security concepts for application software development
Course Benefits
This course provides a comprehensive overview of information security concepts and industry best practices and is the only review course endorsed by (ISC)2. In this course, you cover the ten CISSP domains as outlined in the (ISC)2 CBK and analyse the latest information-system security issues. You also develop an individual study plan to enhance your exam preparation skills.
Who Should Attend
Security professionals, government and military personnel seeking IAT-3, IAM-2 or IAM-3 certification to fulfill the DoD 8570.1 Directive, network security personnel and managers. Participants should be aware of the exam eligibility criteria established by (ISC)2.
Course Workshops
Throughout this course, you get an in-depth review of the ten CISSP domains as outlined by the (ISC)2 CBK. Workshops include:
- Reviewing the ten domains of the CBK including application and network security and cryptography
- Uncovering areas to further develop and expand your exam preparedness
- Investigating the latest information-system security issues, concerns and countermeasures
- Reinforcing key areas of the CBK through numerous review sessions
Course Content
- Introduction to (ISC)2 and the exam process
- The AIC (availability, integrity, confidentiality) triad
- Security awareness training and education
- Risk mitigation, quantitative and qualitative risk assessment, countermeasure selection
- Ethics: personal, corporate, professional
- Need to know, least privilege, separation of duties
- Information classification
- Threats: external and internal, natural, man-made
- Technologies: single sign on, Kerberos, temporal, biometrics
- Assurance mechanisms: IDS, IPS, logs, audits
- History: manual, mechanical, electronic, quantum systems
- Encryption systems: stream cipher, block ciphers
- Symmetric and asymmetric algorithms
- MD5
- SHA-1
- CBC-MAC
- Digital signatures: DSS
- Cryptographic systems: keys, recovery, PKI, trust models
- Attacks: plaintext and ciphertext, slide, side channel
- The Layered Defense Model
- Infrastructure support systems
- Equipment protection: theft, damage
- System security: zones, domains, ring-based protection
- Hardware: CPU, memory, communications devices
- Software: operating systems, utilities, applications
- Bell LaPadula
- Biba
- Clark-Wilson
- Integrity models
- Security evaluation methods and criteria
- Business impact analysis
- Emergency assessment: incident response, mitigation
- Plan, design and development
- Implementation: testing techniques, awareness
- Restoration: rebuilding and return to normal
- Plan management: updating
- Analog vs. digital
- Synchronous vs. asynchronous
- Circuit vs. packet switched traffic
- LAN
- WAN
- DMZ
- Internet
- Remote access: RADIUS, TACACS+
- Network components: switch, router, ATM, MPLS
- Telephony: VoIP, PBX
- SDLC phases
- Application environment and security controls
- Programming languages and tools: compilers, interpreters
- Databases and data warehouses: data mining and DBMS
- Applications systems threats and vulnerabilities: malware
- Applications security controls: implementation testing
- Resource protection: equipment, operations areas, personnel
- Change control management
- Physical security controls: controlled access
- Privileged entity control: administrators, operators
- Major legal systems: intellectual property, computer crime
- Legal concepts: due care versus due diligence
- Regulatory issues: privacy, financial compliance
- Investigation: chain of custody and evidence gathering
- Computer forensics and investigation
|
(ISC)2 and CBK are registered certification marks of (ISC)2, Inc.
|
|
|
|
|
Print Friendly
E-mail a Colleague
Course PDF
Course FAQ
Home
