About this course
The Certified Information Systems Security Professional (CISSP) course is designed to ensure that someone handling computer security for a company or client has mastered a standardized body of knowledge. Certified Information Systems Security Professional (CISSP) has developed as the key certification for security professionals in government and industry. Corporations are seeking certified, experienced information security professionals to safeguard their information and assets. The CISSP® is considered the global standard that proves an individual's proficiency in several security disciplines. Security professionals consider the Certified Information Systems Security Professional (CISSP) to be the most desired certification to achieve.
Prerequisite(s): None
Certified Information Systems Security Professional (CISSP) Module 1
Access Control
- Identification and Authentication Techniques
- Access Control Techniques
- Authorization Mechanisms
- Access Control Attacks and Monitoring Authentication
- Risk Elements
- Preventing Access Control Attacks
- Smart Cards
- Biometrics
- Security Operations Principals
- Role-Based Access Controls
- Centralized versus Decentralized Access Control
- Assessing Effectiveness of Access Controls
Certified Information Systems Security Professional (CISSP) Module 2
Network Security
- Secure Network Architecture and Securing Network Components
- OSI Model
- Secure Network Components
- Cabling, Wireless, Topography and Communications Technology
- System and Security Management
- Secure Communications and Network Attacks
- Network and Protocol Security
- Virtual Private Network
- Firewall Terms and Types
- Web Security
- Common Attacks
- Remote Access Security
Certified Information Systems Security Professional (CISSP) Module 3
Information Security Governance and Risk Management
- Security Governance Concepts, Principles, and Policies
- Layering
- Data Hiding
- Control Frameworks
- Security Management
- Risk Management
- Terminology
- Qualitative/Quantitative Risk Analysis
- Manage Personnel Security
- Security Education and Training
- Information Classification
- Employment Policies
- Change Management
Certified Information Systems Security Professional (CISSP) Module 4
Software Development and Malicious Applications
- Application Issues
- Databases and Data Warehousing
- Data Information Storage
- Knowledge Based Systems
- System Development and Controls
- Malicious Code and Application Attacks
- Password Attacks
- Applications Beyond the Database
- Web Application Security
- IP Probes
- IP Spoofing
- Vulnerabilities
Certified Information Systems Security Professional (CISSP) Module 5
Cryptography
- Cryptography and Symmetric Key Algorithms
- PKI and Cryptographic Applications
- Cryptography Basics
- Cryptanalysis Terms
- Symmetric Encryption
- Asymmetric Cryptography
- Modern Cryptography
- Public Key Infrastructures
- Hash Functions
- Digital Signatures
- Protocol Based
- Pretty Good Privacy
- Cracking Techniques
Certified Information Systems Security Professional (CISSP) Module 6
Security Architecture and Design
- Principles of Security Models, Design, and Capabilities
- Security Architecture Vulnerabilities, Threats, and Countermeasures
- Security Operations
- Fundamentals of Security
- Clark-Wilson Model
- Objects and Subjects
- Computer Architecture
- Singe Points of Failure
- Information Security Architecture
- Common Security Issues
- Security Operations
- Resource Protection
- Change and Configuration Management
Certified Information Systems Security Professional (CISSP) Module 7
Incident Management, Business Continuity and Disaster Recovery
- Manage Incident Response
- Preventative Measures
- System Resilience
- Reasons for Business Continuity Plans
- Business Continuity Life Cycle
- Project Scope and Planning
- Business Impact Assessment
- BCP Documentation
- Nature of Disaster
- Recovery Strategies
- Data Redundancy
- System Backups
- Testing and Maintenance
Certified Information Systems Security Professional (CISSP) Module 8
Legal Requirements, Incidents and Ethics
- Categories of Law
- Compliance
- Contracting and Procurement
- Code of Ethics
- Computer Crimes
- Import/Export
- Privacy
- Major Categories of Computer Crimes
- Incident Handling
- Liability
- Response Teams
- Accessibility and Perimeter Security
- Natural Disasters
- Work Area
- Internal Security
- Boundary Protection
- Course Summary
**Outlines are subject to change, as courses and materials are updated.**
