Certified Information Systems Security Professional (CISSP)

The globally recognised information security certification developed by the International Information Systems Security Certification Consortium (ISC)²

CISSP is a globally recognised Information Security standard.  It reviews the entire information security landscape and the technologies involved, addressing the eight knowledge domains that comprise the common body of knowledge (CBK) for information systems security professionals.

Course Code
5 Days
Delivery Style
Course Type
Public or Private
Max Delegates
Available as Nutshell

Book your team training at your premises

  • Date
  • Venue
  • Cost
  • More info

Book your place

Guaranteed to run

Purpose of this course

The course uses a theory based approach via instructor led discussion of security processes with the opportunity to discuss the immediate application of concepts and techniques described in the CBK to the real world. It can be considered as providing a good introduction to security management, architecture and engineering.

Who is this course for

Security professionals, anyone with a need for formal Information Security training.

You will learn how to
  • Protect assets using access control techniques
  • Strengthen confidentiality and integrity controls using the world of cryptography
  • Secure your network architecture and design (implement Cyber security)
  • Achieve organisational objectives such as legal & compliance, Information assurance, security and data governance
  • Enhance IT services secure delivery via Security operations, architecture and design principles
  • Implement business resiliency via Business Continuity Plan
  • You will gain a thorough understanding of the domains as prescribed by (ISC)2®
Benefits for your organisation

CISSP establishes a standard Information Security best practice, offering a broad understanding of the (ISC)² CBK.  CISSP permits access to a global network of industry, subject matter and domain experts.  CISSP will add credibility to your organisations approach to Information Security with the rigor and regimen of the certification examinations.

Benefits for you as an individual

This course demonstrates a working knowledge of information security and will confirm your dedication to the security industry. The CISSP qualification acts as a differentiator within the marketplace and will enhance your credibility. In addition it will provide you with access to valuable resources, such networking with security peers.

Security and Risk Management

Confidentiality, integrity, and availability concepts
Security governance principles
Legal and regulatory issues
Professional ethics
Security policies, standards, procedures and guidlines

Asset Security 

Information and asset classification
Protect privacy
Appropriate retention
Data security controls
Handling requirements

Security Engineering

Engineering processes using secure design principles
Security models fundamental concepts
Security evaluation models
Security capabilities of information systems
Security architectures, designs, and solution elements vulnerabilities
Web-based systems vulnerabilities
Mobile systems vulnerabilities
Embedded devices and cyber-physical systems vulnerabilities
Site and facility design secure principles
Physical security

Communication and Network Security

Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
Secure network components
Secure communication channels
Network attacks

Identity and Access Management

Physical and logical assets control
Identification and authentication of people and devices
Identity as a service including cloud identity
Third-party identity and on-premise services
Access control attacks
Identity and access provisioning lifecycle

Security Assessment and Testing

Assessment and test strategies
Security process data
Security control testing
Test outputs
Security architectures vulnerabilities

Security Operations

Investigations support and requirements
Logging and monitoring activities
Provisioning of resources
Foundational security operations concepts
Resource protection techniques
Incident management
Preventative measures
Patch and vulnerability management
Change management processes
Recovery strategies
Disaster recovery processes and plans
Business continuity planning and exercises
Physical security
Personnel safety concerns

Software Development Security

Security in the software development lifecycle
Development environment security controls
Software security effectiveness
Acquired software security impact


Delegates should have experience in at least two of the domains as laid out in the CBK, for 5 years or more (4 years if they have achieved relevant industry or degree level certifications) to achieve full certification. Associate status can be achieved without the full 4/5 years’ experience; full certification will be assigned when the correct amount of experience is obtained.

We recommend delegates have some knowledge of all CBK domains and are encouraged to read one or two of the recommended books which can be found on the ISC2.org Reading List.

Pre-course work required

Delegates will receive the CISSP guide book as pre-reading.  It is expected that delegates read the guide to gain familiarity of the key concepts within the 8 CISSP domains.

More about the exam

Our course is a ‘theory based’ guide through the 8 domains of CISSP.  The course should be taken many months before you plan on booking your Certified Information Systems Security Professional exam, as a considerable amount of self-study is needed.


When ready delegates can acquire a Pearson VUE testing voucher by following the guide on the ISC2 website.

About the Lead Trainer

Chris is Quanta's Operations Director and is responsible for ensuring the overall smooth running of the business.

Outside of work Chris is a keen volleyball player, he has played national league volleyball for many years and has also tried his hand at coaching, as well as being a qualified volleyball referee. He also loves travelling and is a keen photographer.

Quick Fact: Chris was part of the London 2012 Olympics & Paralympics, spending most of the summer down in the capital as a Field of Play Attendant for the Beach Volleyball and then as a National Technical Officer line judging at the Sitting Volleyball.