Certified Information Systems Security Professional (CISSP)

The globally recognised information security certification developed by the International Information Systems Security Certification Consortium (ISC)²
Overview

CISSP is a globally recognised Information Security standard.  It reviews the entire information security landscape and the technologies involved, addressing the eight knowledge domains that comprise the common body of knowledge (CBK) for information systems security professionals.

Course Code
CISSP5CYBER
Duration
5 Days
Delivery Style
Classroom
Course Type
Public or Private
Max Delegates
12
Available as Nutshell
No

Book your team training at your premises

  • Date
  • Venue
  • Cost
  • More info

Book your place

Purpose of this course

The course uses a theory based approach via instructor led discussion of security processes with the opportunity to discuss the immediate application of concepts and techniques described in the CBK to the real world. It can be considered as providing a good introduction to security management, architecture and engineering.

Who is this course for

Security professionals, anyone with a need for formal Information Security training.

You will learn how to
  • Protect assets using access control techniques
  • Strengthen confidentiality and integrity controls using the world of cryptography
  • Secure your network architecture and design (implement Cyber security)
  • Achieve organisational objectives such as legal & compliance, Information assurance, security and data governance
  • Enhance IT services secure delivery via Security operations, architecture and design principles
  • Implement business resiliency via Business Continuity Plan
  • You will gain a thorough understanding of the domains as prescribed by (ISC)2®
Benefits for your organisation

CISSP establishes a standard Information Security best practice, offering a broad understanding of the (ISC)² CBK.  CISSP permits access to a global network of industry, subject matter and domain experts.  CISSP will add credibility to your organisations approach to Information Security with the rigor and regimen of the certification examinations.

Benefits for you as an individual

This course demonstrates a working knowledge of information security and will confirm your dedication to the security industry. The CISSP qualification acts as a differentiator within the marketplace and will enhance your credibility. In addition it will provide you with access to valuable resources, such as networking with security peers.

Security and Risk Management
  • Confidentiality, integrity, and availability concepts
  • Security governance principles
  • Compliance
  • Legal and regulatory issues
  • Professional ethics
  • Security policies, standards, procedures and guidelines
Asset Security 
  • Information and asset classification
  • Ownership
  • Protect privacy
  • Appropriate retention
  • Data security controls
  • Handling requirements
Security Engineering
  • Engineering processes using secure design principles
  • Security models fundamental concepts
  • Security evaluation models
  • Security capabilities of information systems
  • Security architectures, designs, and solution elements vulnerabilities
  • Web-based systems vulnerabilities
  • Mobile systems vulnerabilities
  • Embedded devices and cyber-physical systems vulnerabilities
  • Cryptography
  • Site and facility design secure principles
  • Physical security
Communication and Network Security
  • Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
  • Secure network components
  • Secure communication channels
  • Network attacks
Identity and Access Management
  • Physical and logical assets control
  • Identification and authentication of people and devices
  • Identity as a service including cloud identity
  • Third-party identity and on-premise services
  • Access control attacks
  • Identity and access provisioning life-cycle
Security Assessment and Testing
  • Assessment and test strategies
  • Security process data
  • Security control testing
  • Test outputs
  • Security architectures vulnerabilities
Security Operations
  • Investigations support and requirements
  • Logging and monitoring activities
  • Provisioning of resources
  • Foundational security operations concepts
  • Resource protection techniques
  • Incident management
  • Preventative measures
  • Patch and vulnerability management
  • Change management processes
  • Recovery strategies
  • Disaster recovery processes and plans
  • Business continuity planning and exercises
  • Physical security
  • Personnel safety concerns
Software Development Security
  • Security in the software development life-cycle
  • Development environment security controls
  • Software security effectiveness
  • Acquired software security impact
Prerequisites

Delegates should have experience in at least two of the domains as laid out in the CBK, for 5 years or more (4 years if they have achieved relevant industry or degree level certifications) to achieve full certification. Associate status can be achieved without the full 4/5 years’ experience; full certification will be assigned when the correct amount of experience is obtained.

We recommend delegates have some knowledge of all CBK domains and are encouraged to read one or two of the recommended books which can be found on the ISC2.org Reading List.

Pre-course work required

Delegates will receive the CISSP guide book as pre-reading.  It is expected that delegates read the guide to gain familiarity of the key concepts within the 8 CISSP domains.

More about the exam

Our course is a ‘theory based’ guide through the 8 domains of CISSP.  The course should be taken many months before you plan on booking your Certified Information Systems Security Professional exam, as a considerable amount of self-study is needed.

 

When ready delegates can acquire a Pearson VUE testing voucher by following the guide on the ISC2 website.

About the Lead Trainer

Stuart has been an IT Technical Trainer for some 20 years. He specialises in IT Security (CISSP, Security+, CySA+, CISA etc..), Networking (including CCNA), CompTIA (including Stackable Certifications), Microsoft Windows Server (MCSE Core Infrastructure/ Cloud Infrastructure), PowerShell and Microsoft Office 365. He is also an ITIL Expert and delivers ITIL 4 Foundation.