Overview
Exam: CISSP
Course Instructor: Derrick Coston
Course Outline
01. CISSP and the Exam
- How to Prepare
- Question Format Concepts
- Exam Preparation
02. Security and Risk Management
- Security Concepts
- Governance
- Information System
- GEIT
- Organizational Roles and Structure
- Security Policy, Standards, Procedures and Guidelines
- Personnel Security Policies and Procedures
- Security Awareness Training and Education Program
03. Security Controls
- Risk Management
- Asset Management
- Threat and Vulnerability Assessments
- Qualitative and Quantitative Analysis
- Security Controls
- Data Management and Retention
- Control Assessments
- Continuous Improvement
- Supply Chain Risk Management
- Risk Maturity Models
- Resource Provisioning
04. Security Architecture and Engineering
- Security Design Principles
- Security Models
- Protection Mechanisms
- Security Controls Based on System Requirements
- Evaluation Standards for Trust and Assurance
- Layered Defense
05. Identity and Access Management
- Identity and Access Management
- Identification
- Authentication
- Directory Services
- Radius and TACACS+
- Single Sign-On
- Federated Identity Management, SAML, OAuth and OpenID
- Open ID and WS Federated SSO
- Cloud Based Identity Services
06. Authorization and Access Management Vulnerabilities Intro
- Authorization
- Mandatory and Discretionary Access Controls
- Role Based Access Controls (RBAC)
- Practices of Identity and Access Management
- Access Control Attacks
07. Cryptography
- Cryptography Introduction
- Ciphers
- Symmetric Key Cryptosystems (DES, AES, IDEA)
- Asymmetric Key Cryptosystems (DH, RSA, ECC)
- Hashing
- Digital Signatures
- Comparing Cryptographic Solutions
08. Computer Architecture and Application Development Intro
- Digital Certificates
- Public Key Infrastructure
- Pretty Good Privacy
- Privacy
- Legal
09. Communication and Network Security
- Protocols
- The OSI Model
- Layer 2 Ethernet
- Protocol Data Units
- TCP and UDP
- Internet Protocol (IP)
- IPv6
- TCP / IP Communication
- Routing
10. Physical Security
- Crime Prevention Through Environmental Design
- Physical Security Planning
- Facility Management
- Physical Controls
- Technical Controls
- Building Entry Points
- Inside the Building
- Physical Aspects of Networks
- Computer Architecture
11. Security Operations
- SDLC
- SDLC Models
- Database Management Systems (DBMS)
- Operations and Maintenance
- KPI’s and KRI’s
- Security Assessments
- Patch and Vulnerability Management
- Planning for Incidents
- Business Impact Analysis (BIA)
- Business Continuity (BC)
- Recovery Strategies
- Testing the Plan
Skills Learned
After completing this online training course, students will be able to:
- Security and Risk Management
- Asset Security
- Security Engineering
- Communications and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security