Overview

In this engaging and comprehensive online training course, you receive in-depth instruction covering the 8 CISSP domains. Expertise in these domains is critical in today’s information technology world. As you architect, design, and manage IT solutions, your knowledge and expertise, proven by your CISSP certification, can enhance the security posture of your company or your clients.

The CISSP domains include Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security. This online training course aligns with the updated CISSP exam objectives as of May 2021.

Exam: CISSP

Course Instructor: Derrick Coston

Course Outline

01. CISSP and the Exam

  • How to Prepare
  • Question Format Concepts
  • Exam Preparation

02. Security and Risk Management

  • Security Concepts
  • Governance
  • Information System
  • GEIT
  • Organizational Roles and Structure
  • Security Policy, Standards, Procedures and Guidelines
  • Personnel Security Policies and Procedures
  • Security Awareness Training and Education Program

03. Security Controls

  • Risk Management
  • Asset Management
  • Threat and Vulnerability Assessments
  • Qualitative and Quantitative Analysis
  • Security Controls
  • Data Management and Retention
  • Control Assessments
  • Continuous Improvement
  • Supply Chain Risk Management
  • Risk Maturity Models
  • Resource Provisioning

04. Security Architecture and Engineering

  • Security Design Principles
  • Security Models
  • Protection Mechanisms
  • Security Controls Based on System Requirements
  • Evaluation Standards for Trust and Assurance
  • Layered Defense

05. Identity and Access Management

  • Identity and Access Management
  • Identification
  • Authentication
  • Directory Services
  • Radius and TACACS+
  • Single Sign-On
  • Federated Identity Management, SAML, OAuth and OpenID
  • Open ID and WS Federated SSO
  • Cloud Based Identity Services

06. Authorization and Access Management Vulnerabilities Intro

  • Authorization
  • Mandatory and Discretionary Access Controls
  • Role Based Access Controls (RBAC)
  • Practices of Identity and Access Management
  • Access Control Attacks

07. Cryptography

  • Cryptography Introduction
  • Ciphers
  • Symmetric Key Cryptosystems (DES, AES, IDEA)
  • Asymmetric Key Cryptosystems (DH, RSA, ECC)
  • Hashing
  • Digital Signatures
  • Comparing Cryptographic Solutions

08. Computer Architecture and Application Development Intro

  • Digital Certificates
  • Public Key Infrastructure
  • Pretty Good Privacy
  • Privacy
  • Legal

09. Communication and Network Security

  • Protocols
  • The OSI Model
  • Layer 2 Ethernet
  • Protocol Data Units
  • TCP and UDP
  • Internet Protocol (IP)
  • IPv6
  • TCP / IP Communication
  • Routing

10. Physical Security

  • Crime Prevention Through Environmental Design
  • Physical Security Planning
  • Facility Management
  • Physical Controls
  • Technical Controls
  • Building Entry Points
  • Inside the Building
  • Physical Aspects of Networks
  • Computer Architecture

11. Security Operations

  • SDLC
  • SDLC Models
  • Database Management Systems (DBMS)
  • Operations and Maintenance
  • KPI’s and KRI’s
  • Security Assessments
  • Patch and Vulnerability Management
  • Planning for Incidents
  • Business Impact Analysis (BIA)
  • Business Continuity (BC)
  • Recovery Strategies
  • Testing the Plan

Skills Learned

After completing this online training course, students will be able to:

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communications and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security