1 - Security & Risk Management
Topic A: Security Governance PrinciplesTopic B: ComplianceTopic C: Professional EthicsTopic D: Security DocumentationTopic E: Risk ManagementTopic F: Threat ModelingTopic G: Business Continuity Plan FundamentalsTopic H: Acquisition Strategy and PracticeTopic I: Personnel Security PoliciesTopic J: Security Awareness and Training
2 - Asset Security
Topic A: Asset ClassificationTopic B: Privacy ProtectionTopic C: Asset RetentionTopic D: Data Security ControlsTopic E: Secure Data Handling
3 - Security Engineering
Topic A: Security in the Engineering LifecycleTopic B: System Component SecurityTopic C: Security ModelsTopic D: Controls and Countermeasures in Enterprise SecurityTopic E: Information System Security CapabilitiesTopic F: Design and Architecture Vulnerability MitigationTopic G: Vulnerability Mitigation in Embedded, Mobile, and Web-Based SystemsTopic H: Cryptography ConceptsTopic I: Cryptography TechniquesTopic J: Site and Facility Design for Physical SecurityTopic K: Physical Security Implementation in Sites and Facilities
4 - Communications & Network Security
Topic A: Network Protocol SecurityTopic B: Network Components SecurityTopic C: Communication Channel SecurityTopic D: Network Attack Mitigation
5 - Identity and Access Management
Topic A: Physical and Logical Access ControlTopic B: Identification, Authentication, and AuthorizationTopic C: Identity as a ServiceTopic D: Authorization MechanismsTopic E: Access Control Attack Mitigation
6 - Security Assessment and Testing
Topic A: System Security Control TestingTopic B: Software Security Control TestingTopic C: Security Process Data CollectionTopic D: Audits
7 - Security Operations
Topic A: Security Operations ConceptsTopic B: Physical SecurityTopic C: Personnel SecurityTopic D: Logging and MonitoringTopic E: Preventative MeasuresTopic F: Resource Provisioning and ProtectionTopic G: Patch and Vulnerability ManagementTopic H: Change ManagementTopic I: Incident ResponseTopic J: InvestigationsTopic K: Disaster Recovery PlanningTopic L: Disaster Recovery StrategiesTopic M: Disaster Recovery Implementation
8 - Software Development Security
Topic A: Security Principles in the System LifecycleTopic B: Security Principles in the Software Development LifecycleTopic C: Database Security in Software DevelopmentTopic D: Security Controls in the Development EnvironmentTopic E: Software Security Effectiveness Assessment
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience.
It is highly recommended that students have certifications in Network+ or Security+, or possess equivalent professional experience upon entering CISSP training. It will be beneficial if students have one or more of the following security-related or technology-related certifications or equivalent industry experience: MCSE, MCTS, MCITP, SCNP, CCNP, RHCE, LCE, CNE, SSCP®, GIAC, CISA™, or CISM®.