In this CISSP training course, you gain the foundational knowledge to fully prepare for the (ISC)2® Certified Information Systems Security Professional (CISSP®) exam, including a comprehensive understanding of the CISSP® CBK® 8 domains. Your course tuition includes the current Official (ISC)2® Guide to the CISSP® CBK®, and a voucher that allows you to take the exam at any Pearson VUE Test Centre.

Nyckelfunktioner:

• Official (ISC)^2® course materials with a preferred (ISC)^2® training partner
• Earn CISSP certification — exam voucher included with course tuition
• Access to hundreds of exam prep questions
• Official (ISC)^2® Guide to the CISSP^® CBK^® included with tuition
• After-course instructor coaching benefit included

Du får lära dig att:

• Strategically focus your preparation for CISSP Certification
• Protect resources using access control methods and cryptography
• Plan a secure environment aligned with organisational objectives, compliance requirements, and industry-standard architectures
• Develop operational security and continuity through preventive and recovery mechanisms

Viktig information om kursen

CISSP Certification Training Course Description

Learning Tree’s CISSP training course includes 29 hours of Instructor-Led Training (ILT) or Virtual Instructor-Led Training (VILT) presented by a real-world CISSP expert. You will acquire the skills and knowledge needed to pass the CISSP certification.

Requirements

• CISSP candidates must meet specific requirements, as established by (ISC)2 — see: https://www.isc2.org/cissp/default.aspx
• Those without the required experience can take the exam to become an Associate of (ISC)²while working toward the experience needed for full certification

Exam Information

A new version of the CISSP CBK exam is being released on April 15, 2018. Beginning on April 16, 2018, Learning Tree will be offering training aligned with the new exam.

• This course includes a voucher for the (ISC)2® CISSP® CBK® exam
• CISSPs are required by (ISC)2 to earn 120 Continuing Professional Education (CPE) credits every three years
• (ISC)² CISSP Computerized Adaptive Testing Starts December 18, 2017. Visit https://www.isc2.org/certifications/CISSP_CAT to learn more.

Industry Credits & Certification

This course offers you the opportunity to earn the following industry credits and certifications:

• 29 CompTIA CEUs

Earn (ISC)² CPEs

As one of only 12 (ISC)² CPE Submitters, Learning Tree can submit courses on your behalf to (ISC)² for CPE credit. All educational opportunities offered by Learning Tree as eligible for CPE credits shall be of the highest quality, directly related to at least one (1) domain of information security as recognized by (ISC)². Contact Learning Tree's Client Solutions Team for information.

Or you can submit your CPE credits directly to the CPE portal in the Members section of the (ISC)2 website.

 

Kursbeskrivning

Security and Risk Management

Aligning security and risk to organisational objectives

• Employing confidentiality, integrity, and availability security principles
• Managing security policies, standards and procedures
• Applying compliance

Applying risk management concepts

• Assessing threats and vulnerabilities
• Performing risk analysis and control
• Defining qualitative and quantitative analysis

Preserving the business

• Adhering to Business Continuity Management Code of Practise and Specifications
• Performing a business impact analysis

Investigating legal measures and techniques

• Reviewing intellectual property, liability and law, and compliance
• Differentiating traditional and computer crime
• Addressing ethical behaviour and compliance

 

Security Engineering

Examining security models and frameworks

• The Information Security Triad and multi-level models
• Investigating industry standards: ISO 27001/27002
• Evaluating security model fundamental concepts

Exploring system and component security concepts

• System design principles, capabilities, and limitations
• Certification and accreditation criteria and models
• Reviewing mobile systems vulnerabilities

Protecting information by applying cryptography

• Detailing symmetric and asymmetric encryption systems
• Ensuring message integrity through hashing
• Uncovering threats to cryptographic systems

Safeguarding physical resources

• Designing environments to resist hostile acts and threats
• Denying unauthorised access

 

Asset Security

Identifying, categorising and prioritising assets

• Applying security controls and asset classification
• Protecting data through proper handling, markings, labelling, and storage
• Addressing PII, privacy, and appropriate retention

 

Communication and Network Security

Defining a secure network architecture

• TCP/IP and other protocol models
• Protecting from network attacks
• Reviewing secure network components and communication channels

Examining secure networks and components

• Identifying wired and wireless technologies
• Implementing firewalls, secure communications, proxies, and tunnels

 

Identity and Access Management

Controlling access to protect assets

• Defining administrative, technical and physical controls
• Implementing centralised and decentralised approaches
• Investigating biometric and multi-factor authentication
• Identifying common threats
• Reviewing cloud services and architecture

 

Security Assessment and Testing

Designing and conducting security assessment strategies

• Leveraging the role of testing and auditing to analyse the effectiveness of security controls
• Differentiating detection and protection systems

Conducting logging and monitoring activities

• Distinguishing between the roles of internal and external audits
• Defining secure account management

 

Security Operations

Maintaining operational resilience

• Managing security services effectively
• Leveraging and supporting investigations and incident response
• Differentiating detection and protection systems
• Implementing logging and monitoring

Developing a recovery strategy

• Designing a disaster recovery plan
• Implementing test and maintenance processes
• Provisioning of resources

 

Software Development Security

Securing the software development life cycle

• Applying software development methods and security controls
• Highlighting threats: Cross-Site Scripting (XSS), XCRF, JavaScript attacks, and Buffer Overflow
• Addressing database security concepts and issues
• Reviewing software security effectiveness and security impact