CISSP: Certified Information Systems Security Professional Course

CISSP TrainingCISSP: Certified Information Systems Security Professional

by Certstaffix® Training

Length: 5 day(s)      Public Class Price: $3100/person (USD)      Group Onsite Price: Request Quote      Course Category: CISSP Certification


CISSP Training

Security professionals consider the Certified Information Systems Security Professional (CISSP) to be the most desired certification to achieve. More than 200,000 have taken the exam, and there are more than 70,000 CISSPs worldwide. 

This course is updated for the latest 2018 CISSP Body of Knowledge. This course covers 100% of all exam objectives. You'll prepare for the exam smarter and faster thanks to expert content, real-world examples, advice on passing each section of the exam, access to an online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

Coverage of all of the exam topics in the course means you'll be ready for:

• Security and Risk Management
• Asset Security
• Security Engineering
• Communication and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

Certification exams are administered by third party testing companies such as Pearson Vue or Prometric. Our courses prepare you for the certification exam, which is an additional fee paid to the testing provider.. You must contact Prometric, Pearson Vue or the corresponding testing provider to take a certification exam.
In This Course, Learn About These Topics:
Business Continuity Planning Controlling and Monitoring Access Cryptography and Symmetric Key Algorithms Disaster Recovery Planning Incidents and Ethics Laws, Regulations, and Compliance Malicious Code and Application Attacks Managing Identity and Authentication Managing Security Operations Personnel Security and Risk Management Concepts Physical Security Requirements PKI and Cryptographic Applications Preventing and Responding to Incidents Principles of Security Models, Design, and Capabilities Protecting Security of Assets Secure Communications and Network Attacks Secure Network Architecture and Securing Network Components Security Assessment and Testing Security Governance Through Principles and Policies Security Vulnerabilities, Threats, and Countermeasures Software Development Security
Course Description: Print It | Download PDF | Email It

  Group Classes for Organizations - Onsite at Your Office How It Works

Have a group of employees needing the same training? Onsite training at your office is a great solution.  

  • An expert Instructor will come to your office
  • Course can be customized to your training needs
  • Course is scheduled based on dates you provide (Subject to instructor availability)
  • We usually require about 4 weeks lead time to arrange a training session

  Public Corporate Classes - Live Online: Our Location or Yours How It Works

Certstaffix® Training public classes are instructor-led, live online training you attend in a local computer lab or from your home/office. Our live online instructors teach you from a remote location while being able to interact with students as in a traditional classroom setting.

  • A real, live instructor teaching you from another location
  • Hands-on learning with the software you are being taught
  • Interaction with all students in the class at other locations
  • Easy assistance from the instructor

Click a class date below to register & view location/attendance options. You must register at least 15 days before class.

 Register ➥   July 13, 2020     
 Register ➥   May 18, 2020     

  Detailed Course Topics

Course Description: Print It | Download PDF | Email It

Related Certifications

CISSP Certified Information Systems Security Professional Certification


Course Topics

Chapter 1 Security Governance Through Principles and Policies
Understand and Apply Concepts of Confidentiality, Integrity, and Availability
Confidentiality
Integrity
Availability
Other Security Concepts
Protection Mechanisms
Layering
Abstraction
Data Hiding
Encryption
Apply Security Governance Principles
Alignment of Security Function to Strategy, Goals, Mission, and Objectives
Organizational Processes
Security Roles and Responsibilities
Control Frameworks
Due Care and Due Diligence
Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines
Security Policies
Security Standards, Baselines, and Guidelines
Security Procedures
Understand and Apply Threat Modeling
Identifying Threats
Determining and Diagramming Potential Attacks
Performing Reduction Analysis
Prioritization and Response
Integrate Security Risk Considerations into Acquisition Strategy and Practice

Chapter 2 Personnel Security and Risk Management Concepts
Contribute to Personnel Security Policies
Employment Candidate Screening
Employment Agreements and Policies
Employment Termination Processes
Vendor, Consultant, and Contractor Controls
Compliance
Privacy
Security Governance
Understand and Apply Risk Management Concepts
Risk Terminology
Identify Threats and Vulnerabilities
Risk Assessment/Analysis
Risk Assignment/Acceptance
Implementation
Types of Controls
Monitoring and Measurement
Asset Valuation
Continuous Improvement
Risk Frameworks
Establish and Manage Information Security Education, Training, and Awareness
Manage the Security Function

Chapter 3 Business Continuity Planning
Planning for Business Continuity
Project Scope and Planning
Business Organization Analysis
BCP Team Selection
Resource Requirements
Legal and Regulatory Requirements
Business Impact Assessment
Identify Priorities
Risk Identification
Likelihood Assessment
Impact Assessment
Resource Prioritization
Continuity Planning
Strategy Development
Provisions and Processes
Plan Approval
Plan Implementation
Training and Education
BCP Documentation
Continuity Planning Goals
Statement of Importance
Statement of Priorities
Statement of Organizational Responsibility
Statement of Urgency and Timing
Risk Assessment
Risk Acceptance/Mitigation
Vital Records Program
Emergency-Response Guidelines
Maintenance
Testing and Exercises

Chapter 4 Laws, Regulations, and Compliance
Categories of Laws
Criminal Law
Civil Law
Administrative Law
Laws
Computer Crime
Intellectual Property
Licensing
Import/Export
Privacy
Compliance
Contracting and Procurement
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 5 Protecting Security of Assets
Classifying and Labeling Assets
Defining Sensitive Data
Defining Classifications
Defining Data Security Requirements
Understanding Data States
Managing Sensitive Data
Protecting Confidentiality with Cryptography
Identifying Data Roles
Data Owners
System Owners
Business/Mission Owners
Data Processors
Administrators
Custodians
Users
Protecting Privacy
Using Security Baselines
Scoping and Tailoring
Selecting Standards

Chapter 6 Cryptography and Symmetric Key Algorithms
Historical Milestones in Cryptography
Caesar Cipher
American Civil War
Ultra vs. Enigma
Cryptographic Basics
Goals of Cryptography
Cryptography Concepts
Cryptographic Mathematics
Ciphers
Modern Cryptography
Cryptographic Keys
Symmetric Key Algorithms
Asymmetric Key Algorithms
Hashing Algorithms
Symmetric Cryptography
Data Encryption Standard
Triple DES
International Data Encryption Algorithm
Blowfish
Skipjack
Advanced Encryption Standard
Symmetric Key Management
Cryptographic Life Cycle

Chapter 7 PKI and Cryptographic Applications
Asymmetric Cryptography
Public and Private Keys
RSA
El Gamal
Elliptic Curve
Hash Functions
SHA
MD2
MD4
MD5
Digital Signatures
HMAC
Digital Signature Standard
Public Key Infrastructure
Certificates
Certificate Authorities
Certificate Generation and Destruction
Asymmetric Key Management
Applied Cryptography
Portable Devices
Email
Web Applications
Digital Rights Management
Networking
Cryptographic Attacks

Chapter 8 Principles of Security Models, Design, and Capabilities
Implement and Manage Engineering Processes Using Secure Design Principles
Objects and Subjects
Closed and Open Systems
Techniques for Ensuring Confidentiality, Integrity, and Availability
Controls
Trust and Assurance
Understand the Fundamental Concepts of Security Models
Trusted Computing Base
State Machine Model
Information Flow Model
Noninterference Model
Take-Grant Model
Access Control Matrix
Bell-LaPadula Model
Biba Model
Clark-Wilson Model
Brewer and Nash Model (aka Chinese Wall)
Goguen-Meseguer Model
Sutherland Model
Graham-Denning Model
Select Controls and Countermeasures Based on Systems Security Evaluation Models
Rainbow Series
ITSEC Classes and Required Assurance and Functionality
Common Criteria
Industry and International Security Implementation Guidelines
Certification and Accreditation
Understand Security Capabilities of Information Systems
Memory Protection
Virtualization
Trusted Platform Module
Interfaces
Fault Tolerance

Chapter 9 Security Vulnerabilities, Threats, and Countermeasures
Assess and Mitigate Security Vulnerabilities
Hardware
Input/Output Structures
Firmware
Client-Based
Applets
Local Caches
Server Based
Database Security
Aggregation
Inference
Data Mining and Data Warehousing
Data Analytics
Large-Scale Parallel Data Systems
Distributed Systems
Cloud Computing
Grid Computing
Peer to Peer
Industrial Control Systems
Assess and Mitigate Vulnerabilities in Web-Based Systems
Assess and Mitigate Vulnerabilities in Mobile Systems
Device Security
Application Security
BYOD Concerns
Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
Examples of Embedded and Static Systems
Methods of Securing
Essential Security Protection Mechanisms
Technical Mechanisms
Security Policy and Computer Architecture
Policy Mechanisms
Common Architecture Flaws and Security Issues
Covert Channels
Attacks Based on Design or Coding Flaws and Security Issues
Programming
Timing, State Changes, and Communication Disconnects
Technology and Process Integration
Electromagnetic Radiation

Chapter 10 Physical Security Requirements
Apply Secure Principles to Site and Facility Design
Secure Facility Plan
Site Selection
Visibility
Natural Disasters
Facility Design
Design and Implement Physical Security
Equipment Failure
Wiring Closets
Server Rooms
Media Storage Facilities
Evidence Storage
Restricted and Work Area Security (e.g., Operations Centers)
Datacenter Security
Utilities and HVAC Considerations
Water Issues (e.g., Leakage, Flooding)
Fire Prevention, Detection, and Suppression
Implement and Manage Physical Security
Perimeter (e.g., Access Control and Monitoring)
Internal Security (e.g., Escort Requirements/Visitor Control, Keys, and Locks)

Chapter 11 Secure Network Architecture and Securing Network Components
OSI Model
History of the OSI Model
OSI Functionality
Encapsulation/Deencapsulation
OSI Layers
TCP/IP Model
TCP/IP Protocol Suite Overview
Converged Protocols
Content Distribution Networks
Wireless Networks
Securing Wireless Access Points
Securing the SSID
Conducting a Site Survey
Using Secure Encryption Protocols
Determining Antenna Placement
Antenna Types
Adjusting Power Level Controls
Using Captive Portals
General Wi-Fi Security Procedure
Secure Network Components
Network Access Control
Firewalls
Endpoint Security
Other Network Devices
Cabling, Wireless, Topology, and Communications Technology
Network Cabling
Network Topologies
Wireless Communications and Security
LAN Technologies

Chapter 12 Secure Communications and Network Attacks
Network and Protocol Security Mechanisms
Secure Communications Protocols
Authentication Protocols
Secure Voice Communications
Voice over Internet Protocol (VoIP)
Social Engineering
Fraud and Abuse
Multimedia Collaboration
Remote Meeting
Instant Messaging
Manage Email Security
Email Security Goals
Understand Email Security Issues
Email Security Solutions
Remote Access Security Management
Plan Remote Access Security
Dial-Up Protocols
Centralized Remote Authentication Services
Virtual Private Network
Tunneling
How VPNs Work
Common VPN Protocols
Virtual LAN
Virtualization
Virtual Software
Virtual Networking
Network Address Translation
Private IP Addresses
Stateful NAT
Static and Dynamic NAT
Automatic Private IP Addressing
Switching Technologies
Circuit Switching
Packet Switching
Virtual Circuits
WAN Technologies
WAN Connection Technologies
Dial-Up Encapsulation Protocols
Miscellaneous Security Control Characteristics
Transparency
Verify Integrity
Transmission Mechanisms
Security Boundaries
Prevent or Mitigate Network Attacks
DoS and DDoS
Eavesdropping
Impersonation/Masquerading
Replay Attacks
Modification Attacks
Address Resolution Protocol Spoofing
DNS Poisoning, Spoofing, and Hijacking
Hyperlink Spoofing

Chapter 13 Managing Identity and Authentication
Controlling Access to Assets
Comparing Subjects and Objects
Types of Access Control
The CIA Triad
Comparing Identification and Authentication
Registration and Proofing of Identity
Authorization and Accountability
Authentication Factors
Passwords
Smartcards and Tokens
Biometrics
Multifactor Authentication
Device Authentication
Implementing Identity Management
Single Sign-On
Credential Management Systems
Integrating Identity Services
Managing Sessions
AAA Protocols
Managing the Identity and Access Provisioning Life Cycle
Provisioning
Account Review
Account Revocation

Chapter 14 Controlling and Monitoring Access
Comparing Access Control Models
Comparing Permissions, Rights, and Privileges
Understanding Authorization Mechanisms
Defining Requirements with a Security Policy
Implementing Defense in Depth
Discretionary Access Controls
Nondiscretionary Access Controls
Understanding Access Control Attacks
Risk Elements
Identifying Assets
Identifying Threats
Identifying Vulnerabilities
Common Access Control Attacks
Summary of Protection Methods

Chapter 15 Security Assessment and Testing
Building a Security Assessment and Testing Program
Security Testing
Security Assessments
Security Audits
Performing Vulnerability Assessments
Vulnerability Scans
Penetration Testing
Testing Your Software
Code Review and Testing
Interface Testing
Misuse Case Testing
Test Coverage Analysis
Implementing Security Management Processes
Log Reviews
Account Management
Backup Verification
Key Performance and Risk Indicators

Chapter 16 Managing Security Operations
Applying Security Operations Concepts
Need to Know and Least Privilege
Separation of Duties and Responsibilities
Job Rotation
Mandatory Vacations
Monitor Special Privileges
Managing the Information Life Cycle
Service Level Agreements
Addressing Personnel Safety
Provisioning and Managing Resources
Managing Hardware and Software Assets
Protecting Physical Assets
Managing Virtual Assets
Managing Cloud-based Assets
Media Management
Managing Configuration
Baselining
Using Images for Baselining
Managing Change
Security Impact Analysis
Versioning
Configuration Documentation
Managing Patches and Reducing Vulnerabilities
Patch Management
Vulnerability Management
Common Vulnerabilities and Exposures

Chapter 17 Preventing and Responding to Incidents
Managing Incident Response
Defining an Incident
Incident Response Steps
Implementing Preventive Measures
Basic Preventive Measures
Understanding Attacks
Intrusion Detection and Prevention Systems
Specific Preventive Measures
Logging, Monitoring, and Auditing
Logging and Monitoring
Egress Monitoring
Auditing to Assess Effectiveness
Security Audits and Reviews
Reporting Audit Results

Chapter 18 Disaster Recovery Planning
The Nature of Disaster
Natural Disasters
Man-made Disasters
Understand System Resilience and Fault Tolerance
Protecting Hard Drives
Protecting Servers
Protecting Power Sources
Trusted Recovery
Quality of Service
Recovery Strategy
Business Unit and Functional Priorities
Crisis Management
Emergency Communications
Workgroup Recovery
Alternate Processing Sites
Mutual Assistance Agreements
Database Recovery
Recovery Plan Development
Emergency Response
Personnel and Communications
Assessment
Backups and Offsite Storage
Software Escrow Arrangements
External Communications
Utilities
Logistics and Supplies
Recovery vs. Restoration
Training, Awareness, and Documentation
Testing and Maintenance
Read-Through Test
Structured Walk-Through
Simulation Test
Parallel Test
Full-Interruption Test
Maintenance

Chapter 19 Incidents and Ethics
Investigations
Investigation Types
Evidence
Investigation Process
Major Categories of Computer Crime
Military and Intelligence Attacks
Business Attacks
Financial Attacks
Terrorist Attacks
Grudge Attacks
Thrill Attacks
Incident Handling
Common Types of Incidents
Response Teams
Incident Response Process
Interviewing Individuals
Incident Data Integrity and Retention
Reporting and Documenting Incidents
Ethics
(ISC)2 Code of Ethics
Ethics and the Internet

Chapter 20 Software Development Security
Introducing Systems Development Controls
Software Development
Systems Development Life Cycle
Life Cycle Models
Gantt Charts and PERT
Change and Configuration Management
The DevOps Approach
Application Programming Interfaces
Software Testing
Code Repositories
Service-Level Agreements
Software Acquisition
Establishing Databases and Data Warehousing
Database Management System Architecture
Database Transactions
Security for Multilevel Databases
ODBC
Storing Data and Information
Types of Storage
Storage Threats
Understanding Knowledge-based Systems
Expert Systems
Neural Networks
Decision Support Systems
Security Applications

Chapter 21 Malicious Code and Application Attacks
Malicious Code
Sources of Malicious Code
Viruses
Logic Bombs
Trojan Horses
Worms
Spyware and Adware
Countermeasures
Password Attacks
Password Guessing
Dictionary Attacks
Social Engineering
Countermeasures
Application Attacks
Buffer Overflows
Time of Check to Time of Use
Back Doors
Escalation of Privilege and Rootkits
Web Application Security
Cross-Site Scripting (XSS)
SQL Injection
Reconnaissance Attacks
IP Probes
Port Scans
Vulnerability Scans
Dumpster Diving
Masquerading Attacks
IP Spoofing
Session Hijacking
Course Description: Print It | Download PDF | Email It

Public Class Format

Certstaffix® Training public classes are instructor-led live online training you attend either from your home/work location or in one of our computer labs. Our live online instructors teach you from a remote location while being able to interact with you like in a traditional classroom.


Quality Instructors

Our instructors have many years of experience teaching adult learners in person and online.

Complete Lab Environment

Access to software required is provided in a lab environment during class.

Hands-on Learning

Most classes are not all lecture - you can learn by actually doing.


Small Classes

You get more attention from the instructor and classes flow more smoothly.

Post-Class Lab Access*

Access practice lab environment for 180 days after most classes*.


Low Cancellation Rate

Most classes run as scheduled.



*These courses do not have post-class lab environment access: Adobe, Salesforce, QuickBooks Online Edition, Google, HTML, WordPress, ITIL, Six Sigma, CompTIA, Project Management, SEO, Social Media.


Group Training

Have a group of several students needing the same training? Then onsite training is a perfect option for you. We'll come onsite to your office so you don't have to travel. You'll be able to fully customize a course to your needs. Lastly, you can save per student versus our public classes.

How Onsite Training Works

  • An expert Instructor will come to your office and personally train the students
  • Course can be fully customized to your training needs
  • Each student receives a Course Manual with Practice Files (Materials provided before the class date)
  • If a course has a hands‐on lab, we provide access to the configured course software and files.
    (Requires a high‐speed internet connection and certain open ports on your firewall. You can perform a Connection Assessment Test here)
  • Course is scheduled based on dates you provide (Subject to instructor availability)
  • We usually require about 4 weeks lead time to arrange a training session
  • Training is completed in a convenient session(s) of your choosing
  • Two 15 minute breaks and one hour long break for lunch daily

Request a Free Quote

CISSP: Certified Information Systems Security Professional Class Reviews

Here are a sample of CISSP Certification class reviews from past students that have attended our CISSP Certification training courses.




Security professionals consider the Certified Information Systems Security Professional (CISSP) to be the most desired certification to achieve. More than 200,000 have taken the exam, and there are more than 70,000 CISSPs worldwide. 

This course is updated for the latest 2018 CISSP Body of Knowledge. This course covers 100% of all exam objectives. You'll prepare for the exam smarter and faster thanks to expert content, real-world examples, advice on passing each section of the exam, access to an online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

Coverage of all of the exam topics in the course means you'll be ready for:

• Security and Risk Management
• Asset Security
• Security Engineering
• Communication and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

Certification exams are administered by third party testing companies such as Pearson Vue or Prometric. Our courses prepare you for the certification exam, which is an additional fee paid to the testing provider.. You must contact Prometric, Pearson Vue or the corresponding testing provider to take a certification exam.


Certstaffix® Class Reviews

Student Average:
4.85 out of 5 from 1 students

4.85 out of 5

- attended our CISSP: Certified Information Systems Security Professional class


Please contact us if we do not yet have any reviews or you would like more.

CISSP Certification Courses By City:

AB - Calgary       FL - Sarasota       NB - Moncton       PA - Scranton-Wilkes Barre      
AB - Edmonton       FL - Tallahassee       NB - Saint John       PA - York      
AK - Anchorage       FL - Tampa       NC - Asheville       PR - Puerto Rico      
AL - Birmingham       FL - Winter Park       NC - Charlotte       QC - Montreal      
AL - Huntsville       GA - Augusta       NC - Greensboro       RI - Providence      
AL - Mobile       GA - Columbus       NC - Raleigh       SC - Greenville      
AL - Montgomery       GA - Peachtree Corners       NC - Winston-Salem       SC - Myrtle Beach      
AR - Bentonville       GA - Savannah       ND - Bismarck       SC - North Charleston      
AR - Little Rock       HI - Honolulu       ND - Fargo       SD - Sioux Falls      
AZ - Phoenix       IA - Des Moines       NE - Lincoln       SK - Regina      
AZ - Tucson       IA - Iowa City       NE - Omaha       SK - Saskatoon      
BC - Vancouver       ID - Boise       NH - Bedford       TN - Chattanooga      
CA - Bakersfield       IL - Chicago       NJ - Bridgewater       TN - Knoxville      
CA - Fresno       IL - Rockford       NM - Albuquerque       TN - Memphis      
CA - Los Angeles       IN - Bloomington       NM - Las Cruces       TN - Nashville      
CA - Merced       IN - Evansville       NM - Santa Fe       TX - Amarillo      
CA - Modesto       IN - Fort Wayne       NS - Halifax       TX - Austin      
CA - Napa       IN - Indianapolis       NV - Henderson       TX - Beaumont      
CA - Oakland       IN - South Bend       NV - Reno       TX - Corpus Christi      
CA - Oxnard       KS - Topeka       NY - Albany       TX - Dallas      
CA - Rancho Cucamonga       KY - Lexington       NY - Buffalo       TX - El Paso      
CA - Sacramento       KY - Louisville       NY - New York City       TX - Fort Worth      
CA - Salinas       LA - Baton Rouge       NY - Rochester       TX - Houston      
CA - San Diego       LA - Lafayette       NY - Syracuse       TX - Killeen      
CA - San Jose       LA - New Orleans       OH - Beaver Creek       TX - Laredo      
CA - Santa Maria       LA - Shreveport       OH - Cincinnati       TX - Longview      
CA - Santa Rosa       MA - Burlington       OH - Cleveland       TX - Lubbock      
CA - Stockton       MA - Springfield       OH - Columbus       TX - McAllen      
CB - Caribbean       MA - Westborough       OH - Toledo       TX - Midland      
CB - Kingston       MB - Winnipeg       OH - Youngstown       TX - San Antonio      
CB - Nassau       MD - Largo       OK - Oklahoma City       TX - Tyler      
CO - Boulder       MD - Laurel       OK - Tulsa       TX - Waco      
CO - Colorado Springs       ME - Portland       ON - Ottawa       UT - Ogden      
CO - Denver       MI - Ann Arbor       ON - Toronto       UT - Salt Lake City      
CT - Cheshire       MI - Flint       OR - Beaverton       VA - Charlottesville      
CT - New Haven       MI - Grand Rapids       OR - Bend       VA - Glen Allen      
CT - Stamford       MI - Lansing       OR - Eugene       VA - Harrisonburg      
DE - Wilmington       MI - Livonia       OR - Medford       VA - Roanoke      
FL - Daytona Beach       MN - Minnetonka       OR - Salem       VA - Virginia Beach      
FL - Fort Lauderdale       MO - Columbia       PA - Allentown       VT - Burlington      
FL - Fort Myers       MO - Kansas City       PA - Erie       WA - Seattle      
FL - Gainesville       MO - St. Louis       PA - Harrisburg       WA - Spokane      
FL - Jacksonville       MS - Biloxi       PA - Malvern       WI - Eau Claire      
FL - Lakeland       MS - Jackson       PA - Philadelphia       WI - Green Bay      
FL - Miami       MT - Billings       PA - Pittsburgh       WI - Madison      
FL - Naples       MT - Montana       PA - Reading       WI - Milwaukee      
FL - Pensacola