course-deatils-thumbnail

Certified Information Systems Security Professional (CISSP)

Course Code: 2510

Overview

A CISSP certification helps a professional increase their visibility and credibility in the cybersecurity market. The program covers neutral skills that can be applied to a wide range of methodologies and technologies. A Certified Information Systems Security Professional (CISSP) is proficient in designing, implementing, and managing a world-class state-of-the-art cybersecurity program effectively. This certification validates your expertise, standing as a proof of your skills; helping you advance your career.

Schedule Classes

Looking for more sessions of this class?
Isc 2

Course Delivery

This course is available in the following formats:

Live Classroom
Duration: 5 days

Live Virtual Classroom
Duration: 5 days

What You'll learn

  • Learn and apply the concepts of security and risk management
  • Understand security engineering to protect information by exploring and examining security models and frameworks
  • Learn to identify, categorize, and prioritize assets
  • Examine and secure network architecture and its components
  • Learn to identify and control access to protect assets
  • Design and conduct security assessment strategies, logging, and monitoring activities
  • Develop a recovery strategy and maintain operational resilience
  • Learn to secure the software development cycle

Outline

  • Understand and apply concepts of confidentiality, integrity and availability
  • Evaluate and apply security governance principles
  • Determine compliance requirements
  • Understand legal and regulatory issues that pertain to information security in a global context
  • Understand, adhere to, and promote professional ethics
  • Develop, document, and implement security policy, standards, procedures, and guidelines
  • Identify, analyze, and prioritize Business Continuity (BC) requirements
  • Contribute to and enforce personnel security policies and procedures
  • Understand and apply risk management concepts
  • Understand and apply threat modelling concepts and methodologies
  • Apply risk-based management concepts to the supply chain
  • Establish and maintain a security awareness, education, and training program
  • Identify and classify information and assets
  • Determine and maintain information and asset ownership
  • Protect privacy
  • Ensure appropriate asset retention
  • Determine data security controls
  • Establish information and asset handling requirements
  • Implement and manage engineering processes using secure design principles
  • Understand the fundamental concepts of security models
  • Select controls based upon systems security requirements
  • Understand security capabilities of information systems (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
  • Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
  • Assess and mitigate vulnerabilities in web-based systems
  • Assess and mitigate vulnerabilities in mobile systems
  • Assess and mitigate vulnerabilities in embedded devices
  • Apply cryptography
  • Apply security principles to site and facility design
  • Implement site and facility security controls
  • Implement secure design principles in network architectures
  • Secure network components
  • Implement secure communication channels according to design
  • Control physical and logical access to assets
  • Manage identification and authentication of people, devices, and services
  • Integrate identity as a third-party service
  • Implement and manage authorization mechanisms
  • Manage the identity and access provisioning lifecycle
  • Design and validate assessment, test, and audit strategies
  • Conduct security control testing
  • Collect security process data (e.g., technical and administrative)
  • Analyze test output and generate report
  • Conduct or facilitate security audits
  • Understand and support investigations
  • Understand requirements for investigation types
  • Conduct logging and monitoring activities
  • Securely provisioning resources
  • Understand and apply foundational security operations concepts
  • Apply resource protection techniques
  • Conduct incident management
  • Operate and maintain detective and preventive measures
  • Implement and support patch and vulnerability management
  • Understand and participate in change management processes
  • Implement recovery strategies
  • Implement Disaster Recovery (DR) processes
  • Test Disaster Recovery Plans (DRP)
  • Participate in Business Continuity (BC) planning and exercises
  • Implement and manage physical security
  • Address personal safety and security concerns
  • Understand and integrate security in the Software Development Life Cycle (SDLC)
  • Identify and apply security controls in development environments
  • Assess the effectiveness of software security
  • Assess security impact of acquired software
  • Define and apply secure coding guidelines and standards
View More

Prerequisites

To pursue a CISSP certification, candidates must have a minimum of 5 years cumulative work experience in 2 or more of the following eight domains:

  • Security and risk management
  • Asset security
  • Security architecture and engineering
  • Identity and access management
  • Communication and network security
  • Security assessment and testing
  • Security operations
  • Software development security

Earning a 4 year college degree or regional equivalent or an additional credential from the (ISC)2 approved list will satisfy one year of the required experience.

If one doesn’t have the required experience to be eligible for the certification, they could become an associate of (ISC)2 by clearing the CISSP examination. This will give those 6 years to earn the required 5 years of experience.

Who Should Attend

The CISSP training and certificate is highly recommended for:

  • Chief Information Officer
  • Chief Information Security Officer
  • Director of Security
  • IT Director/Manager
  • Network Architect
  • Security Analyst/Consultant/Manager/Auditor
  • Security Systems Engineer

Interested in this course? Let’s connect!

Certification

The CISSP exam evaluates expertise across eight security domains. These domains along with their weightages in the exams are as below –

Domain Weightage
Security and risk management 15%
Asset security 10%
Security architecture and engineering 13%
Communication and network security 14%
Identity and access management 13%
Security assessment and testing 12%
Security operations 13%
Software development security 10%

 

Clearing the CISSP examination conducted by (ISC)2 proves that the participant now has the advanced knowledge and technical skills to effectively design, implement and manage a best-in-class security program.

The CISSP examination is available in the following languages –

  • English
  • French
  • German
  • Brazilian Portuguese
  • Spanish
  • Japanese
  • Simplified Chinese
  • Korean
  • Visually impaired

All English CISSP exams worldwide use the Computer Adaptive Testing (CAT) exam, while non-English CISSP exams would be administered as a linear, fixed-form exam.

The details for the CISSP CAT exam are as below –

Length of the examination 3 hours
Number of questions 100-150
Format of the questions Multiple choice questions and advanced innovative questions
Passing grade 700 out of 1000 points
Exam language availability English

 

The details for the CISSP linear, fixed-form exam are as below –

Length of the examination 6 hours
Number of questions 250
Format of the questions Multiple choice questions and advanced innovative questions
Passing grade 700 out of 1000 points
Exam language availability French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese, Korean