1 - Security and Risk Management
Topic A: Security ConceptsTopic B: Security Governance PrinciplesTopic C: ComplianceTopic D: Professional EthicsTopic E: Security DocumentationTopic F: Risk ManagementTopic G: Threat ModelingTopic H: Risk ResponseTopic I: Business Continuity Plan FundamentalsTopic J: Acquisition Strategy and PracticeTopic K: Personnel Security PoliciesTopic L: Security Awareness and Training
2 - Asset Security
Topic A: Asset ClassificationTopic B: Secure Data HandlingTopic C: Resource Provisioning and ProtectionTopic D: Manage Data LifecycleTopic E: Asset RetentionTopic F: Data Security Control
3 - Security Architecture and Engineering
Topic A: Security in the Engineering LifecycleTopic B: System Component SecurityTopic C: Security ModelsTopic D: Controls and Countermeasures in Enterprise SecurityTopic E: Information System Security CapabilitiesTopic F: Design and Architecture Vulnerability MitigationTopic G: Vulnerability Mitigation in Emerging TechnologiesTopic H: Cryptography ConceptsTopic I: Cryptography TechniquesTopic J: Cryptanalytic AttacksTopic K: Site and Facility Design for Physical SecurityTopic L: Physical Security Implementation in Sites and Facilities
4 - Communication and Network Security
Topic A: Network Protocol SecurityTopic B: Network Components SecurityTopic C: Communication Channel SecurityTopic D: Network Attack Mitigation
5 - Identity and Access Management
Topic A: Physical and Logical Access ControlTopic B: Identification and AuthenticationTopic C: Identity as a ServiceTopic D: Authorization MechanismsTopic E: Access Control Attack Mitigation
6 - Security Assessment and Testing
Topic A: System Security Control TestingTopic B: Software Security Control TestingTopic C: Security Process Data CollectionTopic D: Audits
7 - Security Operations
Topic A: Security Operations ConceptsTopic B: Change ManagementTopic C: Physical SecurityTopic D: Personnel SecurityTopic E: Detective and Preventive MeasuresTopic F: Patch and Vulnerability ManagementTopic G: Logging and MonitoringTopic H: Incident ResponseTopic I: InvestigationsTopic J: Disaster Recovery PlanningTopic K: Disaster Recovery StrategiesTopic L: Disaster Recovery Implementation
8 - Software Development Security
Topic A: Security Principles in the System LifecycleTopic B: Security Principles in the Software Development LifecycleTopic C: Security Controls in the Development EnvironmentTopic D: Database Security in Software DevelopmentTopic E: Software Security Effectiveness Assessment
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience.
It is highly recommended that students have obtained CompTIA® Network+® or Security+® certifications, or possess equivalent professional experience upon entering CISSP training.