Overview

This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all 10 CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. The CISSP exam is intentionally difficult and should not be taken lightly. Even students with years of security experience should assume that they will have additional study time after class. Because the domains are so varied, it is unlikely that any one student will have experience in all 10 domains. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in one or more fields related to the 10 CBK security domains, or a college degree and four years of experience.PrerequisitesIt is highly recommended that students have certifications in Network+ or Security+, or possess equivalent professional experience upon entering CISSP training. It will be beneficial if students have one or more of the following security-related or technology-related certifications or equivalent industry experience: MCSE, MCTS, MCITP, SCNP, CCNP, RHCE, LCE, CNE, SSCP®, GIAC, CISA™, or CISM®.Course ObjectivesUpon successful completion of this course, students will be able to:analyze information systems access control.analyze security architecture and design.analyze network security systems and telecommunications.analyze information security management goals.analyze information security classification and program development.analyze risk management criteria and ethical codes of conduct.analyze software development security.analyze cryptography characteristics and elements.analyze physical security.analyze operations security.apply Business Continuity and Disaster Recovery Plans.identify legal issues, regulations, compliance standards, and investigation practices relating to information systems security.Course ContentLesson 1: Information Systems Access ControlTopic 1A: Data Access PrinciplesTopic 1B: System Access and AuthenticationTopic 1C: Attacks and Penetration TestsLesson 2: Security Architecture and DesignTopic 2A: Security Architecture Frameworks and Security ModelsTopic 2B: Security ModesTopic 2C: System AssuranceLesson 3: Network and Telecommunications SecurityTopic 3A: Data Network DesignTopic 3B: Remote Data AccessTopic 3C: Data Network SecurityTopic 3D: Data Network ManagementLesson 4: Information Security Management GoalsTopic 4A: Organizational SecurityTopic 4B: The Application of Security ConceptsLesson 5: Information Security Classification and Program DevelopmentTopic 5A: Information ClassificationTopic 5B: Security Program DevelopmentLesson 6: Risk Management and EthicsTopic 6A: Risk ManagementTopic 6B: EthicsLesson 7: Software Development SecurityTopic 7A: Software Configuration ManagementTopic 7B: Software ControlsTopic 7C: Database System SecurityLesson 8: CryptographyTopic 8A: Ciphers and CryptographyTopic 8B: Symmetric-Key CryptographyTopic 8C: Asymmetric-Key CryptographyTopic 8D: Hashing and Message DigestsTopic 8E: Email, Internet, and Wireless SecurityTopic 8F: Cryptographic WeaknessesLesson 9: Physical SecurityTopic 9A: Physical Access ControlTopic 9B: Physical Access MonitoringTopic 9C: Physical Security MethodsTopic 9D: Facilities SecurityLesson 10: Operations SecurityTopic 10A: Operations Security ControlTopic 10B: Operations Security Auditing and MonitoringTopic 10C: Operational Threats and ViolationsLesson 11: Business Continuity and Disaster Recovery PlanningTopic 11A: Business Continuity Plan FundamentalsTopic 11B: Business Continuity Plan ImplementationTopic 11C: Disaster Recovery Plan FundamentalsTopic 11D: Disaster Recovery Plan ImplementationLesson 12: Legal, Regulations, Compliance, and InvestigationsTopic 12A: Computer Crime Laws and RegulationsTopic 12B: Computer Crime Incident ResponseAppendix A: Mapping CISSP® Course Content to the (ISC)² CISSP Exam Objectives