ExpiredCertified Information System Security Professional (CISSP 2015)

Lorie Gregorchuk

  • March 13, 2017 - March 17, 2017
    8:00 am - 4:00 pm
  • May 8, 2017 - May 12, 2017
    8:00 am - 4:00 pm
  • February 13, 2017 - February 17, 2017
    8:00 am - 4:00 pm

Course Delivery: Online Live                                                                         Course Length: 5 days                    

Overview: In this course, students will analyze a wide range of information systems security subjects that are organized into 8 domains for CISSP exam certification.

Course Objectives: At the end of this course, students will be able to:

  • Analyze information systems access control.
  • Analyze security architecture and design.
  • Analyze network security systems and telecommunications.
  • Analyze information security management goals.
  • Analyze information security classification and program development.
  • Analyze risk management criteria and ethical codes of conduct.
  • Analyze software development security.
  • Analyze cryptography characteristics and elements.
  • Analyze physical security.
  • Analyze operations security.
  • Apply Business Continuity and Disaster Recovery Plans.
  • Identify legal issues, regulations, compliance standards, and investigation practices relating to information systems security.

Course Outline:

Security & Risk Management

Security & Risk Management

Confidentiality, Integrity, and Availability

Security Governance

The Complete and Effective Security Program


Global Legal and Regulatory Issues

Understand Professional Ethics

Develop and Implement Security Policy

Business Continuity (BC) & Disaster Recovery (DR) Requirements

Manage Personnel Security

Risk Management Concepts

Threat Modeling

Acquisitions Strategy and Practice

Security Education, Training, and Awareness

Asset Security

Asset Security

Data Management: Determine and Maintain Ownership

Data Standards

Longevity and Use

Classify Information and Supporting Assets

Asset Management

Protect Privacy

Ensure Appropriate Retention

Determine Data Security Controls

Standards Selection

Security Engineering

Security Engineering

The Engineering Lifecycle Using Security Design Principles

Fundamental Concepts of Security Models

Information Systems Security Evaluation Models

Security Capabilities of Information Systems

Vulnerabilities of Security Architectures

Database Security

Software and System Vulnerabilities and Threats

Vulnerabilities in Mobile Systems

Vulnerabilities in Embedded Devices and Cyber-Physical Systems

The Application and Use of Cryptography

Site and Facility Design Considerations

Site Planning

Implementation and Operation of Facilities Security

Communications & Network Security

Communications & Network Security

Secure Network Architecture and Design

Implications of Multi-Layer Protocols

Converged Protocols

Securing Network Components

Secure Communication Channels

Network Attacks

Identify & Access Management

Identity & Access Management

Physical and Logical Access to Assets

Identification and Authentication of People and Devices

Identity Management Implementation

Identity as a Service (IDaaS)

Integrate Third-Party Identity Services

Implement and Manage Authorization Mechanisms

Prevent or Mitigate Access Control Attacks

Identity and Access Provisioning Lifecycle

Security Assessment & Testing

Security Assessment & Testing

Assessment and Test Strategies

Collect Security Process Data

Internal and Third-Party Audits

Security Operations

Security Operations


Provisioning of Resources through Configuration Management

Resource Protection

Incident Response

Preventative Measures against Attacks

Patch and Vulnerability Management

Change and Configuration Management

The Disaster Recovery Process

Test Plan Review

Business Continuity and Other Risk Areas

Access Control

Personnel Safety

Security in the Software Development Life Cycle

Security in the Software Development Life Cycle

Software Development Security Outline

Environment and Security Controls

Security of the Software Environment

Software Protection Mechanisms

Assess the Effectiveness of Software Security

Assess Software Acquisition Security


Lorie GregorchukExpiredCertified Information System Security Professional (CISSP 2015)