Certified Information Systems Security Professional
5-day virtual (no travel) training course, $2695
RCCSP
  Professional
    Education
       Alliance

Overview

This CISSP training course prepares participants to take the (ISC)² CISSP exam, which is administered independently of this training course. Our CISSP course agenda covers subject matter in a variety of Information Security topics. During this training course attendees will receive expert instruction from our instructors posessing hands-on experience while complete subject matter required to prepare for the (ISC)² CISSP exam is covered.

The course focuses on eight areas of interest, which are also called domains. Participants will gain indepth knowledge about the following CBK domains:

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communications and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Developement Security

Course Deliverables

  • Up-to-date study guide
  • Official Training Handbook
  • Official (ISC)² CISSP Flash Cards
  • CISSP Practice Test Questions

CISSP Certification Requirements

This training course is ideal for IT consultants, managers, security policy writers, network administrators, security device administrators, and security engineers including security professionals requiring CISSP certification.

Candidates for the CISSP must:

  • Possess a minimum of five years of direct full-time security work experience in two or more of the ten (ISC)² information security domains. One year may be waived for having either a four-year college degree, a Master's degree in Information Security, or for possessing one of a number of other certifications from other organizations. A candidate not possessing the necessary five years of experience may earn the Associate of (ISC)² designation by passing the required CISSP examination. The Associate of (ISC)² for CISSP designation is valid for a maximum of six years from the date (ISC)² notifies the candidate of having passed the exam. During those six years a candidate will need to obtain the required experience and submit the required endorsement form for certification as a CISSP. Upon completion of the professional experience requirements the certification will be converted to CISSP status.
  • Pass the CISSP exam with a scaled score of 700 points or greater out of 1000 possible points. The exam is multiple choice, consisting of 250 questions with four options each, to be answered over a period of six hours. 25 of the questions are experimental questions which are not graded.

Agenda

Security Governance Through Principles and Policies

  • Security 101
  • Understand and Apply Security Concepts
  • Security Boundaries
  • Evaluate and Apply Security Governance Principles
  • Manage the Security Function
  • Security Policy, Standards, Procedures, and Guidelines
  • Threat Modeling
  • Supply Chain Risk Management

Personal Security and Risk Management Concepts

  • Personnel Security Policies and Procedures
  • Understand and Apply Risk Management Concepts
  • Social Engineering
  • Establish and Maintain a Security Awareness, Education, and Training Program

Busines Continurity Planning

  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Analysis
  • Continuity Planning
  • Plan Approval and Implementation

Laws, Regulations, and Compliance

  • Categories of Laws
  • Laws
  • State Privacy Laws
  • Compliance
  • Contracting and Procurement

Protecting Security of Assets

  • Identifying and Classifying Information and Assets
  • Establishing Information and Asset Handling Requirements
  • Data Protection Methods
  • Understanding Data Roles
  • Using Security Baselines

Cryptography and Symmetric Key Algorithms

  • Cryptographic Foundations
  • Modern Cryptography
  • Symmetric Cryptography
  • Cryptographic Lifecycle

PKI and Cryptographic Applications

  • Asymmetric Cryptography
  • Hash Functions
  • Digital Signatures
  • Public Key Infrastructure
  • Asymmetric Key Management
  • Hybrid Cryptography
  • Applied Cryptography
  • Cryptographic Attacks

Principles of Security Models, Design, and Capabilities

  • Secure Design Principles
  • Techniques for Ensuring CIA
  • Understand the Fundamental Concepts of Security Models
  • Select Controls Based on Systems Security Requirements
  • Understand Security Capabilities of Information Systems

Security Vunerabilities, Threats, and Countermeasures

  • Shared Responsibility
  • Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
  • Client-Based Systems
  • Server-Based Systems
  • Industrial Control Systems
  • Distributed Systems
  • High-Performance Computing (HPC) Systems
  • Internet of Things
  • Edge and Fog Computing
  • Embedded Devices and Cyber-Physical Systems
  • Specialized Devices
  • Microservices
  • Infrastructure as Code
  • Virtualized Systems
  • Containerization
  • Serverless Architecture
  • Mobile Devices
  • Essential Security Protection Mechanisms
  • Common Security Architecture Flaws and Issues

Dates, Locations and Registration

Prerequisites:

TCP/IP Networking
Security+ Prep Course

Follow-On Courses:

Cybersecurity Essentials

Home

Training & Certification:
   w Call Center
   w IT Support Center
   w ITIL
   w Help Desk

   w Telecom

Call Center Operations
Technical Support
Call Center Technology
Online Support
Customer Satisfaction
Knock Your Socks Off
Help Desk Institute
Telecom Books
Communication Skills
Call Center Monitoring
Metrics / Benchmarking
CRM
Hiring & Retention
Outbound Telesales
Novelty Gifts & Humor

Subject Index
Catalog Index

Shipping Options
About Us
Contact Us

Physical Security Requirements

  • Apply Security Principles to Site and Facility Design
  • Implement Site and Facility Security Controls
  • Implement and Manage Physical Security

Secure Network Architecture and Components

  • OSI Model
  • TCP/IP Model
  • Analyzing Network Traffic
  • Common Application Layer Protocols
  • Transport Layer Protocols
  • Domain Name System
  • Internet Protocol (IP) Networking
  • ARP Concerns
  • Secure Communication Protocols
  • Implications of Multilayer Protocols
  • Microsegmentation
  • Wireless Networks
  • Other Communication Protocols
  • Cellular Networks
  • Content Distribution Networks (CDNs)
  • Secure Network Components

Secure Communications and Network Attacks

  • Protocol Security Mechanisms
  • Secure Voice Communications
  • Remote Access Security Management
  • Multimedia Collaboration
  • Load Balancing
  • Manage Email Security
  • Virtual Private Network
  • Switching and Virtual LANs
  • Network Address Translation
  • Third-Party Connectivity
  • Switching Technologies
  • WAN Technologies
  • Fiber-Optic Links
  • Security Control Characteristics
  • Prevent or Mitigate Network Attacks

Managing Identity and Authentication

  • Controlling Access to Assets
  • Managing Identification and Authentication
  • Implementing Identity Management
  • Managing the Identity and Access Provisioning Lifecycle

Controlling and Monitoring Access

  • Comparing Access Control Models
  • Implementing Authentication Systems
  • Understanding Access Control Attacks

Security Assessment and Testing

  • Building a Security Assessment and Testing Program
  • Performing Vulnerability Assessments
  • Testing Your Software
  • Implementing Security Management Processes

Managing Security Options

  • Apply Foundational Security Operations Concepts
  • Addressing Personnel Safety and Security
  • Provision Resources Securely
  • Apply Resource Protection
  • Managed Services in the Cloud
  • Perform Configuration Management (CM)
  • Managing Change
  • Managing Patches and Reducing Vulnerabilities

Preventing and Responding to Incidents

  • Conducting Incident Management
  • Implementing Detective and Preventive Measures
  • Logging and Monitoring
  • Automating Incident Response

Disaster Recovery Planning

  • The Nature of Disaster
  • Understand System Resilience, High Availability, and Fault Tolerance
  • Recovery Strategy
  • Recovery Plan Development
  • Training, Awareness, and Documentation
  • Testing and Maintenance

Investigations and Ethics

  • Investigations
  • Major Categories of Computer Crime
  • Ethics

Software Development Security

  • Introducing Systems Development Controls
  • Establishing Databases and Data Warehousing
  • Storage Threats
  • Understanding Knowledge-Based Systems

Malicious Code and Application Attacks

  • Malware
  • Malware Prevention
  • Application Attacks
  • Injection Vulnerabilities
  • Exploiting Authorization Vulnerabilities
  • Exploiting Web Application Vulnerabilities
  • Application Security Controls
  • Secure Coding Practices

Registration Fees

Both classroom training and virtual (online) training formats are available.

The per student registration fee for the hands-on classroom session is $2695, and includes the seminar, course materials, and morning and afternoon refreshments.

Registration fee for the 5-day virtual training session is $2695.

Classoom training begins at 8:30 AM each day and concludes at 4:30 PM unless otherwise directed. Please arrive early on the first day to sign-in and meet fellow attendees. If you register less than one week in advance of a class, please bring your confirmation letter. Business casual attire is appropriate. For information on virtual training session start and stop times, refer to the course schedule below.

Register securely online with confidence or please call (708) 246-0320.

Seminar Schedule
Dec 5-9, 2022 8:00 AM-5:30 PM ET Virtual Classroom
Dec 12-16, 2022 8:00 AM-5:30 PM ET Virtual Classroom
Dec 19-23, 2022 8:00 AM-5:30 PM ET Virtual Classroom
Jan 9-13, 2023 8:00 AM-5:30 PM ET Virtual Classroom
Jan 16-20, 2023 8:00 AM-5:30 PM ET Virtual Classroom
Feb 6-10, 2023 8:00 AM-5:30 PM ET Virtual Classroom
Feb 20-24, 2023 8:00 AM-5:30 PM ET Virtual Classroom
Mar 6-10, 2023 8:00 AM-5:30 PM ET Virtual Classroom
Mar 13-17, 2023 8:00 AM-5:30 PM ET Virtual Classroom
Mar 20-24, 2023 11:00 AM-8:30 PM ET Virtual Classroom

More Training and Certification Courses


Terms & Conditions

Seminar provider is not responsible for losses due to cancellation. In all circumstances, seminar provider's liability shall be limited to fees received.

Seminar agenda and assigned instructors are subject to change.

Public Training Terms & Conditions

Payment is due prior to the seminar.

Public seminar cancellation policy.  Registrants may cancel up to fourteen days in advance of the seminar start date for a full refund, less administrative fees of $400.  Or, you may transfer your registration to another member of your company at no additional charge.  Registrants canceling within fourteen days of the seminar will receive training credit, less administrative fees of $400 toward any other Resource Center seminar.

In the unlikely event that a seminar must be cancelled by seminar provider due to unavoidable circumstances, you will be notified at least two weeks prior to the seminar date, and your payment will be refunded.  Seminar provider is not responsible for losses due to cancellation including losses on advanced purchase airfares.  We strongly recommend that attendees traveling by air to attend the seminar purchase only refundable tickets.Become a certified callcenter manager