CISSP®- Certified Information Systems Security Professional

Avatar
Teacher
Certs Learning
Category:
Cyber Security

What are the course objectives?

CISSP certification training is aligned to the (ISC)² CBK 2018 requirements. The course trains you in the industry’s latest best practices, which will help you pass the exam in the first attempt. The certification helps you develop expertise in defining the architecture and in designing, building, and maintaining a secure business environment for your organization using globally approved Information Security standards.

With unprecedented security breaches now being reported, the demand for IT security professionals has never been higher. Frost and Sullivan reports that there will be a shortage of 1.5 million security professionals by 2019.

What skills will you learn from this CISSP training course?

By the end of this CISSP training, you will:
  • Be able to define the architecture, design and management of the security of your organization.
  • Acquire the relevant knowledge and skills required to pass the CISSP certification exam.
  • Earn the requisite 30 CPEs required to take up the CISSP certification exam.
  • Develop working knowledge in the 8 domains prescribed by the CISSP Common Book of Knowledge, 2018.

Who should take this CISSP training course?

The CISSP certification is the most globally recognized professional requirement in the IT Security domain. This certification is best suited for:
  • Security Consultants/Managers
  • IT Directors/Managers
  • Security Auditors/Architects
  • Security Systems Engineers
  • Chief Information Security Officers
  • Network Architects

What types of projects will you complete during the CISSP training?

There are no projects associated with this course.

What types of jobs can benefit from a CISSP certification?

  • Cloud security enablement engineer
  • Information security audit professional
  • Lead information security engineer
  • Cybersecurity strategy leader
  • Information security manager

What are the career benefits of the CISSP Certification?

Increasing worldwide incidents of information security breaches have forced organizations to invest heavily in IT security, giving rise to a boom in the hiring of information security professionals.  Becoming certified in CISSP will verify you have the necessary skillsets, including:

  • Technical security and managerial proficiency
  • Knowledge of eight important security areas ranging from access control to software development.
  • Expertise in technologies that improve an organization’s security structure

CISSP® - Certified Information Systems Security Professional

1
Domain 00 – Introduction
  • 1 CISSP®—Introduction
  • 2 Objectives
  • 3 CISSP®
  • 4 (ISC)²®
  • 5 CISSP® Domains
  • 6 Benefits of CISSP® for Professionals
  • 7 Benefits of CISSP® for Employers
  • 8 CISSP® Certification Requirements
  • 9 CISSP® Certification Requirements (contd.)
  • 10 CISSP® Certification Requirements (contd.)
  • 11 CISSP® Certification Requirements (contd.)
  • 12 CISSP® Examination
  • 13 CISSP® Examination (contd.)
  • 14 Conclusion
2
Domain 01 – Security and Risk Management
  • 1 Domain 01—Security and Risk Management
  • 2 Objectives
  • 3 Importance of Information Security and Risk Management
  • 4 Role and Importance of CIA in ISM
  • 5 Confidentiality
  • 6 Integrity
  • 7 Availability
  • 8 Information Security
  • 9 Information Security Management
  • 10 Information Security Governance
  • 11 IT Security and Organizational Goals, Mission, and Objectives
  • 12 Goals, Mission, and Objective
  • 13 Aligning Security with Goals, Mission, and Objectives
  • 14 Business Scenario
  • 15 Organizational Processes
  • 16 Auditing
  • 17 Control Framework
  • 18 Due Care
  • 19 Due Diligence
  • 20 Security Controls
  • 21 Service Level Agreements
  • 22 Managing Third - Party Governance
  • 23 Offshoring Privacy Requirements and Compliance
  • 24 Business Scenario
  • 25 Layers of Responsibility
  • 26 Security Policies
  • 27 Types of Security Policies
  • 28 Security Policy Implementation
  • 29 Policy Chart
  • 30 Standards, Guidelines, Procedures, and Baselines
  • 31 Business Scenario
  • 32 Compliance—Need for Compliance
  • 33 Regulatory Compliance
  • 34 Compliance
  • 35 Compliance (contd.)
  • 36 Compliance (contd.)
  • 37 Standards/Manuals/Guidelines for Compliance01:09
  • 38 Computer Crimes
  • 39 Introduction to Computer Crimes
  • 40 Categories of Computer Crimes
  • 41 Business Scenario
  • 42 Major Legal Systems
  • 43 Common Law and Civil Law
  • 44 Customary Law and Religious Law
  • 45 Mixed Law
  • 46 Business Scenario
  • 47 Introduction to Intellectual Property (IP) Law
  • 48 Types of Intellectual Property (IP) Law
  • 49 Types of Intellectual Property (IP) Law (contd.)
  • 50 Types of Intellectual Property (IP) Law (contd.)
  • 51 Business Scenario
  • 52 Import or Export Controls and Trans - Border Data Flow
  • 53 Introduction to Privacy
  • 54 U.S. Privacy Laws
  • 55 U.S. Privacy Laws (contd.)
  • 56 U.S. Guidelines for Managing Privacy
  • 57 EU Council Directive (Law) on Data Protection
  • 58 The U.S.-European Union Safe Harbor
  • 59 Security Definitions
  • 60 Information Risk Management
  • 61 Business Scenario
  • 62 Introduction to Risk Analysis
  • 63 Goals of Risk Analysis
  • 64 Risk Analysis Team
  • 65 Steps for Risk Analysis
  • 66 Information and Assets Valuation
  • 67 Risk Analysis Types
  • 68 Quantitative Risk Analysis—Steps
  • 69 Quantitative Risk Analysis—Problem
  • 70 Qualitative Risk Analysis
  • 71 Delphi Technique
  • 72 Quantitative vs.Qualitative
  • 73 Hybrid Analysis
  • 74 Countermeasure Selection—Problem
  • 75 Countermeasure Selection—Other Factors
  • 76 Handling Risk
  • 77 Business Scenario
  • 78 Threat Modeling
  • 79 Need for Business Continuity Planning
  • 80 Basic Concepts—Disruptive Events
  • 81 Basic Concepts—Business Continuity Planning
  • 82 Importance of Business Continuity Planning
  • 83 Business Continuity Planning Phases
  • 84 BCP/DRP Phase 1—Project Initiation and Scoping
  • 85 BCP/DRP Phase 2—Business Impact Analysis (BIA)
  • 86 BIA—Goals
  • 87 BIA—Steps
  • 88 BIA Steps—Business Unit Level
  • 89 Maximum Tolerable Downtime (MTD)
  • 90 Failure and Recovery Metrics
  • 91 Failure and Recovery Metrics (contd.)
  • 92 Stages of Failure and Recovery
  • 93 BCP/DRP Phase 3—Identify Preventive Controls
  • 94 Importance of Managing Personnel Security
  • 95 Managing Personnel Security—Hiring Practices
  • 96 Managing Personnel Security—Employee Termination00:4
  • 97 Vendor, Contractors, and Consultant Controls
  • 98 Best Work Practices
  • 99 Business Scenario
  • 100 Importance of Security Awareness Training
  • 101 Security Awareness Training: Awareness, Training, and Education
  • 102 Implementation of Security Awareness Training Program
  • 103 Importance of Content Updates
  • 104 Importance of Managing Security Function
  • 105 Best Practices—Budget and Establish Security Metrics
  • 106 Best Practices—Resources and Develop and Implement Strategies
  • 107 Best Practices—Completeness and Effectiveness of the Program
  • 108 Business Scenario
  • 109 (ISC)² Code of Ethics
  • 110 Quiz
  • 111 Summary
  • 112 Conclusion
3
Domain 02 – Asset Security
  • 1 Domain 02 Asset Security
  • 2 Objectives
  • 3 Importance of Asset Security
  • 4 Need for Information Classification
  • 5 Information Classification Objectives
  • 6 Government or Military Sector Classification
  • 7 Commercial or Private Sector Classification
  • 8 Information Classification Criteria
  • 9 Data Classification Considerations
  • 10 Role Responsible for Data Classification
  • 11 Business Scenario
  • 12 Data Management
  • 13 Best Practices for Data Management
  • 14 Data Policy
  • 15 Data Ownership
  • 16 Data Ownership Best Practices
  • 17 Data Custodians
  • 18 Data Custodians (contd.)
  • 19 Data Quality
  • 20 Data Quality—Aspects
  • 21 Data Quality Assurance and Quality Control00:49
  • 22 Data Documentation
  • 23 Data Documentation Practices
  • 24 Data Standards
  • 25 Data Control Lifecycle
  • 26 Data Specification and Modeling
  • 27 Database Maintenance
  • 28 Data Audit
  • 29 Data Storage and Archiving
  • 30 Data Security
  • 31 Data Access, Sharing, and Dissemination
  • 32 Data Publishing
  • 33 Data Handling Requirements
  • 34 Media Resource Protection
  • 35 Data Remanence
  • 36 Business Scenario
  • 37 Asset Management
  • 38 Software Licensing
  • 39 Equipment Lifecycle
  • 40 Protecting Privacy
  • 41 Ensuring Appropriate Retention
  • 42 Data Security Controls
  • 43 Data in Transit—Best Practices
  • 44 Scoping and Tailoring
  • 45 Scoping and Tailoring (contd.)
  • 46 Standards Selection—US DoD
  • 47 Standards Selection—International Standards
  • 48 Standards Selection National Cyber Security Framework Manual
  • 49 Standards Selection Center for Strategic and International Studies
  • 50 Standards Selection Critical Security Controls
  • 51 Standards Selection Security Content Automation Protocol
  • 52 Framework for Improving Critical Infrastructure Cybersecurity
  • 53 Business Scenario
  • 54 Quiz
  • 55 Summary
  • 56 Conclusion
4
Domain 03 – Security Engineering
  • 1 Domain 03 Security Engineering
  • 2 Objectives
  • 3 Security Architecture and Design - Case Study
  • 4 Security Engineering
  • 5 Architecture Framework
  • 6 Zachman Framework
  • 7 TOGAF
  • 8 ITIL
  • 9 Creating a Security Architecture
  • 10 Enterprise Security Architecture
  • 11 Common Security Services in ESA
  • 12 SABSA Framework
  • 13 SABSA Matrix
  • 14 Business Scenario
  • 15 ISO/IEC 27001:2013 Security Standards
  • 16 ISO/IEC 27002 Code of Practice for Information Security Management
  • 17 Security Models
  • 18 State Machine Model
  • 19 Multilevel Security Models
  • 20 Matrix-Based Model
  • 21 Non-Interference Model
  • 22 Information flow model
  • 23 Examples of Security Models: Bell–LaPadula Confidentiality Model
  • 24 Examples of Security Models: Biba Integrity Model
  • 25 Examples of Security Models: Clark–Wilson integrity model
  • 26 Brewer Nash, Graham Denning, and Harrison Ruzzo Ullman models
  • 27 Business Scenario
  • 28 Evaluation Criteria
  • 29 CSEC
  • 30 Information Technology Security Evaluation Criteria
  • 31 Common Criteria
  • 32 Common Criteria Evaluation Process
  • 33 Common Criteria Levels
  • 34 Payment Card Industry Data Security Standard
  • 35 Certification and Accreditation
  • 36 Certification and Accreditation Standards
  • 37 SEI—CMMI
  • 38 SEI—CMMI Levels
  • 39 Business Scenario
  • 40 System Security Architecture
  • 41 Mainframes and Other Thin Client Systems
  • 42 Middleware and Embedded Systems
  • 43 Pervasive Computing and Mobile Computing Devices
  • 44 System Components Processors
  • 45 System Components Memory
  • 46 System Components Storage
  • 47 System Components Trusted Computing Base (TCB)
  • 48 System Components Reference Monitor
  • 49 System Components—Trusted Platform Module (TPM)
  • 50 System Components Peripherals and Other Input/Output Devices
  • 51 System Components Operating System
  • 52 System Components Ring Model
  • 53 System Components System Kernel
  • 54 Distributed Systems
  • 55 Virtualization
  • 56 Hypervisor
  • 57 Cloud Computing
  • 58 Service models
  • 59 Grid Computing
  • 60 Peer to Peer Networking (P2P)
  • 61 Business Scenario
  • 62 Security Threats and Countermeasures
  • 63 Assessing and Mitigating Vulnerabilities and Threats
  • 64 Assessing and Mitigating Vulnerabilities and Threats (contd.)
  • 65 Assessing and Mitigating Vulnerabilities and Threats (contd.)
  • 66 Best Practices
  • 67 Best Practices (contd.)
  • 68 Best Practices Techniques and Technologies
  • 69 Best Practices Techniques and Technologies (contd.)
  • 70 Best Practices Techniques and Technologies (contd.)
  • 71 Best Practices Techniques and Technologies (contd.)
  • 72 Best Practices Techniques and Technologies (contd.)
  • 73 Introduction to Cryptography
  • 74 Cryptographic Lifecycle
  • 75 Algorithm or Protocol Governance
  • 76 Cryptography Terms
  • 77 Strength of a Cryptosystem
  • 78 Cryptography Methods Substitution Cipher
  • 79 Cryptography Methods Transposition Cipher
  • 80 Cryptography Methods Book or Running Key Cipher
  • 81 Cryptography Methods Concealment Cipher
  • 82 Cryptography Methods Steganography and DRM
  • 83 Business Scenario
  • 84 Introduction to Symmetric Cryptography
  • 85 Symmetric Key Ciphers
  • 86 Block Cipher
  • 87 Stream Cipher
  • 88 Block Cipher Designs
  • 89 Data Encryption Standard (DES)
  • 90 DES Algorithm
  • 91 DES Operation Modes Electronic Code Book
  • 92 DES Operation Modes Cipher Block Chaining
  • 93 DES Operation Modes Cipher Feed Back
  • 94 DES Operation Modes Output Feed Back
  • 95 DES Operation Modes—Counter
  • 96 Triple DES
  • 97 Advanced Encryption Standard (AES)
  • 98 AES Algorithm
  • 99 AES Algorithm Key Expansion and Initial Round
  • 100 Advanced Encryption Standard (AES) Algorithm—Rounds
  • 101 AES Algorithm Final Round
  • 102 Other Symmetric Systems
  • 103 Other Symmetric Systems (contd.)
  • 104 Business Scenario
  • 105 Introduction to Asymmetric Cryptography
  • 106 Introduction to Asymmetric Cryptography Diagram
  • 107 Introduction to RSA Algorithm
  • 108 RSA Algorithm Process
  • 109 Other Types of Asymmetric Cryptography Elliptic Curve Cryptosystems
  • 110 Other Types of Asymmetric Cryptography Diffie-Hellman Key Exchange
  • 111 Public Key Cryptography
  • 112 Symmetric vs. Asymmetric Cryptography
  • 113 Advantages and Disadvantages
  • 114 Introduction to Public Key Infrastructure
  • 115 PKI Certification
  • 116 PKI Certification (contd.)
  • 117 PKI Steps—Part 1
  • 118 PKI Steps—Part 2
  • 119 One-Way Hash
  • 120 Hashing Algorithms
  • 121 Hashing Algorithms (contd.)
  • 122 Salting00:34
  • 123 Message Authentication Code (MAC)
  • 124 Digital Signatures
  • 125 Key Management
  • 126 Key Management Principles
  • 127 Escrowed Encryption
  • 128 Business Scenario
  • 129 Need for Physical and Environmental Security
  • 130 Business Scenario
  • 131 Site and Facility Design Criteria
  • 132 Information Protection Environment
  • 133 Crime Prevention Through Environmental Design (CPTED)
  • 134 Site Location
  • 135 Construction
  • 136 Support Facilities
  • 137 Business Scenario
  • 138 Secure Operational Areas
  • 139 Business Scenario
  • 140 Environmental Controls
  • 141 Environmental Controls (Contd.)
  • 142 Fire Detection and Suppression
  • 143 Power Supply
  • 144 Power Supply (contd.)
  • 145 HVAC
  • 146 Training and Awareness
  • 147 Business Scenario
  • 148 Quiz
  • 149 Summary
  • 150 Conclusion
5
Domain 04 – Communications and Network Security
  • 1 Domain 04—Communications and Network Security
  • 2 Objectives
  • 3 Importance of Communications and Network Security—Case Study
  • 4 Introduction to Secure Network Architecture and Design
  • 5 Open Systems Interconnection
  • 6 OSI Model Layers
  • 7 Physical Layer
  • 8 Data Link Layer
  • 9 Network Layer
  • 10 Transport Layer
  • 11 Session Layer
  • 12 Presentation Layer
  • 13 Application Layer
  • 14 Transmission Control Protocol/Internet Protocol (TCP/IP) Model
  • 15 Network Access Layer and Internet Layer
  • 16 Host-to-Host Layer and Application Layer
  • 17 Comparison of OSI and TCP/IP Models
  • 18 Introduction to IP Addressing
  • 19 IPv4 and IPv6
  • 20 Classful IP Addressing
  • 21 Class A
  • 22 Class B
  • 23 Class C
  • 24 Class D and Class E
  • 25 Classless Inter-Domain Routing
  • 26 Private Networks and Loopback Address
  • 27 Types of IP Addressing
  • 28 Routed and Routing Protocols
  • 29 Types of Network Protocols
  • 30 Transmission Control Protocol (TCP)
  • 31 User Datagram Protocol (UDP)
  • 32 Internet Protocol
  • 33 Address Resolution Protocol
  • 34 Internet Control Message Protocol (ICMP)
  • 35 Hypertext Transfer Protocol (HTTP)
  • 36 Implications of Multi-Layer Protocols
  • 37 Distributed Network Protocol
  • 38 LAN/Network Technologies
  • 39 Transmission Media
  • 40 Twisted Pair
  • 41 Coaxial Cable Box
  • 42 Fiber-Optic Cable Box
  • 43 Network Topologies
  • 44 Media Access Technologies
  • 45 Carrier-Sense Multiple Access with Collision Detection
  • 46 Carrier-Sense Multiple Access with Collision Avoidance
  • 47 Flavors of LAN transmission methods
  • 48 List of Networking Devices
  • 49 VLANs
  • 50 Gateways
  • 51 Network Access Control Devices
  • 52 Packet-Filtering and Application-Level
  • 53 Circuit-Level and Stateful-Inspection
  • 54 Firewall Architectures
  • 55 Network Security Terms
  • 56 Business Scenario
  • 57 Networks
  • 58 Types of Networks
  • 59 WAN Technologies
  • 60 WAN Switching and Devices
  • 61 Network Address Translation and Frame Relay
  • 62 Multi-Protocol Label Switching and VoIP
  • 63 Fiber Channel over Ethernet and Internet Small Computer System Interface
  • 64 Virtualized Networks
  • 65 Introduction to Remote Access
  • 66 VPN using PPTP and L2TP
  • 67 Internet Security Protocol (IPsec)
  • 68 Internet Security Protocol (IPsec) Modes of Operation
  • 69 IPsec Security Protocols—Authentication Header (AH)
  • 70 IPsec Security Protocols—Encapsulating Security Payload (ESP)
  • 71 Components of the IPsec Process
  • 72 Components of the IPsec Process (contd.)
  • 73 IPsec Process
  • 74 Secure Access Protocols
  • 75 Secure Access Protocols (contd.)
  • 76 Secure Access Protocols (contd.)
  • 77 Remote Access Security Methods
  • 78 Multimedia Collaboration
  • 79 Wireless Technologies
  • 80 IEEE Wireless Standards and Spread-Spectrum Technologies
  • 81 Direct Sequence Spread Spectrum and Frequency-Hopping Spread Spectrum0
  • 82 WLAN Operational Modes
  • 83 Bluetooth
  • 84 Bluetooth Attack
  • 85 Blue Jacking and Blue Snarfing
  • 86 Blue Bugging, Backdoor Attacks, and Denial of Service Attacks
  • 87 Wireless Security
  • 88 Business Scenario
  • 89 Network Attacks
  • 90 Network Attacks (contd.)
  • 91 Network Attacks—Countermeasures
  • 92 Quiz
  • 93 Summary
  • 94 Conclusion
6
Domain 05 – Identity and Access Management
  • 1 Domain 05—Identity and Access Management
  • 2 Objectives
  • 3 Importance of Identity and Access Management in Information Security
  • 4 Controlling Physical and Logical Access to Assets
  • 5 Controlling Physical and Logical Access to Assets (contd.)
  • 6 Access Subject Object and Access controls
  • 7 Identity and Access Management Policy
  • 8 Identification Authentication and Authorization
  • 9 Identity Management
  • 10 Identity and Access Provisioning Lifecycle
  • 11 Identity and Access Provisioning Lifecycle (contd.)
  • 12 Guidelines for User Identification
  • 13 Verifying Identification Information
  • 14 Strong Authentication
  • 15 Biometrics—Characteristics
  • 16 Types of Biometrics
  • 17 FRR FAR CER
  • 18 Passwords
  • 19 Password Types
  • 20 Tokens
  • 21 Token Device—Synchronous
  • 22 Token Device—Asynchronous
  • 23 Memory Cards and Smart Cards
  • 24 Attacks on Smart Cards—Fault Generation and Micro-Probing
  • 25 Access Criteria
  • 26 Authorization Concepts
  • 27 Identity Management Implementation
  • 28 Password Management
  • 29 Directory Management
  • 30 Directory Technologies
  • 31 Accounts Management
  • 32 Profile Management
  • 33 Web Access Management
  • 34 Single Sign-On (SSO)
  • 35 SSO Technologies
  • 36 Kerberos
  • 37 Kerberos Steps
  • 38 Problems with Kerberos
  • 39 Business Scenario
  • 40 Access Control Types—Security Layer
  • 41 Access Control Types—Functionality
  • 42 Business Scenario00:24
  • 43 Access Control Models—DAC
  • 44 Access Control Models—MAC
  • 45 Access Control Models—RBAC
  • 46 Business Scenario
  • 47 Access Control Concepts
  • 48 Types of Access Control Administration
  • 49 Remote Authentication Dial-In User Service (RADIUS)
  • 50 TACACS and TACACS+
  • 51 DIAMETER
  • 52 Accountability
  • 53 Accountability (contd.)
  • 54 Session Management
  • 55 Registration and Proof of Identity
  • 56 Credential Management Systems
  • 57 Credential Management Systems—Risks and benefits
  • 58 Federated Identity Management
  • 59 Federated Identity Management Models
  • 60 Federated Identity Management Models (contd.)
  • 61 Federated Identity Management Models (contd.)
  • 62 Identity as a Service
  • 63 Identity as a Service—Functionality
  • 64 Identity as a Service—Possible Issues
  • 65 Integrate Third-Party Identity Services
  • 66 Integrate Third-Party Identity Services (contd.)
  • 67 Unauthorized Disclosure of Information
  • 68 Threats to Access Control
  • 69 Protection against Access Control Attacks
  • 70 Access Control Best Practices
  • 71 Access Control Best Practices (contd.)
  • 72 Quiz
  • 73 Summary
  • 74 Conclusion
7
Domain 06 – Security Assessment and Testing
  • 1 Domain 06—Security Assessment and Testing
  • 2 Objectives
  • 3 Security Assessment and Testing—Introduction
  • 4 Assessment and Test Strategies
  • 5 Vulnerability Assessment
  • 6 Penetration Testing
  • 7 Log Management
  • 8 Log Management—Advantages and Challenges
  • 9 Log Management—Best Practices
  • 10 Log Management—Operational Process
  • 11 Logged Events
  • 12 Synthetic Transactions
  • 13 Reasons to Use Synthetic Transactions
  • 14 Code Review and Testing
  • 15 Testing Techniques
  • 16 Security Testing in the SDLC
  • 17 Software Product Testing Levels
  • 18 Misuse Case Testing
  • 19 Misuse Case Testing—Scenarios
  • 20 Test Coverage Analysis
  • 21 Interface Testing
  • 22 API Testing (contd.)
  • 23 Interface Testing (contd.)
  • 24 GUI Testing
  • 25 Common Software Vulnerabilities
  • 26 Business Scenario
  • 27 Information Security Continuous Monitoring
  • 28 Information Security Continuous Monitoring—Strategy and Process
  • 29 Risk Evaluation and Control—Metrics
  • 30 Security Controls Monitoring Frequencies
  • 31 ISCM—Benefits
  • 32 Key Performance and Risk Indicators
  • 33 Internal and Third Party Audits
  • 34 Audit Frequency and Scope
  • 35 Statement on Auditing Standards No. 70
  • 36 Service Organization Controls
  • 37 SOC 1 Report
  • 38 SOC 2 Report
  • 39 SOC 2 Reports (contd.)
  • 40 SOC 3 Report00:41
  • 41 SOC 1, SOC 2, and SOC 3 Comparison
  • 42 Audit Process—Audit Preparation Phase
  • 43 Audit Process—Audit Phase
  • 44 Business Scenario
  • 45 Quiz
  • 46 Summary
  • 47 Conclusion
8
Domain 07 – Security Operations
  • 1 Domain 07—Security Operations
  • 2 Objectives
  • 3 Importance of Security Operations—Case Study
  • 4 Introduction to Investigations
  • 5 Investigation Challenges
  • 6 Investigations—Primary Activities
  • 7 Crime Scene
  • 8 Forensic Investigation Guidelines
  • 9 Incident Response Terminologies
  • 10 Incident Response Goals
  • 11 Incident Response Team
  • 12 Incident Response Procedures
  • 13 Incident Response Procedures (contd.)
  • 14 Incident Response Procedures (contd.)
  • 15 Incident Response Procedures (contd.)
  • 16 Business Scenario
  • 17 Evidence
  • 18 Evidence Lifecycle
  • 19 Chain of Evidence
  • 20 Types of Evidence
  • 21 Computer Forensics Procedure
  • 22 Requirements for Investigation Types
  • 23 Logging and Monitoring Activities
  • 24 Intrusion Detection System
  • 25 Intrusion Prevention System
  • 26 Security Information and Event Management (SIEM)
  • 27 Security Information and Event Management (SIEM)—Characteristics
  • 28 Continuous Monitoring
  • 29 Egress Filtering
  • 30 Data Leak or Loss Prevention (DLP)
  • 31 Steganography and Digital Watermarking
  • 32 Business Scenario
  • 33 Secure Provisioning of Resources through Configuration Management
  • 34 Secure Provisioning of Resources through Configuration Management (contd.)
  • 35 Introduction to Security Operations
  • 36 Security Operations Concepts
  • 37 Security Operations
  • 38 Effects of Operations Controls on C.I.A.
  • 39 Business Scenario
  • 40 Operational Resilience
  • 41 Threats to Operations
  • 42 Threats to Operations (contd.)
  • 43 Vulnerabilities
  • 44 Controls
  • 45 Business Scenario
  • 46 Need for Controlling Privileged Accounts
  • 47 Identity and Access Management
  • 48 Types of Accounts
  • 49 Commonly Used Roles
  • 50 Commonly Used Roles (contd.)
  • 51 Monitoring Special Privileges
  • 52 Service Level Agreements (SLAs)
  • 53 Business Scenario
  • 54 Protect Valuable Assets
  • 55 Protecting Physical Assets
  • 56 Protecting Information Assets
  • 57 Protecting Resources
  • 58 Controls for Protecting Assets—Hardware Controls
  • 59 Controls for Protecting Assets—Software Controls
  • 60 Controls for Protecting Assets—Media Controls
  • 61 Controls for Protecting Assets—Administrative Controls
  • 62 Cloud and Virtual Storage
  • 63 Cloud and Virtual Storage Security Issues
  • 64 Types of Virtualized Storage
  • 65 Hard Copy Records
  • 66 Business Scenario
  • 67 Incident Management
  • 68 Security Measurements, Metrics, and Reporting
  • 69 Managing Security Technologies
  • 70 Incident Management—Detection Phase
  • 71 Intrusion Detection System
  • 72 Security Information Event Management (SIEM)
  • 73 Anti-Malware Systems
  • 74 Monitoring Techniques—Violation Analysis
  • 75 Incident Management—Other Phases
  • 76 Trusted Recovery and System Recovery
  • 77 Problem Management
  • 78 Operating and Maintaining Preventive Measures
  • 79 Patch Management
  • 80 Vulnerability Management
  • 81 Change Management
  • 82 Change Control Process
  • 83 Configuration Management
  • 84 Configuration Management (contd.)
  • 85 Business Scenario
  • 86 Develop a Recovery Strategy
  • 87 Types of Recovery—Business Recovery and Facility and Supply Recovery
  • 88 Types of Recovery—User Recovery
  • 89 Types of Recovery—Operational Recovery
  • 90 Recovery Partners Strategy
  • 91 Backup Sites
  • 92 Backup Sites (contd.)
  • 93 Backup Sites (contd.)
  • 94 Backup Methods
  • 95 Importance of Maintaining Resilient Systems
  • 96 Redundancy and Fault Tolerance
  • 97 Redundancy and Fault Tolerance Methods
  • 98 Redundancy and Fault Tolerance Methods (contd.)
  • 99 Best Practices for Backup and Recovery
  • 100 Business Scenario
  • 101 Disaster Recovery—Planning Design and Development
  • 102 Planning Design and Development—Step 1 and Step 2
  • 103 Planning Design and Development—Step 3 and Step 4
  • 104 Disaster Recovery Phases—Implementation, Testing, and Training
  • 105 Importance of Testing
  • 106 Types of Testing
  • 107 Types of Testing (contd.)
  • 108 Types of Testing (contd.)
  • 109 Training
  • 110 Disaster Recovery Phases—Maintenance
  • 111 Disaster Recovery Phases—Maintenance (contd.)
  • 112 Business Scenario
  • 113 Perimeter Security
  • 114 Barriers
  • 115 Fences
  • 116 Gates
  • 117 Walls and Bollards
  • 118 Perimeter Intrusion Detection
  • 119 Business Scenario
  • 120 Importance of Lighting
  • 121 Types of Lighting Systems
  • 122 Types of Lights
  • 123 Access Control
  • 124 Types of Access Control Systems
  • 125 Business Scenario
  • 126 Building and Inside Security
  • 127 Personnel Security
  • 128 Business Scenario
  • 129 Quiz
  • 130 Summary
  • 131 Conclusion
9
Domain 08 – Software Development Security
  • 1 Domain 08 - Software Development Security
  • 2 Objectives
  • 3 Importance of Software Development Security
  • 4 System Environments
  • 5 Distributed Environment
  • 6 Client/Server Systems and Local Environment
  • 7 Distributed Data Processing and Agents
  • 8 Applets
  • 9 Programming Concepts
  • 8.010 Complier Vs Interpreter
  • 11 Programming and Software
  • 12 Threats in the Software Environment
  • 13 Threats in the Software Environment (contd.)
  • 14 Threats in the Software Environment (contd.)
  • 15 Threats in the Software Environment (contd.)
  • 16 Threats in the Software Environment (contd.)
  • 17 Threats in the Software Environment (contd.)
  • 18 Business Scenario
  • 19 System Life Cycle and Systems Development
  • 20 Systems Development Life Cycle
  • 21 SDLC—Operation and Maintenance
  • 22 Integrated Product Team (IPT)
  • 23 DevOps
  • 24 Software Testing Methods
  • 25 Software Testing Levels
  • 26 Application Controls
  • 27 Software Development Methods
  • 28 Software Development Methods (contd.)
  • 29 Software Development Methods (contd.)
  • 30 Software Development Methods (contd.)
  • 31 Software Development Methods (contd.)
  • 32 Java Security
  • 33 Secure Software Development Best Practices
  • 34 Business Scenario
  • 35 Object - Oriented Programming Terms
  • 36 Object - Oriented Programming Terms (contd.)
  • 37 Object-Oriented Programming—Definition
  • 38 Distributed Object-Oriented Systems
  • 39 Object Request Brokers
  • 40 COM—Component Object Model
  • 41 DCOM—Distributed Component Object Model
  • 42 CORBA—Common Object Request Broker Architecture
  • 43 Software Security and Assurance
  • 44 Software Security and Assurance (contd.)
  • 45 Software Security and Assurance (contd.)
  • 46 Software Security and Assurance (contd.)
  • 47 Software Security and Assurance (contd.)
  • 48 Software Security and Assurance (contd.)
  • 49 Software Security and Assurance (contd.)
  • 50 Software Security and Assurance (contd.)
  • 51 Software Security and Assurance (contd.)
  • 52 Software Security and Assurance (contd.)
  • 53 Software Security and Assurance (contd.)
  • 54 Software Security and Assurance (contd.)
  • 55 Software Security and Assurance (contd.)
  • 56 Software Security : XML and Security Assertion Markup Language
  • 57 Software Security: SOA
  • 58 Audit and Assurance Mechanisms
  • 59 Assessing the Effectiveness of Software Security
  • 60 Assessing the Effectiveness of Software Security (contd.)
  • 61 Assessing the Security Impact of Acquired Software
  • 62 Code Repositories and Application Programming Interfaces
  • 63 Business Scenario
  • 64 Database and Data Warehousing Environments
  • 65 Database Terms
  • 66 Types of Databases
  • 67 Types of Databases (contd.)
  • 68 Types of Databases (contd.)
  • 69 Types of Databases (contd.)
  • 70 Types of Databases (contd.)
  • 71 Database—Threats and Vulnerabilities
  • 72 Introduction to Data Warehousing
  • 73 Data Warehousing Concepts
  • 74 Database Normalization
  • 75 DBMS Controls
  • 76 Business Scenario
  • 77 Malwares—Types
  • 78 Malware Protection
  • 79 Business Scenario
  • 80 Importance and Role of Knowledge Management
  • 81 Knowledge-Based System/Artificial Intelligence
  • 82 Knowledge-Based System—Expert System
  • 83 Knowledge-Based System—Neural Network
  • 84 Web Application Environment—Threats and Vulnerabilities
  • 85 Web Application Environment Security
  • 86 Web Application Environment Security (contd.)
  • 87 Web Application Environment Security (contd.)
  • 88 Web Application Environment Security (contd.)
  • 89 The Ten Best Practices for Secure Software Development—(ISC)2
  • 90 Quiz
  • 91 Summary
  • 92 Conclusion
All our highly-qualified trainers are CISSP certified with more than 16 years of experience working in the domain.
After successful completion of the CISSP training, you will be awarded the course completion certificate along with the 30 hours CPE`s certificate from Simplilearn.
Online classroom training for CISSP is conducted via online live streaming by a CISSP certified trainer with over 16 years of work experience. The class is attended by a global audience to enrich your learning experience.
All of the classes are conducted live online. They are interactive sessions that enable you to ask questions and participate in discussions during class time. We do, however, provide recordings of each session you attend for your future reference.
The tools you’ll need to attend training are: Windows: Windows XP SP3 or higher Mac: OSX 10.6 or higher Internet speed: Preferably 512 Kbps or higher Headset, speakers and microphone: You’ll need headphones or speakers to hear instruction clearly, as well as a microphone to talk to others. You can use a headset with a built-in microphone, or separate speakers and microphone.
You will get access to our e-learning content along with the practice simulation tests, complemented by our tips and tricks videos that help you tackle the toughest exam questions. You will also get an online participant handbook with cross references to the e-learning segments for learning reinforcement.
No. The exam fee is not included. You can directly schedule your exam through www.pearsonvue.com as mentioned in the steps above. Exam Fee is included for Americas, Canada and Europe regions only.
The CISSP Exam has moved to an adaptive testing platform so the exam would have questions between 100-150 multiple choice questions. The duration of the exam is 3 hours.
The CISSP exam voucher cost is $699
Yes, we can assist you in the exam application process. You can state your queries on community.simplilearn.com and get them answered along with any other query or concern that you might have about the course.
With a hands-on learning approach, the training not only gives you the confidence to clear the exam but also helps you retain the knowledge beyond the examination.
Yes, you can cancel your enrollment. We provide you a refund after deducting the administration fee. To know more, please go through our Refund Policy.
Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives can provide you with more details.
Simplilearn has a well-defined certification process that helps you face the challenges of the IT world. You need to meet following conditions to unlock the certificate. You need to complete at least 85% of the course or attend one complete batch. If your course has simulation exams you will need to complete them with the minimum passing score. You need to submit a project for approval by our panel of subject matter experts. If your project is rejected, our subject matter experts will provide all necessary help to receive approval of your project in your next attempt.
All of our highly qualified trainers are industry experts with at least 16 years of work experience in the field, including 10-12 years of relevant teaching experience. Each of them has gone through a rigorous selection process that includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating remain on our faculty.
Our teaching assistants are a dedicated team of subject matter experts here to help you get certified on your first attempt. They engage students proactively to ensure the course path is being followed and help you enrich your learning experience, from class onboarding to project mentoring and job assistance. Teaching Assistance is available during business hours.
We offer 24/7 support through email, chat, and calls. We also have a dedicated team that provides on demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.
No announcements at this moment.

Be the first to add a review.

Please, login to leave a review
Get now
Duration: 32 hours of instructor-led training
Lectures: 9
Level: Intermediate