Summary
Next Exam Dates:
Ottawa:
- Apr 14th or Aug 11th, 2012
Toronto:
- Jul 30th, Oct 1st, or Dec 17th, 2011
This 5-day instensive boot camp provides, detailed instruction, with thousands of exam preparation questions, and includes the exam voucher.
IMPORTANT - Learn more about CISSP Certification
The Certified Information Systems Security Professional (CISSP®) certification provides information security professionals with not only an objective measure of competence but also a globally recognized standard of achievement. This designation is the first credential accredited by ANSI to ISO Standard 17024:2003 in the field of information security.
The CISSP credential demonstrates competence in the 10 domains of the International Information Systems Security Certification Consortium (ISC)² CISSP® CBK®.
10 CISSP® CBK® Domains
- Access Control
- Application Security
- Business Continuity and Disaster Recovery Planning
- Cryptography
- Information Security and Risk Management
- Legal, Regulations, Compliance and Investigations
- Operations Security
- Physical (Environmental) Security
- Security Architecture and Design
- Telecommunications and Network Security
Audience
Professionals seeking comprehensive knowledge of security and possibly CISSP certification
Prerequisites
There are no pre-requisites to attend the seminar. However, not everyone will be qualified to take the exam or receive certification.
Certified Professional Exams
This course will help the student prepare for the following exam:
- CISSP Certified Information Systems Security Professional
Student Materials
The student kit includes a comprehensive workbook and other necessary materials for this class.
Course Outline
DOMAIN 1: Access Control
Access Control
- Introduction to Access Control
- Definitions and Key Concepts
- Information Classification and Access Control
- Information Protection Requirements
- Information Protection Environment
- Security Technology and Tools
- Centralized Access Control Methodologies
- Decentralized/Distributed Access Control Methodologies
- Access to Data
- Access Control Categories and Types
- Access Control Threats
- Access Control Technologies
- Assurance Mechanisms
- Assurance, Trust, and Confidence Mechanisms
- Intrusion Detection
- Information Protection and Management Services
- CBK
DOMAIN 2: Application Security
Application Security
- Introduction to Application Security
- Information Protection Requirements
- Information Protection Environment
- Open Source Code and Closed Source Code
- Software Environment
- The Database and Data Warehousing Environment
- DBMS Architecture
- Databases and Data Warehouses
- Database Interface Languages
- Security Assertion Markup Language (SAML)
- Data Warehousing
- Database Vulnerabilities and Threats
- Security Technology and Tools
- System Life Cycle and Systems Development
- System (Software) Development Methods
- Including Security in a Systems Development Method
- Programming Language and Security
- Software Protection Mechanisms
- DBMS Controls
- Assurance, Trust, and Confidence Mechanisms
- Information Integrity
- Information Accuracy
- Information Auditing
- Evaluation/Certification and Accreditation
- Applications Systems Threats and Vulnerabilities
- Applications Security Controls
- Information Protection and Management Services
- Configuration Management
- Summary
- CBK
DOMAIN 3: Business Continuity Planning and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning
- Introduction to Business Continuity and Disaster Recovery Planning
- Defining a Disaster
- Information Protection Requirements
- Information Protection Environment
- Project Scope Development and Planning
- Business Impact Analysis
- Emergency Assessment
- Continuity and Recovery Strategy
- Plan Design and Development
- Implementation
- Restoration
- Plan Management
- Security Technology and Tools
- Phase I: Project Management and Initiation
- Phase II: Business Impact Analysis (BIA)
- Phase III: Recovery Strategies
- Phase IV: Plan Development and Implementation
- Phase V: Testing, Maintenance, Awareness, and Training
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
- CBK
DOMAIN 4: Cryptography
Cryptography
- Introduction to Cryptography
- Key Concepts and Definitions
- History
- Information Protection Requirements
- Information Protection Environment
- Introduction
- Definitions
- Cryptanalysis and Attacks
- Import/Export Issues
- Security Technology and Tools
- Basic Concepts of Cryptography
- Encryption Systems
- Symmetric Key Cryptography Algorithms
- Asymmetric Key Cryptography Algorithms
- Message Integrity Controls
- Assurance, Trust, and Confidence Mechanisms
- Digital Signatures and Certificate Authorities
- Public Key Infrastructure (PKI)
- Management of Cryptographic Systems
- Information Protection and Management Services
- Key Management
- Key Management Functions
- Key Generation
- Distribution
- Installation
- Storage
- Change
- Control
- Disposal
- Modern Key Management
- Principles of Key Management
- Summary
- Threats and Attacks
- CBK
DOMAIN 5: Information Security and Risk Management
Information Security and Risk Management:
- Introduction to Information Security Management
- Purposes of Information Security Management
- Concepts: Confidentiality, Integrity, Availability
- Risk Analysis and Assessment
- Information Protection Requirements
- Information Protection Environment
- Security Technology and Tools
- Assurance, Trust, and Confidence Mechanisms
- Information Protection Management Service
- Information Classification
- Information Protection Requirements
- Information Protection Environment
- Security Technology and Tools
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
- Policies, Procedures, Standards, Baselines, Guidelines
- Information Protection Requirements
- Information Protection Environment
- Security Technology and Tools
- Information Protection Requirements
- Security Awareness Training and Education
- Information Protection Environment
- Social Engineering
- Risk Management
- Ethics
- Implementation (Delivery) Options
- Security Technology and Tools
- Assurance, Trust, and Confidence Mechanisms
- Information Protection Management Services
- CBK
DOMAIN 6: Legal, Regulations, Compliance and Investigation
- Legal, Regulations, Compliance and Investigations
- Introduction to Law
- Major Legal Systems
- Legal Concepts
- Information Protection Requirements
- Information Protection Environment
- Privacy
- Recommended Course of Action
- Security Technology and Tools
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
- Introduction to Regulations
- Introduction to Investigations
- Information Protection Requirements
- Information Protection Environment
- Security Technology and Tools
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
- Introduction to Computer Forensics
- Introduction to Ethics
- Information Protection Requirements
- Computer Ethics
- Information Protection Environment
- Security Technology and Tools
- Assurance, Trust and Confidence Mechanisms
- Information Protection and Management Services
- Summary
- CBK
DOMAIN 7: Operations Security
Operations Security
- Introduction to Operations Security
- Information Protection Requirements
- Information Protection Environment
- Security Technology and Tools
- Change Control Management
- Physical Security Controls
- Privileged Entity Control
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
- CBK
DOMAIN 8: Physical (Environmental) Security
Physical (Environmental) Security
- Introduction to Physical (Environmental) Security
- Definitions and Key Concepts
- Layered Defense Model
- Information Protection Requirements
- Information Protection Environment
- Site Location
- Equipment Protection
- Crime Prevention through Environmental Design (CPTED)
- Infrastructure Support Systems
- Security Technology and Tools
- Perimeter and Building Grounds Boundary Protection
- Building Entry Points
- Inside the Building: Building Floors, Office Suites, Offices
- Penetration (Intrusion) Detection Systems
- Assurance, Trust, and Confidence Mechanisms
- Drills/Exercises/Testing
- Vulnerability/ Penetration Tests
- Creating a Checklist
- Maintenance and Service
- Information Protection and Management Services
- Awareness and Training
- Summary
- CBK
DOMAIN 9: Security Architecture and Design
Security Architecture and Design
- Introduction to Security Architecture and Design
- Components and Principles
- System Security Techniques
- Information Protection Requirements
- The C-I-A Triad
- Information Protection Environment
- Platform Architecture
- Network Environment
- Enterprise Architecture
- Security Models
- Security Technology and Tools
- Assurance, Trust, and Confidence Mechanisms
- Trusted Computer Security Evaluation Criteria (TCSEC)
- The Trusted Network Interpretation (TNI)
- Information Technology Security Evaluation Criteria (ITSEC)
- The Common Criteria (CC)
- Certification and Accreditation
- Security Models and Architecture Theory
- Security Evaluation Methods and Criteria
- Information Protection and Management Services
- CBK
DOMAIN 10: Telecommunications and Network Security
Telecommunications and Network Security\
- Introduction to Telecommunications and Network Security
- Key Concepts and Definitions
- Information Protection Requirements
- Information Protection Environment
- Data Networks
- Remote Access Services
- Network Protocols
- Network Threats and Attacks
- Network Components
- Telephony
- Security Technology and Tools
- Content Filtering and Inspection
- Intrusion Detection
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
- CBK
Conclusion |
Ask your question online
Latest Tweet
