Login to Course Campus | Call Us: 1-877-797-2799  

 

Microsoft Course Listings

Certified Information Systems Security Professional (CISSP)

Overview
Skills Taught
Audience
 Prerequisites
Outline
Duration: 30 Hours
Skill Level: Intermediate
Certifications: CISSP
Delivery Type: Expert Encore

 

Description
More and more today companies rely on the network for the storage and fast retrieval of mission-critical corporate data and information. Securing these massive amounts of sensitive data is critical for the success of the organization and one of the main reasons that security has become one of the most important areas of IT specialization available. As the first ANSI ISO accredited credential in the field of information security the Certified Information Systems Security Professional (CISSP) certification provides information security a globally recognized standard of achievement. Considered the gold standard in the information security realm this credential gives prospective employers an invaluable tool in validating candidates’ expertise in securing an enterprise and provides global recognition for top information security professionals.

This expert-led course prepares learners for the examination requirement of this valuable certification focusing on the 10 domains covered by the Common Body of Knowledge (CBK) as outlined by the ISC2 organization: Access Control Systems and Methodology Applications and Systems Development Security Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) Cryptography Law Investigation and Ethics Operations Security Physical Security Security Architecture and Models Security Management Practices Telecommunications and Network Security

Skills Taught
After completing this course, the student should be able to:

  • Understand laws on and about computer crime.
  • Develop a business continuity plan.
  • Perform security audits.
  • Understand the systems development life cycle.
  • Understand methods used to attack resources.
  • Implement proper change control.
  • Secure data as it crosses the network.
  • Configure proper access rights and permissions Implement access control.
  • Perform in depth risk analysis.
  • Implement solid security practices.

Audience
This course is beneficial to any system or field engineers responsible for any aspect of network security. This course is a must for any students attempting the CISSP certification and is ideal for mid- and senior-level managers who are working toward or have already attained positions as CISOs CSOs or Senior Security Engineers.

Prerequisites
A minimum of three years of direct full-time security professional work experience in one or more of the ten domains covered by the Common Body of Knowledge (CBK) is recommended.

Outline
Module 1: Introduction
  • Information Security
  • The CISSP CBK
  • Security Concerns
  • The CIA Triad
Module 2: Access Control Systems and Methodology
  • Access Control Overview
  • Identification and Authentication
  • Access Control Techniques
  • Access Control Administration
  • Monitoring and Intrusion Detection
Module 3: Telecommunications Network and Internet Security
  • Security Overview
  • Internet Intranet and Extranet Security
  • TCP/IP
  • LANs WANs and VPNs
  • Network Layer Security Protocols
  • Transport Layer Security
  • Application Layer Security Protocols
Module 4: Security Management Practices
  • Security Overview
  • Data Classification
  • Employment Policies and Practices
  • Risk Management
  • Roles and Responsibilities
Module 5: Application Development Security
  • Application Development Introduction
  • Malicious Code
  • Methods of Attack
  • Databases and Data Warehousing
  • Knowledge-Based Systems
  • Systems Development Life Cycle
  • Security and Protection
Module 6: Cryptography
  • Cryptographic Terms and Technologies
  • Message Authentication
  • Certificate Authority
Module 7: Security Architecture and Models
  • Common Computer Architectures and Designs
  • Storage Types
  • Principles of Common Security Models
  • Common Flaws and Security Issues with System Architectures and Designs
  • Timing Attacks
Module 8: Operations Security
  • Operations Security Overview
  • Security Audits
  • Violation Analysis
  • Auditing
  • Monitoring
  • Resource Protection
  • E-Mail Security
  • The Web
  • File Transfer
  • Anatomy of an Attack
  • Separation of Duties and Responsibilities
Module 9: Business Continuity Planning
  • Business Continuity Plan Process
  • Recovery
  • Primary Strategies
  • Assurance and Trust
Module 10: Computer Crime
  • Types of Computer Crime
  • Major Categories of Laws
  • Computer Crime-Related Laws
  • Due Care
  • Investigation and Ethics
Module 11: Physical Security
  • Introduction to Physical Security
  • The Perimeter
  • Inside the Building
  • Intrusion Detection Systems
  • Compartmentalized Areas