NewEra Technology Facebook
Certified Information System Security Professional - CISSP 2015 - Course Information
PRINT
SEND TO A FRIEND
Name: Certified Information System Security Professional - CISSP 2015
Category: ISC2
Length (Days): 5
Course Price (CAD): 3895
Description:
COURSE OBJECTIVES

Upon successful completion of this course, students will be able to:
Analyze information systems access control.
Analyze security architecture and design.
Analyze network security systems and telecommunications.
Analyze information security management goals.
Analyze information security classification and program development.
Analyze risk management criteria and ethical codes of conduct.
Analyze software development security.
Analyze cryptography characteristics and elements.
Analyze physical security.
Analyze operations security.
Apply Business Continuity and Disaster Recovery Plans.
Identify legal issues, regulations, compliance standards, and investigation practices relating to information systems security.
Prerequisites:
-
Outline:
1 - SECURITY & RISK MANAGEMENT

Security & Risk Management
Confidentiality, Integrity, and Availability
Security Governance
The Complete and Effective Security Program
Compliance
Global Legal and Regulatory Issues
Understand Professional Ethics
Develop and Implement Security Policy
Business Continuity (BC) & Disaster Recovery (DR) Requirements
Manage Personnel Security
Risk Management Concepts
Threat Modeling
Acquisitions Strategy and Practice
Security Education, Training, and Awareness

2 - ASSET SECURITY

Asset Security
Data Management: Determine and Maintain Ownership
Data Standards
Longevity and Use
Classify Information and Supporting Assets
Asset Management
Protect Privacy
Ensure Appropriate Retention
Determine Data Security Controls
Standards Selection

3 - SECURITY ENGINEERING

Security Engineering
The Engineering Lifecycle Using Security Design Principles
Fundamental Concepts of Security Models
Information Systems Security Evaluation Models
Security Capabilities of Information Systems
Vulnerabilities of Security Architectures
Database Security
Software and System Vulnerabilities and Threats
Vulnerabilities in Mobile Systems
Vulnerabilities in Embedded Devices and Cyber-Physical Systems
The Application and Use of Cryptography
Site and Facility Design Considerations
Site Planning
Implementation and Operation of Facilities Security

4 - COMMUNICATIONS & NETWORK SECURITY

Communications & Network Security
Secure Network Architecture and Design
Implications of Multi-Layer Protocols
Converged Protocols
Securing Network Components
Secure Communication Channels
Network Attacks

5 - IDENTIFY & ACCESS MANAGEMENT

Identity & Access Management
Physical and Logical Access to Assets
Identification and Authentication of People and Devices
Identity Management Implementation
Identity as a Service (IDaaS)
Integrate Third-Party Identity Services
Implement and Manage Authorization Mechanisms
Prevent or Mitigate Access Control Attacks
Identity and Access Provisioning Lifecycle

6 - SECURITY ASSESSMENT & TESTING

Security Assessment & Testing
Assessment and Test Strategies
Collect Security Process Data
Internal and Third-Party Audits

7 - SECURITY OPERATIONS

Security Operations
Investigations
Provisioning of Resources through Configuration Management
Resource Protection
Incident Response
Preventative Measures against Attacks
Patch and Vulnerability Management
Change and Configuration Management
The Disaster Recovery Process
Test Plan Review
Business Continuity and Other Risk Areas
Access Control
Personnel Safety

8 - SECURITY IN THE SOFTWARE DEVELOPMENT LIFE CYCLE

Security in the Software Development Life Cycle
Software Development Security Outline
Environment and Security Controls
Security of the Software Environment
Software Protection Mechanisms
Assess the Effectiveness of Software Security
Assess Software Acquisition Security

Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Guaranteed to run courses