By participating in this intensive five-day knowledge-focused training, you will be prepared by an expert to design, implement, and manage information security programs. This training is designed to help you prepare for the CISSP exam. |
Contents | Module 1: Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity) - Understand and Apply Concepts of Confidentiality, Integrity, and Availability
- Apply Security Governance Principles
- Compliance
- Understand Legal and Regulatory Issues that Pertain to Information Security in a Global Context
- Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines
- Understand Business Continuity Requirements
- Contribute to Personnel Security Policies
- Understand and Apply Risk Management Concepts
- Understand and Apply Threat Modeling
- Integrate Security Risk Considerations into Acquisitions Strategy and Practice
- Establish and Manage Security Education, Training, and Awareness
Module 2: Asset Security (Protecting Security of Assets) - Classify Information and Supporting Assets
- Determine and Maintain Ownership
- Protect Privacy
- Ensure Appropriate Retention
- Determine Data Security Controls
- Establish Handling Requirements
Module 3: Security Engineering (Engineering and Management of Security) - Implement and Manage an Engineering Life Cycle Using Security Design Principles
- Understand Fundamental Concepts of Security Models
- Select Controls and Countermeasures Based Upon Information Systems Security Standards
- Understand the Security Capabilities of Information Systems
- Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
- Assess and Mitigate Vulnerabilities in Web-based Systems
- Assess and Mitigate Vulnerabilities in Mobile Systems
- Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
- Apply Cryptography
- Apply Secure Principles to Site and Facility Design
- Design and Implement Facility Security
Module 4: Communications and Network Security (Designing and Protecting Network Security) - Apply Secure Design Principles to Network Architecture
- Securing Network Components
- Design and Establish Secure Communication Channels
- Prevent or Mitigate Network Attacks
Module 5: Identity and Access Management (Controlling Access and Managing Identity) - Control Physical and Logical Access to Assets
- Manage Identification and Authentication of People and Devices
- Integrate Identity as a Service (IDaaS)
- Integrate Third-Party Identity Services
- Implement and Manage Authorization Mechanisms
- Prevent or Mitigate Access Control Attacks
- Manage the Identity and Access Provisioning Life Cycle
Module 6: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) - Design and Validate Assessment and Test Strategies
- Conduct Security Control Testing
- Collect Security Process Data
- Conduct or Facilitate Internal and Third-Party Audits
Module 7: Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery) - Understand and Support Investigations
- Understand Requirements for Investigation Types
- Conduct Logging and Monitoring Activities
- Secure the Provisioning of Resources through Configuration Management
- Understand and Apply Foundational Security Operations Concepts
- Employ Resource Protection Techniques
- Conduct Incident Response
- Operate and Maintain Preventative Measures
- Implement and Support Patch and Vulnerability Management
- Participate in and Understand Change Management Processes
- Implement Recovery Strategies
- Implement Disaster Recovery Processes
- Test Disaster Recovery Plan
- Participate in Business Continuity Planning
- Implement and Manage Physical Security
- Participate in Personnel Safety
Module 8: Software Development Security (Understanding, Applying, and Enforcing Software Security) - Understand and Apply Security in the Software Development Life Cycle
- Enforce Security Controls in the Development Environment
- Assess the Effectiveness of Software Security
- Assess Software Acquisition Security
|