If you plan to build a career in information security – one of today’s most visible professions – and if you have at least five full years of experience in information security, then the (CISSP) credential should be your next career goal.

The CISSP was the first credential in the field of information security, accredited by the ANSI (American National Standards Institute) to ISO (International Standards Organization) Standard 17024:2003. CISSP certification is not only an objective measure of excellence, but a globally recognized standard of achievement.

Benefits of certification

• Demonstrates a working knowledge of information security

• Confirms commitment to profession

• Offers a career differentiator, with enhanced credibility and marketability

• Provides access to valuable resources, such as peer networking and idea exchange

 

Pre-requisites

The CISSP Certification program is targeted at professionals with at least 4 years of experience in the information security field or 3 years of experience and a bachelors degree. Please review the CISSP Certification web site for complete information about CISSP Certification rules and requirements.

Course Outline

The curriculum for the CISSP® seminar is under continuous review, ensuring current information relevant to the ten CBK® domains below. For additional details on the CBK®, download a copy of the CISSP® Study Guide from the (ISC)2 web site.
The following topics are presented:

Information Security & Risk Management - Security management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines.
Management tools such as data classification and risk assessment/analysis are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented.

Security Architecture and Design - The Security Architecture and Models domain contains the concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of availability, integrity, and confidentiality.

Access Control - Access controls are a collection of mechanisms that work together to create a security architecture to protect the assets of the information system.

Application Security - This domain addresses the important security concepts that apply to application software development. It outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security.

Operations Security - Operations Security is used to identify the controls over hardware, media, and the operators and administrators with access privileges to any of these resources. Audit and monitoring are the mechanisms, tools, and facilities that permit the identification of security events and subsequent actions to identify the key elements and report the pertinent information to the appropriate individual, group, or process.

Physical Security - The physical security domain provides protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources.

Cryptography - The cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity.

Telecommunications & Network Security - The telecommunications, network, and Internet security domain discusses the:

• Network Structures
• Transmission methods
• Transport formats
• Security measures used to provide availability, integrity, and confidentiality
• Authentication for transmissions over private and public communications networks and media.

Business Continuity & Disaster Recovery Planning - The Business Continuity Plan (BCP) domain addresses the preservation and recovery of business operations in the event of outages.

Legal, Regulations, Compliance & Investigations - The Law, Investigations, and Ethics domain addresses:

• Computer crime laws and regulations
• The measures and technologies used to investigate computer crime incidents

 

----Contact us for DETAILED Course Outlines----