|
|
|
You Will Learn How To
- Prepare for CISSP Certification based on the (ISC)2 CBK
- Identify the access control mechanisms that create a security architecture and protect assets
- Recognize the cryptography principles, means and methods of disguising information
- Explore business continuity and disaster recovery planning for the preservation of business operations
- Examine core elements of network security including network structures and transmission methods
- Inspect the key security concepts for application software development
Course Benefits This course provides a comprehensive overview of information security concepts and industry best practices and is the only review course endorsed by (ISC) 2. In this course, you cover the ten CISSP domains as outlined in the (ISC) 2 CBK and analyze the latest information-system security issues. You also develop an individual study plan to enhance your exam preparation skills.
Who Should Attend Security professionals, government and military personnel seeking IAT-3, IAM-2 or IAM-3 certification to fulfill the DoD 8570.1 Directive, network security personnel and managers. Participants should be aware of the exam eligibility criteria established by (ISC) 2.
Workshop Course Throughout this course, you get an in-depth review of the ten CISSP domains as outlined by the (ISC) 2 CBK. Workshops include:
- Reviewing the ten domains of the CBK including application and network security and cryptography
- Uncovering areas to further develop and expand your exam preparedness
- Investigating the latest information-system security issues, concerns and countermeasures
- Reinforcing key areas of the CBK through numerous review sessions
Course 958 Content Information Security and Risk Management
- Introduction to (ISC)2 and the exam process
- The AIC (availability, integrity, confidentiality) triad
- Security awareness training and education
- Risk mitigation, quantitative and qualitative risk assessment, countermeasure selection
- Ethics: personal, corporate, professional
Access Control
Definitions
- Need to know, least privilege, separation of duties
- Information classification
Access control categories and types
- Threats: external and internal, natural, man-made
- Technologies: single sign on, Kerberos, temporal, biometrics
- Assurance mechanisms: IDS, IPS, logs, audits
Cryptography
Key concepts
- History: manual, mechanical, electronic, quantum systems
- Encryption systems: stream cipher, block ciphers
- Symmetric and asymmetric algorithms
Integrity controls
- MD5
- SHA-1
- CBC-MAC
- Digital signatures: DSS
- Cryptographic systems: keys, recovery, PKI, trust models
- Attacks: plaintext and ciphertext, slide, side channel
Physical Security
Definitions
Site location
- The Layered Defense Model
- Infrastructure support systems
- Equipment protection: theft, damage
Security Architecture and Design
Components and principles
- System security: zones, domains, ring-based protection
- Hardware: CPU, memory, communications devices
- Software: operating systems, utilities, applications
Security models and architecture theory
- Bell LaPadula
- Biba
- Clark-Wilson
- Integrity models
- Security evaluation methods and criteria
Business Continuity Planning and Disaster Recovery Planning
Project scope development and planning
- Business impact analysis
- Emergency assessment: incident response, mitigation
Continuity and recovery strategy
- Plan, design and development
- Implementation: testing techniques, awareness
- Restoration: rebuilding and return to normal
- Plan management: updating
Telecommunications and Network Security
Central concepts
- Analog vs. digital
- Synchronous vs. asynchronous
- Circuit vs. packet switched traffic
Networks
- LAN
- WAN
- DMZ
- Internet
- Remote access: RADIUS, TACACS+
- Network components: switch, router, ATM, MPLS
- Telephony: VoIP, PBX
Application Security
System life cycle security
- SDLC phases
- Application environment and security controls
Applications
- Programming languages and tools: compilers, interpreters
- Databases and data warehouses: data mining and DBMS
- Applications systems threats and vulnerabilities: malware
- Applications security controls: implementation testing
Operations Security
- Resource protection: equipment, operations areas, personnel
- Change control management
- Physical security controls: controlled access
- Privileged entity control: administrators, operators
Legal, Regulations, Compliance and Investigation
- Major legal systems: intellectual property, computer crime
- Legal concepts: due care versus due diligence
- Regulatory issues: privacy, financial compliance
- Investigation: chain of custody and evidence gathering
- Computer forensics and investigation
|
<< Back to Network Training and PC/Mac Support Course List
(ISC) 2, CISSP, and CBK are registered marks of the International Information Systems Security Certification Consortium in the United States and other countries.
|
|
|
Training Dates
US Dates | | Mar 26 - 30 | Reston, VA enrol | | Apr 16 - 20 | Alexandria, VA enrol | | Apr 30 - May 4 | Rockville, MD enrol | | May 21 - 25 | New York enrol | | Jul 23 - 27 | Reston, VA enrol | | Aug 6 - 10 | Alexandria, VA enrol | | Aug 27 - 31 | Rockville, MD enrol | | Sep 17 - 21 | New York enrol | | Oct 15 - 19 | Reston, VA enrol | | Dec 17 - 21 | Reston, VA enrol |
More Dates and Locations.
|
|
|
|
On-Site &
Custom Training
Bring this or any Learning Tree course to your location or have it customized for your organization.
|
Course participants preparing for the CISSP Certification Exam.
|
|
Average Attendee Evaluation
|
Evaluations in the last 12 months |
|
5 stars:
|
|
73% |
|
4 stars:
|
|
24% |
|
3 stars:
|
|
3% |
|
2 stars:
|
|
0% |
|
1 star:
|
|
0% |
|
Special Course Information:
Included in Your Course Tuition:
An (ISC)2® exam voucher enables you to take the exam at any authorized (ISC)2® location.
Access to Transcender test preparation materials.
Please Note: No savings program may be applied to this Course.
|
|
E-mail 
Print 
Q&A 
PDF 
Facebook 
Twitter
