CISSP Training

CISSP is vendor-neutral and renowned worldwide as a merit of achievement, in part due to it being the first Information Security certification to meet the rigorous requirements of ISO/IEC Standard 17024.

REASONS TO CHOOSE

A globally acknowledged certification
A crucial requirement for anyone wishing to establish a senior career in Information Systems Security
This training course covers all eight domains of Information Security
Obtain extensive knowledge of how to protect organisations from cyber attacks
Enhance your earning potential

View courses

Duration

Online Instructor-led (5 days)

Classroom (5 days)

Online Self-paced (40 hours)

Certified Information Systems Security Professional Course Outline

Domain 1: Security and Risk Management

Understand and Apply Security Concepts
Evaluate and Apply Security Governance Principles
Determine Compliance and Other Requirements
Legal and Regulatory Issues that Pertain to Information Security in a Global Context
Requirements for Investigation Types
Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
Identify, Analyse, and Prioritise Business Continuity (BC) Requirements
Contribute to and Enforce Personnel Security Policies and Procedures
Understand and Apply Risk Management Concepts
Understand and Apply Threat Modelling Concepts and Methodologies
Apply Supply Chain Risk Management (SCRM) Concepts
Establish and Maintain a Security Awareness, Education, and Training Program

Domain 2: Asset Security

Identify and Classify Information and Assets
Establish Information and Asset Handling Requirements
Provision Resources Securely
Manage Data Lifecycle
Ensure Appropriate Asset Retention
Data Security Controls and Compliance Requirements

Domain 3: Security Architecture and Engineering

Research, Implement, and Manage Engineering Processes Using Secure Design Principles
Fundamental Concepts of Security Models
Select Controls Based Upon Systems Security Requirements
Security Capabilities of Information Systems
Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
Cryptographic Life Cycle
Methods of Cryptanalytic Attacks
Apply Security Principles to Site and Facility Design
Design Site and Facility Security Controls

Domain 4: Communication and Network Security

Implement Secure Design Principles in Network Architectures
Secure Network Components
Implement Secure Communication Channels According to Design

Domain 5: Identity and Access Management (IAM)

Control Physical and Logical Access to Assets
Manage Identification and Authentication of People, Devices, and Services
Integrate Identity as a Third-Party Service
Implement and Manage Authorisation Mechanisms
Manage the Identity and Access Provisioning Lifecycle
Implement Authentication Systems

Domain 6: Security Assessment and Testing

Design and Validate Assessment, Test, and Audit Strategies
Conduct Security Control Testing
Collect Security Process Data
Analyse Test Output and Generate Report
Conduct or Facilitate Security Audits

Domain 7: Security Operations

Understand and Support Investigations
Requirements for Investigation Types
Conduct Logging and Monitoring Activities
Securely Provisioning Resources
Understand and Apply Foundational Security Operations Concepts
Apply Resource Protection Techniques
Conduct Incident Management
Operate and Maintain Detective and Preventative Measures
Implement and Support Patch and Vulnerability Management
Participate in Change Management Processes
Implement Recovery Strategies

Domain 8: Software Development Security

Integrate Security in the Software Development Life Cycle (SDLC)
Identify and Apply Security Controls in Development Environments
Assess the Effectiveness of Software Security
Assess Security Impact of Acquired Software
Define and Apply Secure Coding Guidelines and Standards

More information

See dates & prices

Prerequisites for CISSP Certification Course

There are no formal prerequisites in this Certified Information Systems Security Professional (CISSP) course. However, having prior knowledge of IS Security will be much more beneficial for delegates.

Who should attend this CISSP Certification course?

This Certified Information Systems Security Professional (CISSP) training course is suitable for anyone who wants to gain in-depth knowledge about IS Security. However, this course will be more beneficial for:

Chief Information Security Officers
Chief Security Officers
Senior Security Engineers
Security Consultants
Security Managers
Security Auditors
Security Architects
Network Architects

Certified Information Systems Security Professional Course Overview

CISSP (Certified Information Systems Security Professional) is an information security certification. It is a vendor-neutral standard to validate the technical skills and knowledge of the IT security professionals for implementing and managing a security program. Information Systems Security (InfoSec) refers to the methodologies and processes associated with saving information private, available, and ensuring its integrity. With great InfoSec, an organisation can reduce their risk of external and internal attacks on information technology systems. Organisations can also guard important data from cyber-attacks, assure business continuity, and give all stakeholders satisfaction by preserving confidential information secure from security threats. This training will help learners add skills to their profile, which will help them climb the ladder of success in terms of value and career opportunities.

Our 5-day Certified Information Systems Security Professional (CISSP) Training course aims to provide delegates with a comprehensive knowledge of IS Security. During this course, delegates will learn about various essential topics such as managing data lifecycle, cryptographic lifecycle, securing network components, collecting security process data, applying resource protection techniques, and many more. Our highly professional trainer with years of experience in teaching such courses will conduct this training course and will help you get a complete understanding of this course.

This training will also cover the following concepts:

Requirements for investigation types
Ensure appropriate asset retention
Methods of cryptanalytic attacks
Integrate identity as a third-party service
Analyse test output and generate the report
Securely provisioning resources
Software development security

At the end of this Certified Information Systems Security Professional (CISSP) Training course, delegates will be able to integrate security in the Software Development Life Cycle (SDLC) effectively. They will also be able to implement secure communication channels properly according to the design.

The Knowledge Academy also provides more such courses, including ISSAP Training & Certification and Chief Information Security Officer Training under CISSP Training that can help you develop essential skills to enhance your career opportunities in this field.

More information

See dates & prices

What's included in this CISSP Certification Training Course?

This CISSP course will include:

Exam Pass Guarantee
Course Completion Certificate
Experienced Instructor
Refreshments

More information

See dates & prices

More information

See dates & prices

Duration

Online Instructor-led (4 days)

Classroom (4 days)

Online Self-paced (32 hours)

CISSP-ISSAP Training & Certification Outline

The bulk of the course will consist of reviews of the material from each of the six CISSP-ISSAP domains:

Competence of the Six Major Domains of the Information Systems Security Architecture Professional (ISSAP) Concentration
Consultative and Analytical Process of Information Security
Key Concepts and Requirements
The Framework of Architecture and Design
The Six Domains of the CISSP-ISSAP CBK
Access Control Systems and Methodology
Critical Requirements
Physical Infrastructure
Cryptography
Cryptographic Methodologies
Communication, Compromise, and Misuse
Physical Security Integration
Physical Security and Personnel Controls
Information Systems Security Model
Requirements Analysis and Security Standards
Awareness of Threats
Identification of the Risks and Values of Data
Business Continuity Planning (BCP)
Disaster Recovery Planning (DRP)
Telecommunications and Network Security

This teaching will be supported by discussion sessions and exercises to help you understand and master the material. There will also be final exam preparation and the chance to try practice questions.

More information

See dates & prices

Who should attend this CISSP-ISSAP Training Course?

CISSP-ISSAP is aimed at CISSP holders who wish to demonstrate their knowledge of Systems Security Architecture. It is ideal for:

System Architects
Chief Technology Officers
System and Network Designers
Business Analysts
Chief Security Officers

Prerequisites

The course itself has no prerequisites, but the certification does.
To receive ISSAP certification, you must hold the CISSP certification in good standing and must possess two years cumulative, paid work experience in one or more of the six CISSP-ISSAP domains.

CISSP-ISSAP Training & Certification Overview

This CISSP-ISSAP course is designed as a rigorous preparation for the ISSAP exam. The 4-day course reviews all six practice areas of exam as drawn from the (ISC)² Common Body of Knowledge (CBK), providing a complete revision programme for those wishing to receive ISSAP certification. It also includes knowledge assessments, discussions, exercises, practical questions, and more.

More information

See dates & prices

What's included in this CISSP-ISSAP Training Course?

The following is included with this course:

The Knowledge Academy's CISSP-ISSAP Training & Certification Manual
Experienced Instructor
Completion Certificate
Refreshments

CISSP-ISSAP Training & Certification Exam

This course does not include the ISSAP exam; it must be booked separately through Pearson VUE. The exam tests knowledge across the six CISSP-ISSAP domains. It consists of 125 questions and lasts 3 hours. It is marked on a 1000 point scale and the pass mark is 700 out of 1000.

More information

See dates & prices

More information

See dates & prices

Duration

Online Instructor-led (3 days)

Classroom (3 days)

Online Self-paced (24 hours)

Chief Information Security Officer Training Course Outline

Module 1: Governance and Risk Management

Governance
Information Security Management Structure
Principles of Information Security
Risk Management
Management and Technical Information Security Elements
Compliance
Privacy
- Privacy Impact Assessment
- Privacy and Security
Laws and Regulatory Drivers
Standards and Frameworks
- ISO/IEC 27000 Series
- ISO/IEC 27001
- NIST Cybersecurity Framework
- Federal Information Processing Standards
- NIST Special Publications
- Privacy Shield
- COBIT
Information Security Trends and Best Practices
- Open Web Application Security Project
- Cloud Security Alliance
- Centre for Internet Security
Information Security Training and Certifications
Ethics

Module 2: Information Security Controls, Compliance, and Audit Management

Information Security Controls
- Control Fundamentals
- Control Frameworks
Information Security Control Life Cycle Frameworks
- NIST Risk Management Framework
- NIST Cybersecurity Framework
- ISO/IEC 27000
Information Security Control Life Cycle
- Risk Assessment
- Design
- Implementation
- Assessment
- Monitoring
Exploring Information Security Control Frameworks
Auditing for the CISO
- Audit Management
- Audit Process
- Control Self-Assessments
- Continuous Auditing
- Specific Types of Audits and Assessments

Module 3: Security Programme Management and Operations

Security Programme Management
- Security Areas of Focus
- Security Streams of Work
- Asset Security Management
- Security Projects
Security Programme Budgets, Finance, and Cost Control
- Establishing the Budget
- Managing and Monitoring Spending
Security Programme Resource Management: Building the Security Team
- Project Management
- Project Management Fundamentals
Project Management
- Phases of Project Management
- Initiating
- Planning
- Executing
- Monitoring and Controlling
- Closing

Module 4: Information Security Core Competencies

Malicious Software and Attacks
- Malware
- Scripting and Vulnerability – Specific Attacks
Social Engineering
- Types of Social Engineering Attacks
- Why Employees Are Susceptible to Social Engineering
- Social Engineering Defences
Asset Security
- Asset Inventory and Configuration
- Management
- Secure Configuration Baselines
- Vulnerability Management
- Asset Security Techniques
Data Security
- Data at Rest
- Data in Transit
- Data in Use
- Data Life Cycle
Identity and Access Management
- Identity and Access Management Fundamentals
- Identity Management Technologies
- Authentication Factors and Mechanisms
- Access Control Principles
- Access Control Models
- Access Control Administration
- Identity and Access Management Life Cycle
Communication and Network Security
- WANs and LANs
- IP Addressing
- Network Address Translation
- Network Protocols and Communications
- Wireless
- Network Technologies and Defences
Cryptography
- Cryptographic Definitions
- Cryptographic Services
- Symmetric, Asymmetric, and Hybrid Cryptosystems
- Hash Algorithm s
- Message Authentication Codes
- Digital Signatures
- Public Key Infrastructure
Cloud Security
- Cloud Computing Characteristics
- Cloud Deployment Models
- Cloud Service Models
- Cloud Security Risks and Assurance Levels
- Cloud Security Resources
Physical Security
- Physical Security Threats
- Physical Security Programme Planning
- Physical Security Resources
- Physical Security Controls
- Physical Security Auditing and Measurement
Personnel Security
- Software Development Security
- Integrating Security into the SDLC
- Security SDLC Roles and Responsibilities
- Software Vulnerabilities
- Secure Coding Practices
- Software Vulnerability Analysis and Assessments
Forensics, Incident Handling, and Investigations
- Relevant Law
- Logging and Monitoring
- Incident Response and Investigations
- Forensics and Digital Evidence
Security Assessment and Testing
- Vulnerability Assessments
- Penetration Testing
- Regulatory Compliance Assessments
- Security Programme Assessments
Business Continuity and Disaster Recovery
- Continuity Planning Initiation
- Business Impact Analysis
- Identify Preventive Controls
- Develop Recovery Strategies and Solutions
- Develop the Plan
- Test the Plan
- Maintain the Plan

Module 5: Strategic Planning, Finance, Procurement, and Vendor Management

Strategic Planning
- Organisational Strategic Planning
- Organisational Strategic Planning Teams
- Strategic Planning Process
- Security Strategic Plan
Making Security Decisions
Financial Management
- Accounting and Finance Basics
- Information Security Annual Budget
Procurement and Vendor Management
- Procurement Core Principles and Processes
- Types of Contracts
- Scope Agreements
- Third-Party Vendor Risk Management

More information

See dates & prices

Prerequisites

In this Chief Information Security Officer (CISO) Training course, there are no formal prerequisites.

Audience

This Chief Information Security Officer (CISO) Training is designed for anyone who wants to reach a top-level position in the information security profession. However, this course is more beneficial for Information Security Officers and Digital Security Managers.

Chief Information Security Officer Training Course Overview

Chief Information Security Officer (CISO) is a high-rank executive who creates and executes security programmes to assure that organisation's technologies and data are secured from external and internal threats. A CISO (Chief Information Security Officer) can take on various responsibilities and duties depending on the hierarchy, size, industry, and regulations suitable to the organisation. Organisations that have a Chief Information Security Officer realise many benefits like reduced risks and limited liability issues. So, individuals holding great skills, knowledge, and abilities to perform the duties of Chief Information Security Officer are highly in demand by the various multinational organisations.

This 3-day Chief Information Security Officer Training course aims to provide delegates with a comprehensive knowledge of Information Security Officer roles and responsibilities. During this course, delegates will learn about assessing and monitoring information security control life cycle. They will also learn about the information security controls, cryptography, physical security, security SDLC roles and responsibilities, organisational strategic planning, etc. Our highly professional trainer with years of experience in teaching information security courses will conduct this training course and help delegates get a complete understanding of CISO's roles and responsibilities.

This training will also cover the following concepts:

Information security management structure
Life cycle frameworks of information security control
Information security core competencies
Identity and access management life cycle
Communication and network security
Business continuity and disaster recovery
Financial management

At the end of this Chief Information Security Officer Training course, delegates will be able to use various principles and structures to manage information security effectively. They will be able to effectively access the management life cycle and deal with clients using different management technologies. They will also be able to use various network security technologies to secure the organisation's data.

More information

See dates & prices

Delegate pack consisting of course notes and exercises
Manual
Experienced Instructor

More information

See dates & prices

More information

See dates & prices

Duration

Online Instructor-led (1 days)

Classroom (1 days)

Online Self-paced (8 hours)

Information Systems Security Management Training Course Outline

Module 1: Information Systems

Introduction to Information Systems
Components
Types
Acquiring Information Systems and Services
Managing Information Systems
Information Systems Security and Control
Impacts of Information Security Systems

Module 2: Information Security

What is Information Security?
Need
Information Security Triad
Threats
Active and Passive Attacks
Password Security
Virtual Private Networks
Personal Information Security

Module 3: Information Security Types

Application Security
Infrastructure Security
Cloud Security
Cryptography
Incident Response
Vulnerability Management
Disaster Recovery

Module 4: Major Challenges to Information Systems Security

Networked Systems
Asymmetry Between Defence and Offense
Ease-Of-Use Compromises
Perimeter Defence
Use of Cots Components
Threats Posed by Insiders
Passive Defence

Module 5: Common Information Security Risks

Social Engineering Attacks
Advanced Persistent Threats (APT)
Insider Threats
Cryptojacking
Distributed Denial of Service (DDoS)
Ransomware
Man-in-the-Middle (MitM) Attacks

Module 6: Information Security Technologies

Firewalls
Security Incident and Event Management (SIEM)
Data Loss Prevention (DLP)
Intrusion Detection System (IPS)
User Behavioural Analytics (UBA)
Blockchain Cybersecurity
Endpoint Detection and Response (EDR)
Cloud Security Posture Management (CSPM)

More information

See dates & prices

Prerequisites

There are no formal prerequisites for attending this Information Systems Security Management Training.

Audience

This training is intended for everyone who wants to gain comprehensive knowledge of the practices to secure information over the internet.

Information Systems Security Management Training Course Overview

Information systems are a collection of interrelated components that work together to gather, analyse, store, and distribute information to aid organisational visualisation, collaboration, decision-making, and analysis. The main purpose of this training is to safeguard information, discover or correct security flaws, and document such incidents. Obtaining knowledge in this training will assist aspiring candidates with the methods to mitigate risks associated with information systems, significant challenges faced while managing those systems, and common security risks that can harm confidential data. Individuals with technical expertise and management skills will get high-profile designations with upgraded earnings.

This 1-day Information Systems Security Management Training course provides delegates with comprehensive knowledge of information systems and how to secure them. During this training, delegates will learn about cloud security to secure the data stored in the cloud. They will also learn about the cryptography methodology used to secure information through codes. Our highly skilled and professional trainer, with years of teaching experience, will conduct this training through their unique teaching methods.

Course Objectives

To prevent unauthorised access and destruction of the information
To maintain accuracy and completeness of the data through integrity
To verify the user for the input arriving at the destination from a trusted source
To trace the actions of an entity uniquely to that entity through accountability
To encrypt connection over the internet from a device to a network
To access a safe and secure way to connect users and devices remotely

At the end of this training course, delegates will be able to manage risks and ensure compliance with the information security policies. They will also be able to convert original text and information into code to encrypt it from intruders.

More information

See dates & prices

Delegate pack consisting of course notes and exercises
Courseware
Experienced Instructor

More information

See dates & prices

More information

See dates & prices

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on 01344203999 or Enquire.

Package deals

Our training experts have compiled a range of course packages to compliment a variety of categories in order to help fast track your career. The packages consist of the best possible qualifications in each industry and allows you to purchase multiple courses at a discounted rate.

Advanced Data Protection Bundle

Save upto 40%

4 courses

Included courses:

ISO 27001 Lead Auditor£1995

CISSP Certification Course£1995

Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner£1995

Systems Security Certified Practitioner (SSCP)£1795

Total without package: £7780

Package price: £4695 (Save £3085)

Purchase now

Complete Enterprise Architect Certification

Save upto 40%

4 courses

Included courses:

ITIL® 4 Foundation Certification Training Course£1495

TOGAF® Enterprise Architecture Foundation and Practitioner Training£1995

CISSP Certification Course£1995

Architecting on AWS - Associate Certification£1795

TOGAF® Enterprise Architecture Foundation and Practitioner Training

Total without package: £7280

Package price: £4395 (Save £2885)

Purchase now

Security Certification

Save upto 25%

4 courses

Included courses:

ISO 27001 Lead Auditor£1995

CISA Certified Information Systems Auditor£1995

CISM Certified Information Security Manager£1995

CISSP Certification Course£1995

CISA Certified Information Systems Auditor

Total without package: £7980

Package price: £5995 (Save £1985)

Purchase now

Information Security Bundle

Save upto 40%

3 courses

Included courses:

ISO 27001 Lead Auditor£1995

CISM Certified Information Security Manager£1995

CISSP Certification Course£1995

CISM Certified Information Security Manager

Total without package: £5985

Package price: £3595 (Save £2390)

Purchase now

Swipe for more. Don’t miss out!

CISSP Training FAQs

FAQ's

Do you offer training in my area?

We offer CISSP training courses in locations all over the UK, as well as abroad. We make it easy to find a training venue near you!

Does this course include the exam?

No, this CISSP training course does not include the exam. The exam will have to be booked separately through (ISC)2.

I don’t have the required experience, can I still enrol on a CISSP course?

Yes. Once you pass the CISSP exam, you become an associate of (ISC)2, then you will have up to six years to gain the relevant experience needed to officially become a CISSP.

How long is my CISSP Certification valid for?

An (ISC)2 CISSP certification is valid for three years in total. It is possible to retake the course and exam, or you can earn and submit 120 Continuing Professional Education credits (CPEs) during the three years.

What are Continuing Professional Education credits (CPEs)?

CPE credits are earned by participating in Continuing Professional Education activities. To maintain certifications, you can earn and submit the minimum number of credits required to maintain your certification. The minimum number of CPE credits required to maintain the validity of a CISSP certification is 120 over three years.

What are the best CISSP Training courses in the United Kingdom?

Please see our CISSP Training courses available in the United Kingdom

Which is the best training institute/provider of CISSP Training in the United Kingdom?

The Knowledge Academy is the Leading global training provider for CISSP Training.

What is the cost/training fees for CISSP Training certification in the United Kingdom

The price for CISSP Training certification in the United Kingdom starts from £.

Why we're the go to training provider for you

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS

Many delivery methods

Flexible delivery methods are available depending on your learning style.

High quality resources

Resources are included for a comprehensive learning experience.

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water