CISSP Certification | Certified Information Systems Security Professional Training

Introduction to CISSP

This CISSP course lasts 5 days and is designed to train delegates in all areas of the security Common Body of Knowledge, giving them everything they need to pass the official CISSP exam. Train with us and we guarantee you will pass your CISSP exam (see FAQs for details).

CISSP is the premier certification for demonstrating expertise in information security design and management. It is vendor-neutral, globally recognised and meets the rigorous ISO/IEC 17024 International Standard, making it an objective measure of excellence in security.

Prerequisites

CISSP is intended for security professionals with a minimum of either five years full-time paid work experience, or four years’ experience, plus an information security university degree, in two or more of the following 8 CISSP domains:

• Security and Risk Management
• Asset Security
• Security Engineering
• Communication and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

Don’t have the required experience? Not to worry. By passing the exam, you can become an Associate of (ISC)². You’ll then have 6 years to gain the experience required to become a CISSP.

- It is required that each participant purchases the following book, prior to attending this course:

Official (ISC)2 Guide to the CISSP CBK, Fourth Edition (ISC2 Press) Hardcover by Adam Gordon (Editor)

ISBN-10: 1482262754 

ISBN-13: 978-1482262759

Who Should Attend?

• The course is intended for anybody who works in or is looking a career in Information Security.

Course Structure

• The course consists of five days of classroom-based training
• The exam is computer based and must be booked separately through (ISC)2® here.

Course Content:

Security and Risk Management:

• Confidentiality, integrity, and availability concepts
• Security governance principles
• Compliance
• Legal and regulatory issues
• Professional ethic
• Security policies, standards, procedures and guidelines

Asset Security:

• Information and asset classification
• Ownership (e.g. data owners, system owners)
• Protect privacy
• Appropriate retention
• Data security controls
• Handling requirements (e.g. markings, labels, storage)

Security Engineering:

• Engineering processes using secure design principles
• Security models fundamental concepts
• Security evaluation models
• Security capabilities of information systems
• Security architectures, designs, and solution elements vulnerabilities
• Web-based systems vulnerabilities
• Mobile systems vulnerabilities
• Embedded devices and cyber-physical systems vulnerabilities
• Cryptography
• Site and facility design secure principles
• Physical security

Communication and Network Security:

• Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
• Secure network components
• Secure communication channels
• Network attacks

Identity and Access Management:

• Physical and logical assets control
• Identification and authentication of people and devices
• Identity as a service (e.g. cloud identity)
• Third-party identity services (e.g. on-premise)
• Access control attacks
• Identity and access provisioning lifecycle (e.g. provisioning review)

Security Assessment and Testing:

• Assessment and test strategies
• Security process data (e.g. management and operational controls)
• Security control testing
• Test outputs (e.g. automated, manual)
• Security architectures vulnerabilities

Security Operations:

• Investigations support and requirements
• Logging and monitoring activities
• Provisioning of resources
• Foundational security operations concepts
• Resource protection techniques
• Incident management
• Preventative measures
• Patch and vulnerability management
• Change management processes
• Recovery strategies
• Disaster recovery processes and plans
• Business continuity planning and exercises
• Physical security
• Personnel safety concerns

Software Development Security:

• Security in the software development lifecycle
• Development environment security controls
• Software security effectiveness
• Acquired software security impact

CISSP Exam:

• The CISSP exam is booked separately here and is taken at a Pearson Vue Test Centre
• The exam tests knowledge in the 8 domains of CISSP
• Multiple choice
• 6 hours
• 250 questions
• Computer-based
• Pass mark is a scaled score of 700/1000

Why choose The Knowledge Academy?

• You will receive world-class learning material, including presentation slides and exam guidance
• We make the learning experience enjoyable
• We are trusted by globally leading brands such as JP Morgan, HSBC and Sony as a learning partner of choice.
• We provide pre- and post-course support so you never feel alone
• All of our training is hands-on, using real-world examples
• As a market leader, we have an extremely high global pass rate
• Over 90% of our delegates come back to us for further training
• We have the best instructors in the industry which is reflected in our position as the market leader for professional qualifications
• We provide value for money and trained over 25,000 delegates last year
• We have some of the most luxurious course venues worldwide

What is CISSP?

CISSP (Certified Information Systems Security Professional) is a vendor-neutral information security certification demonstrating deep competence in designing, engineering and managing information security systems. It draws from an up-to-date, common body of knowledge which covers threats, technologies, regulations, standards and practices within information technology. The certification is provided by (ISC)² (International Information System Security Certification Consortium, Inc.), a globally recognised not-for-profit organisation dedicated to educating and certifying IT Security professionals around the world.

Benefits of CISSP

For employees:

• Helps you stand out in a competitive market of IT Security professionals
• Indicates deep technical knowledge and skills
• Shows commitment to the field of information security

For employers:

• Ensures your information security staff are professionals with the expertise required to build and maintain an IT security program
• Makes sure professionals are up to date with and able to protect against the latest threats
• Provides your organisation with information security credibility when dealing with other companies or clients.