Certified Information Systems Security Professional (CISSP) Updated 2018



Disclaimer: Tech-Act is an independent training services provider. Any use of third party trademarks, brand names, products and services is only referential.Tech-Act disclaims any sponsorship, affiliation or endorsement of or by any third parties. Tech-Act is an authorized training partner only where explicitly stated and as listed here.



REQUEST INFORMATION


Certified Information Systems Security Professional (CISSP)


About This Course

International Information System Security Certification Consortium or (ISC)² is one of the pioneers in providing information security certifications.  The consortium is dedicated in aiding IT professionals learn and grow vocationally in the IT landscape. More than 130,000 certifications handed out until now, (ISC)² intends to authorize professionals in every facet of information and network security.

CISSP or The Certified Information Systems Security Professional certificate is regarded as the industry standard in the information security ecosystem. The certification program helps you become an expert in information assurance, who is skilled enough to define each aspect of information security including controls, management, design and architecture. The course serves as a steppingstone for a number of professionals in the field of IT security.

The CISSP certification not only reflects a validation of excellence, but is also a globally acclaimed and accepted authentication for IT security. Tech-Act offers a comprehensive CISSP coursework for all the professionals, who aspire to gain the knowledge to design, manage, architect and control enterprise IT security. CISSP certified professionals are in great demand by businesses worldwide when it comes to dealing with cyberattacks and security threats.


Who Should Attend This Course

CISSP is a globally accepted certification and is perfect for:

  • Network architects
  • Chief information security professionals
  • Security and systems engineers
  • IT managers/directors
  • Security architects/auditors
  • Security managers/consultants

Why This Course

CISSP certification program reflects a proof of excellence and is a globally accepted when it comes to IT security. The comprehensive coursework is excellent for the ones, who wish to learn and hone the knowledge to manage, design, control and architect enterprise IT security systems. Most importantly, CISSP certified experts are in huge demand by organizations across the globe in order to tackle the menace of security threats and various cyberattacks.

Here’s why:

  • Globally recognized
  • Validates a person’s skillsets in understanding all aspects of information security
  • Operational security and recovery concepts
  • Membership access to the International Information Systems Security Certification Consortium.
  • Compliance requisites
  • Planning a secure IT infra and environment
  • Learn to safeguard resources utilizing access controls and cryptography
  • Improved job prospects in IT security domain

Did you know that CISSP certified professionals earn an average salary of around $121,923 / annum.   (Source: itcareerfinder.com)


Course Objectives

Tech-Act’s CISSP certification program is designed keeping in mind (ISC)² CBK 2015 exam requirements. The program helps you learn industry best IT security practices. It lets you develop skills to design, build and maintain a secure enterprise IT network using globally accepted and industry standard information security concepts.

Upon completing the course, you will:

  • Learn relevant and industry specific skills to pass the CISSP exam
  • Be trained to design, manage and build secure enterprise IT environment.

Course Prerequisites

The CISSP certification training is aimed at professionals, who desire to gain a competitive edge in the information security domain. (ISC)² recommends having a least of 5-years of professional experience in two or more of the eight domains of CBK 2015.

You can earn a one-year waiver with a four-year college degree or equivalent.


Course Benefits


Key benefits of CISSP include:

  • Validates a person’s skillsets in understanding all aspects of information security
  • Globally recognized
  • Improved job prospects in IT security domain
  • Membership access to the International Information Systems Security Certification Consortium.
  • Learn to safeguard resources utilizing access controls and cryptography
  • Planning a secure IT infra and environment
  • Compliance requisites
  • Operational security and recovery concepts

Curriculum


Security and Risk Management

Overview

This section gives information on Certified Information Systems Security Professional (CISSP) certification. It demonstrates that the holder has been working in IT Security for over five years, has a broad range of knowledge in ten domains related to creating, supporting and maintaining a secure IT infrastructure and can implement things like risk management and risk identification.

Security Governance

This section covers the the three pillars of security, confidentiality, integrity and availability. It explains how to apply security governance principles through alignment of security functions to an organizations strategy, goals, mission and objectives.

Compliance

This section discusses the legislative and regulatory compliance, and privacy requirements compliance. It explains legal and regulatory issues that pertain to information security in a global context such as computer crimes, licensing, intellectual property, import and export controls, privacy and data breaches.

Code of Ethics

This section discusses professional ethics. It explains the (ISC)2 Code of Ethics and demonstrates how it applies as a CISSP, as well as an organizations code of ethics. It also covers security policies, standards, procedures, and guidelines.

Business Continuity

This section explains business continuity requirements. It covers the concept of developing and documenting project scope and plan.

Personnel Security

This section discusses several types of personnel security policies. It coves employment candidate screening, like reference checks and education verification. It also explains employment agreements and policies and the termination process.

Risk Management

This section covers risk management concepts. It explains some terminology such as risk assessment methodologies and ways to perform risk analysis. It discusses the different types of controls available, and control categories.

Threat Modeling

This section covers threat modeling. It discusses the penetration testing methodology and some resources that can be helpful in threat modeling.

Acquisition Risk Strategy

This section explains integrating risk assessment into acquisition strategies, like hardware purchases as well as outsourcing. It discusses the importance of auditing vendors and having service level agreements.

Asset Security

Asset Classification

This section covers asset security. It explains the need for classification and describes different classification systems. It discusses data ownership and data classification.

Protect Privacy

This section discusses protecting the privacy of information. It explains the importance of privacy policies, boundaries for data usage, data owners, data custodians and their responsibilities.

Retention and Data Security

This section discusses retention policies for data, hardware and even personnel. It explains the importance of aligning these policies with business requirements.

Data Handling Requirements

This section discusses data handling requirements and retention policies. It explains data at rest and data in transit, and the different ways to protect it. It also covers encryption as a method to protect data, both at rest and in transit.

Security Engineering

Secure Design Principles

This section covers implementing and managing the engineering processes using secure design principles. It discusses the role of a CISSP in the system engineering process, and standards from NIST and ISO.

Security Model Concepts

This section covers system components like processors and memory, and the need for secure system design. It discusses system security architecture and enterprise security architecture.

Controls and Capabilities

This section discusses what a control is and its standards. It explains the controls specified by ISO 27002 and PCI-DSS.

Assess Vulnerabilities

This section discusses assessing and mitigating vulnerabilities related to security architecture. It covers hardware failure, privilege misuse, emanation threats, race conditions, covert channels, and centralized and decentralized architecture.

Apply Cryptography

This section covers how cryptography is applied. It discusses the future of cryptography, quantum cryptography. It explains the application of public key infrastructure (PKI) and a certificate services hierarchy.

Physical Security

This section discusses the physical security and secures site design. It explains about defining boundaries and determining what needs to be protected. It also covers different controls used for physical security, like cameras, fences and fire suppression systems.

Communication and Network Security

Secure Network Design

This section discusses secure network design such as OSI model. It explains different layers and protocols.

IP Networking and Protocols

This section covers IP addressing such as IPv4 and IPv6 addresses. It also discusses port numbers and how they are used in communication.

Securing Network Devices

This section discusses securing network devices. It covers the risks associated with modems, switches, routers. It also explains statefull, stateless firewalls, transmission media and technologies like proxy, NAT and PAT.

Secure Communications

This section covers secure communication channels. It discusses risks in communication channels and the ways to protect communications using various tunneling technologies, like PPTP, L2TP, IPSec and RADIUS.

Mitigate Network Attacks

This section discusses the ways to secure network communications to mitigate many network attacks. It explains the importance of defense in depth and define the four phases of an attack.

Identity and Access Management

Identification and Authorization

This section discusses the concepts of identity and access management (IAM). It talks about the process of identifying, authenticating and authorizing a subject. It also explains the identity lifecycle, and the concept of single sign-on.

Manage Authentication

This section covers authentication. It explains kerberos and the importance of time sync and NTP. It discusses hard tokens, soft tokens, OTP tokens, out of band tokens, and biometrics.

Assessment and Testing

This section discusses the importance of assessment, and also the importance of determining the root cause when analyzing the results.

Security Operations

Investigations

This section discusses how to respond to a security incident. It talks about identifying and securing evidence at a crime scene. It also explains about preserving evidence through an investigation, concepts like chain of custody and Locard’s Exchange Principle.

Secure Operations Concepts

This section discusses secure operations concepts. It talks about Intrusion Detection Systems and Intrusion Prevention Systems. It covers data loss prevention and service level agreements.

Resource Protection

This section discusses implementing safeguards to protect the media used to store data. It talks about encryption for both data at rest and data in motion.

Incident Management

This section talks about incident management and incident response. It explains the five critical components of incident response – detect, determine, minimize, resolve, and document.

Preventative Measures

This section discusses preventative measures. It explains that preventative measures in place are appropriate for a specific risk, and making sure they are working as expected.

Recovery Strategies

This section covers recovery strategies used to recover after an incident. It explains key terms and concepts like recovery point and recovery time objectives, and maximum tolerable downtime. It also discusses different types of backups and there use.

Physical / Personnel Security

This section talks about physical security and personnel security. It explains physical access controls like man traps. It also talks about the importance of protecting our most valuable resource, our personnel.

Software Development Security

Software Dev Security

This section discusses about applying security in the software development life cycle. It explains the concept of securing early and often. It also covers the development phases, project initiation and planning, and system design specifications.

Schedule & Fees


SELF PACED Online INSTRUCTOR LED CLASSROOM
Duration 6 Months 6 Days 6 Days
Course Material
Exam Voucher
Face Time With Instructor
Course Price $499 On Request On Request
Enroll Now Enquire Now Enquire Now

Course FAQ


Why Tech-Act for CISSP?

  • Certified team of trainers
  • Good practical exposure
  • Industry grade learning amenities
  • Comprehensive exam centric coursework
  • Online and traditional classroom option available.

Do you have certified trainers onboard?

  • Yes, all our CISSP trainers are certified having more than a decade of industry relevant experience.

What are the benefits of CISSP?

Primary benefits of CISSP:

  • Globally recognized
  • Validates a person’s skillsets in understanding all aspects of information security
  • Learn to safeguard resources utilizing access controls and cryptography
  • Compliance requisites
  • Operational security and recovery concepts
  • Improved job prospects in IT security domain
  • Planning a secure IT infra and environment
  • Membership access to the International Information Systems Security Certification Consortium.

What’s the eligibility criteria to enroll?

CISSP is a globally recognized certification, perfect for:

  • Chief information security professionals
  • Network architects
  • Security managers/consultants
  • Security architects/auditors
  • IT managers/directors
  • Security and systems engineers

Testimonials



0

Your Cart