CISSP® - Certified Information Systems Security Professional

CSRCIND offers Online Training for Information Security, Cyber Security.

CISSP® ONLINE TRAINING

Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the International Information Systems Security Certification Consortium, commonly known as (ISC) ². The CISSP is considered the global standard that proves an individual's proficiency in several security disciplines. The certification is not just for the assessment of one’s solid knowledge about information security, it is also a standard of achievement that is acknowledged worldwide.

CISSP® - Certified Information Systems Security Professional

In order to be considered for the CISSP® credentials, candidates are required to have a minimum of four (4) years of cumulative paid full-time Software Development Lifecycle (SDLC) professional work experience in two or more of the eight domains of the (ISC)2 CSSLP® CBK®. Candidates who holds an active certification that appears on the (ISC)2 approve list may receive an one (1) year experience waiver. Alternatively a four (4) year Bachelors degree in any IT/CS may be substituted for a one year experience. No more than 1 year of total experience may be waived.

CISSP Online Training Course Content

 

  • CISSP Introduction
  • Introduction
  • Objectives
  • Benefits
  • Security and Risk Management
  • Information Security Management
  • Information Security Governance
  • Security and Organizational Goals, Mission, and Objectives
  • Business Scenario
  • Organizational Processes, Auditing
  • Security Controls, Security Policies
  • Types of Security Policies, Security Policy Implementation
  • Compliance
  • Computer Crimes, Categories of Computer Crimes
  • Major Legal Systems
  • Introduction to Law
    • Common Law and Civil Law
    • Customary Law and Religious Law
    • Mixed Law
    • Intellectual Property (IP) Law
  • Information Risk Management
  • Information and Assets Valuation
  • Risk Analysis Types
  • Delphi Technique, Hybrid Analysis
  • Threat Modeling
  • Business Continuity Planning
  • BIA Steps
  • (ISC)² Code of Ethics
  • Asset Security
  • Importance of Asset Security
  • Information Classification
    • Government or Military Sector Classification
    • Commercial or Private Sector Classification
  • Data Management
  • Data Policy, Data Quality
  • Data Quality Assurance and Quality Control
  • Data Documentation, Data Standards, Data Control Lifecycle
  • Database Maintenance, Data Security
  • Asset Management
  • Data Security Controls
  • Security Engineering
  • Architecture Framework, Zachman Framework
  • SABSA Framework, SABSA Matrix
  • Security Models
  • Information Technology Security Evaluation Criteria
  • Common Criteria Evaluation Process
  • Certification and Accreditation
  • SEICMMI
  • System Security Architecture
  • Virtualization, Hypervisor
  • Service models
  • Cloud Computing, Grid Computing
  • Cryptographic Lifecycle
  • Symmetric Key Ciphers
  • Block Cipher, Stream Cipher
  • DES Algorithm, Triple DES
  • Digital Signatures
  • Key Management
  • Communications and Network Security
  • Introduction to Secure Network Architecture and Design
  • Open Systems Interconnection
  • Transmission Control Protocol/Internet Protocol (TCP/IP) Model
  • Network Access Layer and Internet Layer
  • Network Topologies
  • Media Access Technologies
  • Secure Access Protocols
  • Multimedia Collaboration
  • Wireless Technologies
  • WLAN Operational Modes
  • Bluetooth Attack
  • Network Attacks

 

  • Identity and Access Management
  • Controlling Physical and Logical Access to Assets
  • Access Subject Object and Access controls
  • Identity and Access Management Policy
  • Identity Management
  • Biometrics Characteristics
  • Types of Biometrics
  • Passwords
  • Memory Cards and Smart Cards
  • Identity Management Implementation
    • Password Management
    • Directory Management
    • Directory Technologies
    • Accounts Management
    • Profile Management
    • Web Access Management
  • Access Control Concepts
  • Registration and Proof of Identity
  • Credential Management Systems
  • Security Assessment and Testing
  • Security Assessment and Testing Introduction
  • Assessment and Test Strategies
  • Vulnerability Assessment
  • Log Management
  • Synthetic Transactions
  • Testing Techniques
  • Security Testing in the SDLC
  • Software Product Testing Levels
    • Misuse Case Testing
    • Interface Testing
    • API Testing
    • Interface Testing
    • GUI Testing
  • Security Controls Monitoring Frequencies
  • Service Organization Controls
  • Audit Process Audit Phase
  • Security Operations
  • Introduction to Investigations
  • Investigation Challenges
  • Evidence Lifecycle
  • Types of Evidence
  • Intrusion Detection System
  • Continuous Monitoring
  • Security Operations
  • Identity and Access Management
  • Incident Management
  • Anti-Malware Systems
  • Patch Management
  • Access Control
  • Software Development Security
  • System Environments
  • Distributed Environment
  • Distributed Data Processing and Agents
  • Programming and Software
  • Threats in the Software Environment
  • System Life Cycle and Systems Development
  • Integrated Product Team (IPT)
  • DevOps
  • Software Testing Methods
  • Software Testing Levels
  • Application Controls
  • Software Development Methods
  • Object - Oriented Programming Terms
  • Software Security and Assurance
  • Software Security: SOA
  • Database and Data Warehousing Environments
  • Types of Databases
  • Introduction to Data Warehousing
  • DBMS Controls
  • Malware Protection
  • Importance and Role of Knowledge Management
  • Knowledge-Based System/Artificial Intelligence
  • Knowledge-Based System Expert System
  • Knowledge-Based System Neural Network
  • Web Application Environment Security
Back to top