Certified Information System Security Professional (CISSP 2015)

Certified Information System Security Professional (CISSP 2015)

Delivery Option:
Purchase Now

GSA Checkout → GSA

Course ID: C9001

Duration: 5 Days

Location: Flex - San Francisco or Live Online | Click here to schedule private course.


The Certified Information System Security Professional (CISSP 2015) is designed to expand upon the student’s existing knowledge, and is intended for experienced IT professionals. THe course covers the essential elements of the eight domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals.

+ Who Should Attend

Typical students of this course include:

  • IT security-related practitioners, auditors, consultants, investigators, or instructors
  • Network or security analysts and engineers
  • Network administrators
  • Information security specialists
  • Risk management professionals
  • Those looking to sit the CISSP certification exam

+ Course Outline

Module 1: Security & Risk Management

  • Security Governance Principles
  • Compliance
  • Professional Ethics
  • Security Documentation
  • Risk Management
  • Threat Modeling
  • Business Continuity Plan Fundamentals
  • Acquisition Strategy and Practice
  • Personnel Security Policies
  • Security Awareness and Training

Module 2: Asset Security

  • Asset Security
  • Privacy Protection
  • Asset Retention
  • Data Security Controls
  • Secure Data Handling

Module 3: Security Engineering

  • Security in the Engineering Lifecycle
  • System Component Security
  • Security Models
  • Controls and Countermeasures in Enterprise Security
  • Information System Security Capabilities
  • Design and Architecture Vulnerability Mitigation
  • Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
  • Cryptography Concepts
  • Cryptography Techniques
  • Site and Facility Design for Physical Security
  • Physical Security Implementation in Sites and Facilities

Module 4: Communications and Network Security

  • Network Protocol Security
  • Network Components Security
  • Communication Channel Security
  • Network Attack Mitigation

Module 5: Identity and Access Management

  • Physical and Logical Access Control
  • Identification, Authentication, and Authorization
  • Identity as a Service
  • Authorization Mechanisms
  • Access Control Attack Mitigation

Module 6: Security Assessment and Testing

  • System Security Control Test
  • Software Security Control Testing
  • Security Process Data Collection
  • Audits

Module 7: Security Operations

  • Security Operations Concepts
  • Physical Security
  • Personnel Security
  • Logging and Monitoring
  • Preventative Measures
  • Resource Provisioning and Protection
  • Patch and Vulnerability Management
  • Change Management
  • Incident Response
  • Investigations
  • Disaster Recovery Planning
  • Disaster Recovery Strategies
  • Disaster Recovery Implementation

Module 8: Software Development Security

  • Security Principles in the System Lifecycle
  • Security Principles in the Software Development Lifecycle
  • Database Security in Software Development
  • Security Controls in the Development Environment
  • Software Security Effectiveness Assessment


+ Prerequisites

Direct security work experience is recommended, but not required.

+ Certifications