Home ISC2 Certified Information Systems Security Professional (CISSP)

QUICK

INFORMATION

icon

5 Day(s) Course

icon

Official Courseware

icon

Exam Voucher

icon

Certified Trainer

icon

1:1 Training Available on Demand

icon

Customize Your Batch

ABOUT

THE COURSE

The CISSP training (Certified Information Systems Security Professional) is the essential credential for a security professional to validate their competencies and skill set to deploy a diverse information security infrastructure for protecting the organization from potential cybersecurity hazards.

The course has been sponsored by (ISC)2, one of world’s leading non-profit organization for providing healthy aids to the field of information security. The certification qualifies a candidate to effectively create, implement and evaluate the cybersecurity tools and technologies used to facilitate the healthy transfer of information across a diverse work environment.

The CISSP has been the first credential in the field of information security to meet the stern requirements of ISO/IEC Standard 17024.

The CISSP CBK consists of the following eight domains:

1. Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)

  • Legal and regulatory issues
  • Confidentiality, integrity, and availability concepts
  • Security governance principles
  • Compliance
  • Professional ethics
  • Business continuity requirements
  • Personnel security policies
  • Threat modeling
  • Risk considerations
  • Security education, training, and awareness
  • Security policies, standards, procedures and guidelines

2. Asset Security (Protecting Security of Assets)
  • Protect privacy
  • Information and asset classification
  • Ownership (e.g. data owners, system owners)
  • Data security controls
  • Appropriate retention
  • Handling requirements

3. Security Engineering (Engineering and Management of Security)

  • Security evaluation models
  • Security models fundamental concepts
  • Security architectures, designs, and solution elements vulnerabilities
  • Security capabilities of information systems
  • Engineering processes using secure design principles
  • Web-based systems vulnerabilities
  • Mobile systems vulnerabilities
  • Cryptography
  • Embedded devices and cyber-physical systems vulnerabilities
  • Site and facility design secure principles
  • Physical security

4. Communication and Network Security
  • Secure network architecture design
  • Secure communication channels
  • Secure network components
  • Network attacks

5. Identity and Access Management (Controlling Access and Managing Identity)
  • Access control attacks
  • Physical and logical assets control
  • Identity as a service (e.g. cloud identity)
  • Identification and authentication of people and devices
  • Identity and access provisioning lifecycle (e.g. provisioning review)
  • Third-party identity services (e.g. on-premise)

6. Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
  • Test outputs (e.g. automated, manual)
  • Security process data (e.g. management and operational controls)
  • Security architectures vulnerabilities
  • Security control testing
  • Assessment and test strategies

7. Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery)
  • Logging and monitoring activities
  • Investigations support and requirements
  • Incident management
  • Provisioning of resources
  • Foundational security operations concepts
  • Recovery strategies
  • Resource protection techniques
  • Physical security
  • Preventative measures
  • Patch and vulnerability management
  • Change management processes
  • Business continuity planning and exercises
  • Personnel safety concerns
  • Disaster recovery processes and plans

8. Software Development Security (Understanding, Applying, and Enforcing Software Security)
  • Development environment security controls
  • Security in the software development lifecycle
  • Acquired software security impact
  • Software security effectiveness

This CISSP Exam Preparation training is ideal for those working with the profiles of:

  • Security Systems Engineer
  • Security Consultants/Analysts
  • Security/Network Architect
  • Security Auditor/Manager

The candidates must meet the following requirements before taking the CISSP certification:

Have a minimum of five years of direct full-time security professional work experience in the below-mentioned domains:

  • Access Control
  • Cryptography
  • Application Development Security
  • Operations Security
  • Information Security Governance and Risk Management
  • Legal, Regulations, Investigations and Compliance
  • Business Continuity and Disaster Recovery Planning
  • Security Architecture and Design
  • Telecommunications and Network Security
  • Physical (Environmental) Security
OR
  • 4 years of direct full-time security professional work experience in two or more of the ten mentioned domains with a college degree.
  • Complete the Candidate Agreement, attesting to the truth of his or her declaration regarding professional experience and legally commit to adhere to the (ISC) 2 Code of Ethics.

Name Code Fee
CISSP Exam USD 0

gorm icon

ENQUIRY FORM

What Our Trainees Say

Mercury Solutions Ltd. is rated 4.6 stars by www.facebook.com/mercurysol based on 19 reviews.