Course Description and Goals
CISSP Certification Course
What is CISSP certification?
The International Information System Security Certification Consortium (ISC)2, which offers the Certified Information Systems Security Professional (CISSP) certification, is a well-known name in information security. It is a vendor-neutral certification that verifies a person’s information security and assurance knowledge and skills.
The eight information security domains covered by the CISSP certification include security and risk management, asset security, communication and network security, identity and access management, security assessment and testing, security operations, and software development security. These topics are all covered by the CISSP Common Body of Knowledge (CBK), which is a list of the topics covered by the certification.
The ability to create, execute, and manage a complete information security programme is demonstrated to peers, clients, and employers by having a CISSP certification. In the subject of information security, it is highly respected and frequently a prerequisite for senior-level information security roles.
The CISSP certification is good for three years, and it must be kept up to date by earning Continuing Professional Education (CPE) credits.
What is the purpose of CISSP?
The CISSP covers all of the essential components of the cybersecurity industry, including security and risk management, network and communication security, security testing, and security operations.
What is the eligibility for CISSP certification?
To be eligible for the Certified Information Systems Security Professional (CISSP) certification, you must meet the following criteria:
1.Work Experience: Have at least 5 years of cumulative, paid work experience in two or more of the 8 CISSP domains as outlined by the CISSP Common Body of Knowledge (CBK).
2.Education: Hold a minimum of a high school diploma, or equivalent, although having a higher level of education, such as a bachelor’s or master’s degree, may substitute for one year of work experience.
3.Endorsement: Obtain endorsement from an existing CISSP who can vouch for your professional experience and knowledge.
4.Agree to the (ISC)² Code of Ethics: Agree to adhere to the (ISC)² Code of Ethics, which requires certified individuals to act with integrity, use their knowledge for the betterment of society, and maintain the highest standards of professional conduct.
By meeting these eligibility requirements, you can demonstrate to (ISC)² and the information security community that you have the necessary knowledge, experience, and commitment to become a Certified Information Systems Security Professional (CISSP).
Course Description and Goals
Course Description:
The CISSP certification from ISC2 is one of the premier certifications in the Information Security industry. Covering numerous topics across 8 Domains, this certification speaks to a well-rounded understanding of the many facets of protecting organizational assets. Designed around eight specific domains, this course examines : Security & Risk Management , Asset Security, Security Architecture and Engineering, Communication & Network Security, Identity & Access management , Security Assessment & Testing, Security
Operations and Software Development Security.
Prerequisites:
To earn this certification, you must pass the exam as well as have 5 years of paid experience in two or more domains of the CISSP Common Body of Knowledge. However, if you have passed the examination but are short of the requisite experience, you can become an Associate of (ISC) 2 . Thereafter, you will have 6 years’ to earn the requisite experience. Study Resources: All supplemental materials will be provided in the ‘resources’ tab of the course page!
Course Goals
By the end of this course, students should be able to:
❏ Pass the CISSP Exam
Labs and Assessments
Used:
This course will use labs and assessments from the Cybrary lab environment. All labs and assessments must be completed to attain Cybrary’s Certification of Completion, but may not be necessary for your exam preparation process depending on your prior experience. The items are shown below in the order they appear, each lab will appear in the same module as its relevant CISSP topic. If you are having trouble completing the CISSP Labs, try to launch the lab, then return to the Lecture/Lab Guidance in the previous lesson and complete the lab while viewing the instructor.
● Creation of BCP and DRP (CYBRScore)
● ISC2 CISSP Practice Test: Certified Information Systems Security Professional (Kaplan Practice Test)
Course Outline
Lesson 1.1: Introduction
Lesson 1.2: Computer Adaptive Testing (CAT)
Lesson 2.1: Domain 1 Agenda
Lesson 2.2: Information Security Program Part 1
Lesson 2.3: Information Security Program Part 2
Lesson 2.4: Roles and Responsibilities
Lesson 2.5: Risk Definitions
Lesson 2.6: Risk Identification
Lesson 2.7: Risk Assessment and Analysis
Lesson 2.8: Risk Mitigation and Response
Lesson 2.9: Risk Monitoring and Reporting
Lesson 2.10: Legal Considerations
Lesson 2.11: Knowledge Transfer
Lesson 2.12: The CISSP Mindset Part 1
Lesson 2.13: The CISSP Mindset Part 2
Lesson 2.15: Introduction to Business Continuity and Disaster Recovery Planning
Lesson 2.16: Business Continuity Planning Part 1
Lesson 2.17: Business Continuity Planning Part 2
Lesson 2.18: BCP Step 1: Project Scope and Planning Part 1
Lesson 2.19: BCP Step 1: Project Scope and Planning Part 2
Lesson 2.20: BCP Step 2: Business Impact Assessment Part 1
Lesson 2.21: BCP Step 2: Business Impact Assessment Part 2
Lesson 2.22: BCP Steps 3 and 4: Community Planning, Approval and Implementation
Lesson 2.23: BCP Sub Plans
Lesson 2.24: Creation of BCP and DRP (CYBRScore LAB)
Lesson 2.25: Developing the Teams
Lesson 2.25: Types of Tests
Lesson 3.1: Introduction to Asset Security
Lesson 3.2: Data Classification
Lesson 3.3: Data Protection
Lesson 3.4: System Hardening and Baselining
Lesson 3.5: Threats to Data Storage
Lesson 3.6: Data Redundancy
Lesson 3.7: Secure Data Disposal
Lesson 4.1: Cryptography Agenda
Lesson 4.2: Cryptography in History
Lesson 4.3: Security Services Provided by Cryptography
Lesson 4.4: Algorithm
Lesson 4.5: Elements of Cryptography Part 1
Lesson 4.6: Elements of Cryptography Part 2
Lesson 4.7: Principles of Secure Design
Lesson 4.8: Security Models Part 1
Lesson 4.9: Security Models Part 2
Lesson 4.10: Security Models Part 3
Lesson 4.11: Security Models Part 4
Lesson 4.12: System Architecture
Lesson 4.13: Evaluation Criteria Part 1
Lesson 4.14: Evaluation Criteria Part 2
Lesson 5.1: Introduction to Communications and Network Security
Lesson 5.2: The OSI Model Part 1
Lesson 5.3: The OSI Model Part 2
Lesson 5.4: The OSI Model Part 3
Lesson 5.5: The OSI Model Part 4
Lesson 5.6: The OSI Model Part 5
Lesson 5.7: The OSI Model Network Devices
Lesson 5.8: The OSI Model Collision Domains
Lesson 5.9: The OSI Model Layer 3 Protocols
Lesson 5.10: The OSI Model Layer 4
Lesson 5.11: The OSI Model Layers 5 and 6
Lesson 5.12: The OSI Model Layer 7 (06:53)
Lesson 5.13: The OSI Model Firewalls Part 1
Lesson 5.14: The OSI Model Firewalls Part 2
Lesson 5.15: The OSI Model Firewalls Part 3
Lesson 5.16: The OSI Model NAT/PAT
Lesson 5.17: Password Security
Lesson 5.18: Area Networks – LAN, WAN, and MAN
Lesson 5.19: Remote Access
Lesson 5.20: General Routing Encapsulation
Lesson 5.21: Wireless Security Part 1
Lesson 5.22: Wireless Security Part 2
Lesson 5.23: Wireless Security Part 3
Lesson 6.1: Introduction to Identity and Access Management Part 1
Lesson 6.2: Introduction to Identity and Access Management Part 2
Lesson 6.3: Authentication Types Part 1 – Something You Know
Lesson 6.4: Authentication Types Part 2 – Token Devices
Lesson 6.5: Authentication Types Part 3 – Memory Cards
Lesson 6.6: Authentication Types Part 4 – Something You Are
Lesson 6.7: Strong Authentication
Lesson 6.8: Social Media and the Introduction to Kerberos
Lesson 6.9: Kerberos Components
Lesson 6.10: The Kerberos Carnival Part 1
Lesson 6.11: The Kerberos Carnival Part 2
Lesson 7.1: The 6 Security Assessments and Testing Objectives
Lesson 7.2: Vulnerability Assessments and Penetration Testing
Lesson 7.3: Vulnerability Scanning
Lesson 7.4: Testing Guidelines
Lesson 7.5: Rules of Engagement Part 1
Lesson 7.6: Rules of Engagement Part 2
Lesson 7.7: Protocol Analyzers (Sniffers) and Privacy
Lesson 7.8: IDS Part 1
Lesson 7.9: IDS Part 2
Lesson 7.10: IDS Part 3
Lesson 8.1: Security Incident Response
Lesson 8.2: The Forensics Investigation Process Part 1
Lesson 8.3: The Forensics Investigation Process Part 2
Lesson 8.4: Evidence Types
Lesson 8.5: Fault Management
Lesson 8.6: Backups