Email Us   Phone : 503-259-0312   
  Home    |    Instructor-led Training    |    Online Training     


Contact Us   -   Why Choose Wintrac   -   Clients    

Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Microsoft technologies
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
CISSP
Overview

CIISP Overview

Businesses make substantial investments in information assets, including technology, architecture, and processes. These assets are protected on the strengths of the professionals in charge.
Industry standards, ethics and certification of IS professionals becomes critical to ensuring that higher standards for security are achieved. Training for the CISSP exam covers all ten domains of the Common Body of Knowledge.
This course should be attended by network and firewall administrators, information security officers, and anyone interested in understanding the principles, best practices, and core concepts of information systems security.

Course Overview

Our CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam. This certification is managed by the internationally recognized and highly prestigious International Information Systems Security Certifications Consortium ISCē.
This 5-day course can be delivered onsite with exceptional pricing to audiences of at least six students. Please call for a location-specific quote.
The exam covers ISCē's ten domains from the Common Body of Knowledge (CBK), encompassing the whole of information security. The exam consists of 250 multiple-choice questions. Candidates have up to 6 hours to complete the examination.

LEARNING OBJECTIVES

  • Discusses all ten domains of Common Body of Knowledge (CBK), helping to prepare for the CISSP exam.
  • The CBK is the compilation and distillation of all information systems security material collected internationally of relevance to information system security professionals.
  • Ensures information system security professionals have an opportunity to review the CBK in-depth, in preparation for the certification examination and to stay current on the ever-evolving domains within the information system security field.
  • Presents a high-level review of the main topics
  • Identifies specific areas students should study for exam preparation
  • Provides an overview of the scope of the field
Course duration

5 days

Course outline

1. Security Management Practices
 
Security management concepts
Policies, standards, guidelines, and procedures
Security awareness concepts
Risk management practices
Basic information on classification levels

Security management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines.

Management tools such as data classification and risk assessment and analysis are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented.

2. Access Control Systems
 

Access controls are a collection of administrative, physical, and technical mechanisms that work together within a security architecture to protect the assets of an information system. Coverage of the threats, vulnerabilities, and risks associated with an information system's infrastructure, and the available preventive and detective measures to counter them.

3. Telecommunications, Network, and Internet Security
 
Network Structures
Transmission methods
Transport formats
Security measures providing availability, integrity, and confidentiality
Authentication for transmissions over public and private communications networks

4. Cryptography
 

Addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity.

Definitions
History
Cryptology Fundamentals
Symmetric Key Cryptosystem Fundamentals
Asymmetric Key Cryptosystem Fundamentals
Key Distribution and Management Issues
Public Key Infrastructure Definitions and Concepts

5. Security Architecture and Models
 


Concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of confidentiality, availability, and integrity.

Computer organization
Hardware components
Software/firmware components
Open systems
Distributed systems
Protection mechanisms
Evaluation criteria
Certification and accreditation
Formal security models
Confidentiality models
Integrity models
Information flow models

6. Operations Security
 


Identifies the controls over hardware and media, and the operators and administrators with access privileges to any of these resources. Auditing and monitoring provide the mechanisms, tools, and facilities that permit the identification of security events. Subsequent actions identify key elements and report pertinent information to the appropriate individual, group, or process.

7. Applications and Systems Development Security
 


Addresses the important security concepts that apply to application software development. Outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security.

The software development life cycle
Object-oriented systems
Artificial intelligence systems
Database security issues
Data warehousing
Data mining
Application controls

8. Business Continuity Planning and Disaster Recovery Planning
 


Addresses the preservation and recovery of business operations in the event of outages. Differences between business continuity planning and disaster recovery.

Project scope and planning, business impact analysis
Recovery strategies
Recovery plan development
Implementation
Recovery plan development, implementation and restoration

9. Law, Investigations, and Ethics
 


Computer crime laws and regulations
The measures and technologies used to investigate computer crime incidents
Laws applying to computer crimes
How to determine if a crime has occurred
Preserving evidence
The basic of conducting an investigation
Liabilities under the law

10. Physical Security
 


Provides protection techniques for the entire facility, from the outside perimeter to inside office space, including all information system resources.

Elements involved in choosing a secure site, its design and configuration
Methods for securing a facility against unauthorized access
Methods for securing the equipment against theft of the equipment or its contained information
Environmental and safety measures needed to protect personnel, the facility and its resources


 
About us
Contact us
Careers at Wintrac
Our Clients
Why Wintrac


Register for a free training CD-ROM drawing
Refer a client or instructor and earn $$$


Wintrac Inc.
16523 SW McGwire Ct.
Beaverton OR 97007
 
? Wintrac, Inc. All rights reserved.                                                                               Site Map   |   Terms of Use   |   Privacy Policy