If you plan to build a career in information security – one of today’s most visible professions – and if you have at least five full years of experience in information security, then the CISSP® credential should be your next career goal. It’s the credential for professionals who develop policies and procedures in information security.

Request a Course Search for a Course Email This Item to a Friend

Course Description:

If you plan to build a career in information security – one of today’s most visible professions – and if you have at least five full years of experience in information security, then the CISSP^® credential should be your next career goal. It’s the credential for professionals who develop policies and procedures in information security.

The CISSP was the first credential in the field of information security, accredited by the ANSI (American National Standards Institute) to ISO (International Organization for Standardization) Standard 17024:2003. CISSP certification is not only an objective measure of excellence, but a globally recognized standard of achievement.

Outline

1. Test-Taking Tips and Study Techniques

• Preparation for the CISSP Exam

• Submitting Required Paperwork

• Resources and Study Aids

• Passing the Exam the First Time

2. Operations Security

• Change Control/Configuration Management

• Dual Control, Separation of Duties, Rotation of Duties

• Vulnerability Assessment and Pen-Testing

3. Access Control

• AAA

• Authentication Methods (Types 1, 2, & 3)

• Authorization - DAC, RBAC, MAC

• Accounting - Logging, Monitoring, Auditing

• Central/Decentralized and Hybrid Management

• Single Sign-on - Kerberos, Radius, Diameter, TACACS

• Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering

4. Cryptography

• Intro - History

• Symmetric

• Asymmetric

• Hashing

• Cryptosystems - SSL, S/MIME, PGP

• PKI

• Cryptanalysis

5. Security Architecture and Design

• Layering, Data Hiding and Abstraction

• Processors

• Memory - Segmentation/Rings, Types of Memory

• Operating Systems

• Models

• Assurance - TCSEC, ITSEC, CC

• Architecture Problems - Covert Channels + TOC/TOU, Object Reuse

6. Telecommunications and Network Security

• OSI/DoD TCP/IP Models

• TCP/UDP/ICMP/IP

• Ethernet

• Devices - Routers/Switches/Hubs

• Firewalls

• Wireless

• WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable

• Voice - PBX/Cell Phones/VOIP

• IPSec

• Network Vulnerabilities

7. Application Security

• SDLC

• Change (Lifecycle) Management

• Database Security

• AI

• OOD

• Mobil Code

• Malware

8. Disaster Recovery and Business Continuity

• Policy

• Roles and Teams

• BIA

• Data Backups, Vaulting, Journaling, Shadowing

• Alternate Sites

• Emergency Response

• Required Notifications

• Tests

9. Legal, Regulations, Compliance, and Investigations

• Ethics - Due Care/Due Diligence

• Intellectual Property

• Incident Response

• Forensics

• Evidence

• Laws - HIPAA, GLB, SOX

10. Physical (Environmental) Security

• CPTED

• Facility Design

• Fire Safety

• Electrical Security

• HVAC

• Perimeter Security - Fences, Gates, Lighting

• Physical Access Control - Transponders, Badges, Swipe Cards

• Theft

• Intrusion Detection - CCTV, Alarms, Guards, & Dogs

11. Information Security and Risk Management

• CIA

• Roles and Responsibilities - RACI

• Asset Management

• Taxonomy - Information Classification

• Risk Management

• SDLC (Security Development Lifecycle)

• Certification and Accreditation

• Policies, Procedures, Standards, Guidelines, Baselines

• Knowledge Transfer - Awareness, Training, Education

Please Note:

Horizon Systems will not be able to hold testing for the certification at this time. But your exam voucher is included with this purchase. We will also direct you to several places where you may take your exam locally.