Level: Advanced

Certified Information Systems Security Professional (CISSP)

5 Day | Instructor Led

If you are ready to take your security career to the next level, Ultimate Knowledge's Certified Information Systems Security Professional (CISSP) training and certification boot camp will help get you there. You will receive instruction from our experts who possess in-depth, real-world experience as you cover all the material you need to be fully prepared for the (ISC)2 CISSP exam. Our comprehensive CISSP exam prep tools contain the industry's most relevant, up-to-date information and includes summary charts, insightful data, and practice exams. Along with our CISSP training and certification custom course material, you will receive a free copy of Shon Harris' CISSP Certification All-in-One Exam Guide, 5th Edition and a CISSP Practice Exams Book (All-in-One).

Inquire About
Certified Information Systems Security Professional (CISSP)

Ideal Candidates for Certified Information Systems Security Professional (CISSP) Class

Anyone whose position requires CISSP certification
Individuals who want to advance within their current computer security careers or migrate to a related caree

Certified Information Systems Security Professional (CISSP) Prerequisites

Systems administration experience, familiarization with TCP/IP, and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course.
Security+ Prep Course

What You'll Get in Certified Information Systems Security Professional (CISSP)

Expert Level Instruction

Shon Harris All-In-One Book

CISSP Practice Exams (All-in-One) Book

Ultimate Knowledge Institute Award Winning CISSP Student Workbook

Daily Homework Questions (Over 600 Questions)

Daily Quiz Questions (Over 600 Questions)

Handy Reference Charts and Tables

Flash Cards

Course Related Readings (Reinforcement)

Daily Exercises to Reinforce Memory Recall - Cognitive Core

What You'll Learn in Certified Information Systems Security Professional (CISSP)

In-depth coverage of the ten domains required to pass the CISSP exam:



Security and Risk Management

Asset Security

Security Engineering

Communication and Network Security

Identity and Access Management

Security Assessment and Testing

Security Operations

Software Development Security

Certified Information Systems Security Professional (CISSP) Certification

(ISC)2 requires exam candidates to have a minimum of five years of relevant work experience in two or more of the ten domains, four years of work experience with an applicable college degree, or a credential from the (ISC)2-approved list.

The CISSP certification requires successfully passing the CISSP exam (administered by (ISC)2) and having met the experience requirements.

Certified Information Systems Security Professional (CISSP) Outline

1. Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)

  • Understand and Apply Concepts of Confidentiality, Integrity, and Availability
  • Apply Security Governance Principles
  • Compliance
  • Understand Legal and Regulatory Issues that Pertain to Information Security in a Global Context
  • Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines
  • Understand Business Continuity Requirements
  • Contribute to Personnel Security Policies
  • Understand and Apply Risk Management Concepts
  • Understand and Apply Threat Modeling
  • Integrate Security Risk Considerations into Acquisitions Strategy and Practice
  • Establish and Manage Security Education, Training, and Awareness

2. Asset Security (Protecting Security of Assets)

  • Classify Information and Supporting Assets
  • Determine and Maintain Ownership
  • Protect Privacy
  • Ensure Appropriate Retention
  • Determine Data Security Controls
  • Establish Handling Requirements

3. Security Engineering (Engineering and Management of Security)

  • Implement and Manage an Engineering Life Cycle Using Security Design Principles
  • Understand Fundamental Concepts of Security Models
  • Select Controls and Countermeasures Based Upon Information Systems Security Standards
  • Understand the Security Capabilities of Information Systems
  • Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
  • Assess and Mitigate Vulnerabilities in Web-based Systems
  • Assess and Mitigate Vulnerabilities in Mobile Systems
  • Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
  • Apply Cryptography
  • Apply Secure Principles to Site and Facility Design
  • Design and Implement Facility Security

4. Communications and Network Security (Designing and Protecting Network Security)

  • Apply Secure Design Principles to Network Architecture
  • Securing Network Components
  • Design and Establish Secure Communication Channels
  • Prevent or Mitigate Network Attacks

5. Identity and Access Management (Controlling Access and Managing Identity)

  • Control Physical and Logical Access to Assets
  • Manage Identification and Authentication of People and Devices
  • Integrate Identity as a Service (IDaaS)
  • Integrate Third-Party Identity Services
  • Implement and Manage Authorization Mechanisms
  • Prevent or Mitigate Access Control Attacks
  • Manage the Identity and Access Provisioning Life Cycle

6. Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

  • Design and Validate Assessment and Test Strategies
  • Conduct Security Control Testing
  • Collect Security Process Data
  • Conduct or Facilitate Internal and Third-Party Audits

7. Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

  • Understand and Support Investigations
  • Understand Requirements for Investigation Types
  • Conduct Logging and Monitoring Activities
  • Secure the Provisioning of Resources through Configuration Management
  • Understand and Apply Foundational Security Operations Concepts
  • Employ Resource Protection Techniques
  • Conduct Incident Response
  • Operate and Maintain Preventative Measures
  • Implement and Support Patch and Vulnerability Management
  • Participate in and Understand Change Management Processes
  • Implement Recovery Strategies
  • Implement Disaster Recovery Processes
  • Test Disaster Recovery Plan
  • Participate in Business Continuity Planning
  • Implement and Manage Physical Security
  • Participate in Personnel Safety

8. Software Development Security (Understanding, Applying, and Enforcing Software Security)

  • Understand and Apply Security in the Software Development Life Cycle
  • Enforce Security Controls in the Development Environment
  • Assess the Effectiveness of Software Security
  • Assess Software Acquisition Security

Testimonials

A. Erlich

RITSC, N6C

I just wanted to say your presentation on Social Media Technology and Security was the finest I have ever attended.

Wilder Guerra

US Navy Reserve

This course is definitely an eye opener. With how much social media has taken over, it is important to be fully aware of the capabilities along with all the risks it brings. It is important to get this course because social media is the new norm.

Rebekah Coughlin

MicroTech

The Social Media and Security Training course offered by UKI is a great and beneficial course combining technical training to fully understand TCP IP networking, DNS, and the harms of malware and cross-site scripting; as well as practical training that allowed attendees to play with open source social intelligence gathering solutions. This is the perfect class for those involved in IT security and interested in social media and identity theft.


Top Related Courses

Advanced Cyber Range Environment (ACRE) - Ransomware Exercise

The Ransomware exercise is a customized, six-hour, live fire Cyber Range training exercise hosted on ACRE. This exercise is led by expert cyber security engineers and can be executed in a classroom as well as remotely. In this exercise, a ransomware-based attack (i.e., “WannaKry”) is launched via a malicious spear phishing originated compromise. This exercise includes a hands-on keyboard interface, which creates realistic technical training and management interaction opportunities. This exercise is not simulated – it is real malware, detonated in representative network enviroment. Participants are encouraged to view the attack as if it were happening to their institutions in real time, and asked to share what they have done or would do based on the facts provided. Such “range-based” exercises help institutions better understand the impact of an attack and prompt them to improve the ways in which their network defenders respond, communicate, request assistance, and recover from real-world cyber attacks. Institutions that have participated in this exercise have benefited directly by building greater interaction with their security community, as well as increasing capability maturity levels and resiliency across their specific customer sector.


CompTIA Cybersecurity Analyst (CSA+)

CompTIA's Cybersecurity Analyst (CSA+) training from UKI teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.


CompTIA Advanced Security Practitioner (CASP) CAS 003

The CASP certification is a vendor-neutral, intensive exam that validates your knowledge and skills in enterprise security, risk management, research and analysis, and the integration of computing, communications and business disciplines. This exam preparation course provides in-depth review of the four domains included in the exam. Demonstrations and practice exams reinforce the concepts and provide the framework for a personalized study plan for exam success.


© 2018 Ultimate Knowledge Insitute | All Rights Reserved | GSA# GS-35F-0469W