This course is designed for CISSPs who specialize in deep managerial elements, such as project management, risk management, setting up and delivering a security awareness program, and managing a business continuity planning program. Gain security leadership and management skills in order to manage an organizations information security program. Ensure your company meets security compliance regulations by establishing, managing, and overseeing a process to help monitor, assess and enforce compliance with security policies and procedures. Learn vital contingency and incident management practices for reducing the impact of adverse events, such as natural and man-made disasters, virus outbreak, or equipment failure
Level: Advanced
CISSP - Information Systems Security Management Professional (ISSMP)
5 Day | Instructor Led
Ideal Candidates for CISSP - Information Systems Security Management Professional (ISSMP) Class
Leaders of the organization's information security program who typically hold a job title such as chief information security officer, information security director, or enterprise security managerIndividuals pursuing CISSP-ISSMP® certification
CISSP - Information Systems Security Management Professional (ISSMP) Prerequisites
CISSP
What You'll Get in CISSP - Information Systems Security Management Professional (ISSMP)
What You'll Learn in CISSP - Information Systems Security Management Professional (ISSMP)
In-depth coverage of the five domains required to pass the CISSP-ISSMP exam:Security Leadership and ManagementSecurity Lifecycle ManagementSecurity Compliance ManagementContingency ManagementLaw, Ethics, and Incident ManagementCISSP - Information Systems Security Management Professional (ISSMP) Certification
Certified Information Systems Security Professional-Information System Security Management Professional
CISSP - Information Systems Security Management Professional (ISSMP) Outline
1. Domain 1: Security Leadership and Management
- Understand Security's Role in the Organization's Culture, Vision, and Mission
- Align Security Program with Organizational Governance
- Define and Implement Information Security Strategies
- Manage Data Classification
- Define and Maintain Security Policy Framework
- Manage Security Requirements in Contracts and Agreements
- Develop and Maintain a Risk Management Program
- Manage Security Aspects of Change Control
- Oversee Security Awareness and Training Programs
- Define, Measure, and Report Security Metrics
- Prepare, Obtain, and Administer Security Budget
- Manage the Security Organization
- Understand Project Management Principles
2. Domain 2: Security Lifecycle Management
- Manage the Integration of Security into the SDLC
- Integrate New Business Initiatives into the Security Architecture
- Define and Oversee Comprehensive Vulnerability Management Programs
3. Domain 3: Security Compliance Management
- Validate Compliance with Organizational Security Policies and Procedures
- Manage and Document Exceptions to the Compliance Framework
- Coordinate with Auditors and Assist with the Internal and External Audit Process
4. Domain 4: Contingency Management
- Oversee Development of Contingency Plans
- Guide Development of Recovery Strategies
- Manage Maintenance of the BCP and DRP plans
5. Domain 5: Law, Ethics, and Incident Management
- Understand the Impact of Laws that Relate to Information Security
- Develop and Manage the Incident Handling and Investigation Processes
- Understand Management Issues as They Relate to the (ISC)2 Code of Ethic
Testimonials
This course is definitely an eye opener. With how much social media has taken over, it is important to be fully aware of the capabilities along with all the risks it brings. It is important to get this course because social media is the new norm.
The Social Media and Security Training course offered by UKI is a great and beneficial course combining technical training to fully understand TCP IP networking, DNS, and the harms of malware and cross-site scripting; as well as practical training that allowed attendees to play with open source social intelligence gathering solutions. This is the perfect class for those involved in IT security and interested in social media and identity theft.
Top Related Courses
The Ransomware exercise is a customized, six-hour, live fire Cyber Range training exercise hosted on ACRE. This exercise is led by expert cyber security engineers and can be executed in a classroom as well as remotely. In this exercise, a ransomware-based attack (i.e., “WannaKry”) is launched via a malicious spear phishing originated compromise. This exercise includes a hands-on keyboard interface, which creates realistic technical training and management interaction opportunities. This exercise is not simulated – it is real malware, detonated in representative network enviroment. Participants are encouraged to view the attack as if it were happening to their institutions in real time, and asked to share what they have done or would do based on the facts provided. Such “range-based” exercises help institutions better understand the impact of an attack and prompt them to improve the ways in which their network defenders respond, communicate, request assistance, and recover from real-world cyber attacks. Institutions that have participated in this exercise have benefited directly by building greater interaction with their security community, as well as increasing capability maturity levels and resiliency across their specific customer sector.
The Cloud Leak exercise is a customized, six-hour, Cyber Range exercise hosted on ManTech’s ACRE® cyber range. This exercise is led by technical instructors and expert cybersecurity engineers and can accommodate 10 to 50 participants in a classroom or remotely. In this exercise, an attack on a cloud-hosted storage service is simulated. Participants are given the following scenario: A major media outlet has contacted bank.com media relations asking for a statement about the discovery that thousands of bank.com customer credit card numbers were obtained through a breach of a cloud storage service. Bank.com is unaware of any such breach. The CEO has requested an immediate investigation into the breach. Participants must determine how the cloud storage site was compromised and the extent of the intrusion, including the types of data exposed and any further infiltration of bank.com’s network. This exercise uses a hands-on keyboard approach to create realistic technical training and management interaction opportunities where participants respond to and report events as identified. Participants are encouraged to view the attack as if it were happening to their institutions in real time. Participants are asked to share what they have done or would do based on the facts provided.
CompTIA's Cybersecurity Analyst (CSA+) training from UKI teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
Vendor Details
ISC2
(ISC)2, the International Information System Security Certification Consortium, Inc., was founded in 1989. This not-for-profit organization manages the CISSP (Certified Information Systems Security Professional) certification. This advanced-level certification is meant for IT security professionals with the following level of experience: a minimum of four years of PROFESSIONAL experience in the field of information security. A bachelor's degree can substitute for one of these required years. Additionally, a Master's Degree in Information Security from a National Center of Excellence can substitute for one year towards the four-year requirement. This experience requirement essentially forms the prerequisite for this vendor-neutral certification, although (ISC)2's other, lower-level certification, the SSCP (Systems Security Certified Practitioner), is recommended. In terms of recertification, the term 'CPE' is an acronym for Continued Professional Education credits. After a candidate becomes certified, he/she is required to perform continuing education per 3-year certification period to become recertified. A CISSP must submit 120 CPEs during the 3-year recertification period. Of the 120 CPEs that are required, at least 80 must be 'A' credits and as many as 40 can be 'B' credits.
The CISSP certification is well suited to IT professionals who aim to be IS (Information Security) professionals, network security professionals, or systems security professionals. The CISSP designation is achieved by passing one exam.
Ultimate Knowledge offers the best ISC2 CISSP training and certification solution available. We train and certify thousands of CISSP's each year and our clients include the Department of Defense, Federal Agencies, DOD Contracting Partners, and Fortune 500 companies. Our certified instructors are well versed in the latest version of the CBK (Common Body of Knowledge) and use our patented Learn>Test>Certify TM. methodology coupled with our proprietary Ultimate CMF TM.(Certification Management Framework). The CMF provides one portal for the organization's Workforce Manager to track and update information about their entire workforce and it provides one location for the individual to track all of their professional training and certification. Ultimate Knowledge's CISSP training solution ensures training and certification success for you or your entire team maximizing your return on training investment.
Ultimate Knowledge offers the following (ISC) 2 training and certification classes:
A. Erlich
RITSC, N6CI just wanted to say your presentation on Social Media Technology and Security was the finest I have ever attended.