Introduction

The Certified Information Systems Security Professional (CISSP) credential is the most globally recognised certification in the information security market. In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish holistic security programs that assure the protection of organisations information assets.

This 5 day review course gets participants ready and/ or gives them a chance to gauge their readiness for the CISSP exam.

This training course is intended for professionals who have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training course is ideal for those working in positions such as, but not limited to:

  • Security Consultant
  • Security Manager
  • IT Director/Manager
  • Security Auditor
  • Security Architect
  • Security Analyst
  • Security Systems Engineer
  • Chief Information Security Officer
  • Director of Security
  • Network Architect

 

Pre-requisites

The knowledge and skills that a participant must have before attending this course is as follows:

  • A firm understanding and good knowledge base of Information Security Principles, Concepts and Best Practices.
  • While there are no formal prerequisites to attend the course, there are prerequisites to be met before a delegate can attempt the CISSP exam.

On completion of this program, participants will be able to:

  • Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference).
  • Apply a comprehensive and rigorous method for describing a current and/or future structure and behaviour for an organization’s security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization’s core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organization’s information assets.
  • Apply a comprehensive and rigorous method for describing a current and/or future structure and behaviour for an organization’s security processes, information security systems, personnel, and organizational sub-units so that these
    practices and processes align with the organization’s core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity.
  • Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise.
  • Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture.
  • Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process.
  • Protect and control information processing assets in centralized and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently.
  • Understand the Software Development Life Cycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security.

Duration: 5 Days

  • Domain 1: Security and Risk Management
  • Domain 2: Asset Security
  • Domain 3: Security Architecture & Engineering
  • Domain 4: Communication and Network Security
  • Domain 5: Identity and Access Management (IAM)
  • Domain 6: Security Assessment and Testing
  • Domain 7: Security Operations
  • Domain 8: Software Development Security

Certificate of Achievement

CISSP Exam

Participants can independently schedule the CISSP exam at their nearest Pearson VUE Testing center or seek exam scheduling assistance from VAS Group.