Course Outline

Access Control

Security architecture that protects the assets of your systems:

  • Concepts, methodologies and techniques
  • Effectiveness
  • Attacks

Telecommunications & Network Security

Network structures, transmission methods, transport formats and security measures that provide availability, integrity and confidentiality:

  • Network architecture and design
  • Communication channels
  • Network components
  • Network attacks

Information Security Governance & Risk Management

Identifying an organisation’s information assets, and the development, documentation and implementation of policies, standards, procedures and guidelines:

  • Security governance and policy
  • Information classification and ownership
  • Contractual agreements and procurement processes
  • Risk management concepts
  • Personnel security
  • Security education, training and awareness
  • Certification and accreditation

Software Development Security

The controls found in systems and applications software, and their development:

  • Systems Development Life Cycle (SDLC)
  • Application environment and security controls
  • Effectiveness of application security

Cryptography

The principles, means and methods of disguising information; to ensure its integrity, confidentiality and authenticity:

  • Encryption concepts
  • Digital signatures
  • Cryptanalytic attacks
  • Public Key Infrastructure (PKI)
  • Information hiding alternatives

Security Architecture & Design

The concepts, principles, structures and standards used to design, implement, monitor, and secure, operating systems, equipment, networks and applications:

  • Fundamental concepts of security models
  • Capabilities of information systems (e.g. memory protection, virtualization)
  • Countermeasure principles
  • Vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)

Security Operations (formerly 'Operations Security')

Controls over hardware, media and operators with access privileges:

  • Resource protection
  • Incident response
  • Attack prevention and response
  • Patch and vulnerability management

Business Continuity & Disaster Recovery Planning

How to maintain business in the face of major disruptions:

  • Business impact analysis
  • Recovery strategy
  • Disaster recovery process
  • Provide training

Legal, Regulations, Investigations and Compliance

Computer crime laws, investigation and how to gather evidence:

  • Legal issues
  • Investigations
  • Forensic procedures
  • Compliance requirements/procedures

Physical (Environmental) Security

How to protect your business's resources and sensitive information:

  • Site / facility design considerations
  • Perimeter security
  • Internal security
  • Facilities security

Requirements

To attend the CISSP CBK Review you do not need to have the prerequisite experience for the examination. It is available to anyone working in the field of IT and Information Security and aims to give you a thorough understanding of Information Security even if you do not intend to sit the examination.

If you intend to go on to the examination:

CISSP candidates:

Must have a minimum of five years of direct full-time security professional work experience in two or more of the ten domains of the (ISC)2® CISSP CBK®, or four years of direct full-time security professional work experience in two or more of the ten domains of the CISSP CBK with a college degree.

Associate of (ISC)2 for CISSP:

Associate of (ISC)2 status is available to those knowledgeable in key areas of industry concepts but lacking the work experience. As a candidate, you may take the CISSP examination and subscribe to the (ISC)2 Code of Ethics, however to earn the CISSP credential you will have to acquire the necessary years of professional experience required, provide proof and be endorsed by a member of (ISC)2 in good standing. If you are working towards this credential, you will have a maximum of six years from your exam pass date to acquire the necessary five years of professional experience. For more information please refer to: www.isc2.org

  35 Hours
 

Number of participants


Starts

Ends


Dates are subject to availability and take place between 09:30 and 16:30.
Open Training Courses require 5+ participants.

Testimonials (4)

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Standard Java Security

  14 Hours

Java and Web Application Security

  21 Hours

Advanced Java Security

  21 Hours

Advanced Java, JEE and Web Application Security

  28 Hours

.NET, C# and ASP.NET Security Development

  14 Hours

Comprehensive C# and .NET Application Security

  21 Hours

Advanced C#, ASP.NET and Web Application Security

  21 Hours

Web Application Security

  14 Hours

Security Testing

  14 Hours

Related Categories