Atpakaļ

CISSP, Sertificēta informācijas sistēmu drošības profesionāļa (CISSP) sagatavošanas kurss

Kursa ilgums, akadēmiskās stundas:40
Kursa cena, EUR (bez PVN):1750,00

Plāni

Datums, laiksVietaValoda
7.oktobris - 11.oktobris, 2019 RĪGA, Tallinas 4Latviski
Pieteikties

 

Apraksts nav pieejams latviešu valodā

Course target

This course will expand upon your knowledge by addressing the essential elements of the 10 domains for information systems security professionals.

The course offers a job-related approach to the security process, while providing the basic skills required to prepare for CISSP certification.

Audience

This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the security competence credibility.

After course students will be able to

At the end of the course, students will be able to:

  • analyze security and risk management
  • analyze asset security
  • analyze security engineering
  • analyze communications and network security
  • analyze identity and access management
  • analyze security assessment and testing
  • analyze security operations
  • analyze software development security

Prerequisites

It is highly recommended that students have certifications in Network+ or Security+, or possess equivalent professional experience upon entering CISSP training.

It will be beneficial if students have one or more of the following security-related or technology-related certifications or equivalent industry experience: MCSE, MCTS, MCITP, SCNP, CCNP, RHCE, LCE, CNE, SSCP, GIAC, CISA, or CISM.

Course materials

The student kit includes a comprehensive workbook and other necessary materials for this class.

Course contents

1. Security and Risk Management:

• Security Governance Principles
• Compliance
• Professional Ethics
• Security Documentation
• Risk Management
• Threat Modeling
• Business Continuity Plan Fundamentals
• Acquisition Strategy and Practice
• Personnel Security Policies
• Security Awareness and Training

2. Asset Security:

• Asset Classification
• Privacy Protection
• Asset Retention
• Data Security Controls
• Secure Data Handling

3. Security Engineering:

• Security in the Engineering Lifecycle
• System Component Security
• Security Models
• Controls and Countermeasures in Enterprise Security
• Information System Security Capabilities
• Design and Architecture Vulnerability Mitigation
• Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
• Cryptography Concepts
• Cryptography Techniques
• Site and Facility Design for Physical Security
• Physical Security Implementation in Sites and Facilities

4. Communications and Network Security:

• Network Protocol Security
• Network Components Security
• Communication Channel Security
• Network Attack Mitigation

5. Identity and Access Management:

• Physical and Logical Access Control
• Identification, Authentication, and Authorization
• Identity as a Service
• Authorization Mechanisms
• Access Control Attack Mitigation

6. Security Assessment and Testing:

• System Security Control Testing
• Software Security Control Testing
• Security Process Data Collection
• Audits

7. Security Operations:

• Security Operations Concepts
• Physical Security
• Personnel Security
• Logging and Monitoring
• Preventative Measures
• Resource Provisioning and Protection
• Patch and Vulnerability Management
• Change Management
• Incident Response
• Investigations
• Disaster Recovery Planning
• Disaster Recovery Strategies
• Disaster Recovery Implementation

8. Software Development Security:

• Security Principles in the System Lifecycle
• Security Principles in the Software Development Lifecycle
• Database Security in Software Development
• Security Controls in the Development Environment
• Software Security Effectiveness Assessment