Certified Information Systems Security Professional (CISSP) Training Course

Promote the development of knowledge and skills on:

• Security and Risk Management;
• Asset Security;
• Security Engineering;
• Communication and Network Security;
• Identity and Access Management;
• Security Assessment and Testing;
• Software Development Security;
• Preparing for the CISSP Certification Exam.

This course is intended for experienced IT security-related practitioners such as:

• auditors;
• consultants;
• investigators, or instructors;
• network or security analysts and engineers;
• network administrators;
• information security specialists;
• risk management professionals.

• Analyze security and risk management.
• Analyze asset security.
• Analyze security engineering.
• Analyze communications and network security.
• Analyze identity and access management.
• Analyze security assessment and testing.
• Analyze security operations.
• Analyze software development security.

It is highly recommended that students have certifications in Network+ or Security+, or possess equivalent professional experience upon entering CISSP training.

It will be beneficial if students have one or more of the following security-related or technology-related certifications or equivalent industry experience: MCSE, MCTS, MCITP, SCNP, CCNP, RHCE, LCE, CNE, SSCP, GIAC, CISA, or CISM.

The student kit includes a comprehensive workbook and other necessary materials for this class.

Cybersecurity Certification | CISSP – Certified Information Systems Security Professional | (ISC)² (isc2.org) exam (The voucher is already included in the course price).

It is possible to arrange the certification exam only on-site and at certain certification centers, currently the closest one is in Tallinn. The price of the course includes a round-trip bus ticket (Riga – Tallinn – Riga) with the Lux Express.

1. Security and Risk Management:

• Security Governance Principles
• Compliance
• Professional Ethics
• Security Documentation
• Risk Management
• Threat Modeling
• Business Continuity Plan Fundamentals
• Acquisition Strategy and Practice
• Personnel Security Policies
• Security Awareness and Training.

2. Asset Security:

• Asset Classification
• Privacy Protection
• Asset Retention
• Data Security Controls
• Secure Data Handling.

3. Security Engineering:

• Security in the Engineering Lifecycle
• System Component Security
• Security Models
• Controls and Countermeasures in Enterprise Security
• Information System Security Capabilities
• Design and Architecture Vulnerability Mitigation
• Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
• Cryptography Concepts
• Cryptography Techniques
• Site and Facility Design for Physical Security
• Physical Security Implementation in Sites and Facilities.

4. Communications and Network Security:

• Network Protocol Security
• Network Components Security
• Communication Channel Security
• Network Attack Mitigation.

5. Identity and Access Management:

• Physical and Logical Access Control
• Identification, Authentication, and Authorization
• Identity as a Service
• Authorization Mechanisms
• Access Control Attack Mitigation.

6. Security Assessment and Testing:

• System Security Control Testing
• Software Security Control Testing
• Security Process Data Collection
• Audits.

7. Security Operations:

• Security Operations Concepts
• Physical Security
• Personnel Security
• Logging and Monitoring
• Preventative Measures
• Resource Provisioning and Protection
• Patch and Vulnerability Management
• Change Management
• Incident Response
• Investigations
• Disaster Recovery Planning
• Disaster Recovery Strategies
• Disaster Recovery Implementation.

8. Software Development Security:

• Security Principles in the System Lifecycle
• Security Principles in the Software Development Lifecycle
• Database Security in Software Development
• Security Controls in the Development Environment
• Software Security Effectiveness Assessment.