CISSP® Exam Preparation Training Course

One-time payment for life and future updates

14 hours on-demand video

Access on mobile and TV

CISSP official exam preparation

Course Curriculum

Introduction
7 Lessons
- 1. Introduction
  Preview
- 2. What is CISSP Certificate
  Preview
- 3. Course Outline
  Preview
- 4. Latest CISSP Curriculum
  Start
- 5. Course Materials and Resources 2
  Start
- 6. Course flow and follow up
  Start
- 7. Important communication channel
  Start
Security and Risk Management
32 Lessons
- 8. Introduction to Security and Risk Management
  Start
- 9. Important Definitions
  Start
- 10. Important Definitions 2
  Start
- 11. Governance Requirements
  Start
- 12. Due Care and Due Diligence
  Start
- 13. Question
  Start
- 14. Compliance
  Start
- 15. Important Document
  Start
- 16. Ethics
  Start
- 18. Security Document 2
  Start
- 19.Security Document Types
  Start
- 20. Policy Sample
  Start
- 21. The Relationship Between Security Document Types
  Start
- 22. Risk Management
  Start
- 23. Risk Management Part 2
  Start
- 24. Asset Evaluation
  Start
- 25. Exam Question
  Start
- 26. Rsa Archer
  Start
- 27. ARIS GRC
  Start
- 28. Business Continuity Plans
  Start
- 29. Business Continuity Plans - BCP
  Start
- 30. Business Impact Analysis- BIA
  Start
- 31. MTD - RTO- RPO
  Start
- 32. Disaster Recovery Plan -DRP
  Start
- 33. Alternatives Sites
  Start
- 34. Exam Quiz
  Start
- 35. The Need of Personnel Security
  Start
- 36. Employment Policies
  Start
- 37. Employment Policies -Part 2
  Start
- 38. Termination
  Start
- 39. Security Awareness
  Start
- Domain Evaluation 2
  Start
Asset Security
12 Lessons
- 40. Introduction to Asset Security
  Start
- 41. Asset Management
  Start
- 42. Information Asset List
  Start
- 43. Classification
  Start
- 44. Labeling
  Start
- 45. DLP
  Start
- 46. DLP - Data Classification
  Start
- 47. Klassify - Data Labeling 2
  Start
- 48. Privacy
  Start
- 49. Retention
  Start
- 50. Data Security Control
  Start
- Domain Evaluation 2
  Start
Security Architecture and Engineering
26 Lessons
- 51. Introduction to Security Architecture and Engineering
  Start
- 52. Security Engineering Lifecycle
  Start
- 53. NISP SP 14-27
  Start
- 54. Trusted Computing Base
  Start
- 54.1 TCB Vulnerability
  Start
- 55. Security Models
  Start
- 56. TCSEC
  Start
- 57. ITSEC
  Start
- 58. Security Architecture Questions
  Start
- 59. Enterprise Security Architecture
  Start
- 60. Virtualization
  Start
- 61. Fault Tolerance
  Start
- 62. Server Fault Tolerance Techniques
  Start
- 63. New Technology
  Start
- 64. Spoofing Number
  Start
- 65. Spoofing Email
  Start
- 66. Cryptography
  Start
- 67. Alternative Ciphers
  Start
- 68. Symmetric Encryption
  Start
- 69. Asymmetric Encryption
  Start
- 70. Hash
  Start
- 71. Physical Security
  Start
- 72. Physical Access barriers
  Start
- 73. Power Issue
  Start
- 74. Fire
  Start
- Domain Evaluation 2
  Start
Communications and Network Security
12 Lessons
- 75. The OSI Model
  Start
- 76. TCP-IP Model
  Start
- 77. Network Architecture Components
  Start
- 78. Firewall
  Start
- 79. Network Types and Topolgies
  Start
- 80. Remote Access Technology
  Start
- 81. Wireless Network
  Start
- 82. Network Attacks
  Start
- 83. Remote Access Security Mechanisms
  Start
- 84. RAID
  Start
- 85. Backup
  Start
- 86. Network Questions
  Start
Identity and Access Management
10 Lessons
- 87. Access Control
  Start
- 88. Authorization
  Start
- 89. Authentication
  Start
- 90. Single Sign on SSO
  Start
- 91. Central Administration (RADUIS)
  Start
- 92. Access Control Attack
  Start
- 93. Instrusion Detection System (IDS)
  Start
- 94. Access Control Inportant exam area
  Start
- 95. Access Control Questions
  Start
- Domain Evaluation 2
  Start
Cloud Security
12 Lessons
- 96. Introduction to Cloud Security
  Start
- 97. NIST 800-145
  Start
- 98. IaaS vs PaaS vs SaaS
  Start
- 99. SaaS
  Start
- 100. PaaS
  Start
- 101. IaaS
  Start
- 102. Storage Architecture
  Start
- 103. Data Life Cycle Security
  Start
- 104. Hypervisor
  Start
- 105. Virtualization Security
  Start
- 106. Perimeter Security
  Start
- Domain Evaluation 2
  Start
Security Assessment and Testing
20 Lessons
- 107. Introduction Security Assessment and Testing
  Start
- 108. Test Output
  Start
- 109. Vulnerability asessment - Part 1
  Start
- 110. Vulnerability asessment -Part 2
  Start
- 112. Nessus VA
  Start
- 113. Nessus VA- Part 2
  Start
- 114. Nessus VA Report
  Start
- 115. OWASP ZAP - VA
  Start
- 116. Nexpose VA
  Start
- 117. Penetration testing
  Start
- 118. Reconnaissance Demo -Maltego 2
  Start
- 119. Scanning Demo -Zenmap
  Start
- 120. Exploitation Demo -MetaSploit 2
  Start
- 121. Event Log Review 2
  Start
- 122. NIST 800-92
  Start
- 123. SIEM Solution
  Start
- 124. SIEM Solution Demo - Qradar
  Start
- 125. Code Review
  Start
- 126. Security KPI's
  Start
- Domain Evaluation 2
  Start
Security Operations
3 Lessons
- 127. Introduction to Security Operation 2
  Start
- 128. Security Operation 2
  Start
- Domain Evaluation 2
  Start
Software Development Security
9 Lessons
- 129. The System Life Cycle
  Start
- 130. Software development Methods
  Start
- 132. Change Control Process
  Start
- 133. Security Consideration
  Start
- 134. Software Control
  Start
- 135. Introduction to SQL Injection 2
  Start
- 136. What is SQL Injection
  Start
- Domain Evaluation 2
  Start
- Domain Evaluation 2
  Start

Overview

The Certified Information Systems Security Professional (CISSP) Certification Training course is the most globally recognized certification in the information security market. The CISSP Course validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

This CISSP preparation training course covers eight domains in newest version of the (ISC)² Common Body of Knowledge (CBK). Candidates must have a minimum of 5 years cumulative paid full-time work experience in 2 or more of the 8 domains of the CISSP CBK. Earning a 4-year college degree or regional equivalent or an additional credential from the (ISC)² approved list will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience. A candidate that doesn’t have the required experience to become a CISSP may become an Associate of (ISC)² by successfully passing the CISSP examination. The Associate of (ISC)² will then have 6 years to earn the 5 years required experience. CISSP was the first credential in the field of information security to meet the stringent requirements of ANSI/ ISO/IEC Standard 17024. In this course, each domain of knowledge is dissected into its critical components, and those components are then discussed in terms of their relationship with one another and with other areas of information security.

Successful candidates are competent in the following 8 domains.

WHO SHOULD ATTEND THIS COURSE?

Chief Information Security Officer (CISO)
Chief Security Officer (CSO)
Senior Security Engineer
Security Consultant
Security Manager
Security Auditor
Security Director
Security Architect
Network Architect
IT Director/Manager
Security Analyst
Security Systems Engineer

COURSE BENEFITS

Full CISSP® domains coverage
Pass your exam first time
Delivered by an industry professional
Free study guides, mock exams, exam simulator, and slides included
Expert support
Learn at your own pace

COURSE LEARNING OUTCOMES
SECURITY AND RISK MANAGEMENT
- Understand and apply concepts of confidentiality, integrity and availability
- Evaluate and apply security governance principles
- Determine compliance requirements
- Understand legal and regulatory issues that pertain to information security in a global context
- Understand, adhere to, and promote professional ethics
- Develop, document, and implement security policy, standards, procedures, and guidelines
- Identify, analyze, and prioritize Business Continuity (BC) requirements
- Contribute to and enforce personnel security policies and procedures
- Understand and apply risk management concepts
- Understand and apply threat modeling concepts and methodologies
- Apply risk-based management concepts to the supply chain
- Establish and maintain a security awareness, education, and training program
ASSET SECURITY

Identify and classify information and assets
Determine and maintain information and asset ownership
Protect privacy
Ensure appropriate asset retention
Determine data security controls
Establish information and asset handling requirements

SECURITY ARCHITECTURE AND ENGINEERING

Implement and manage engineering processes using secure design principles
Understand the fundamental concepts of security models
Select controls based upon systems security requirements
Understand security capabilities of information systems
Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
Assess and mitigate vulnerabilities in web-based systems
Assess and mitigate vulnerabilities in mobile systems
Assess and mitigate vulnerabilities in embedded devices
Apply cryptography

COMMUNICATION AND NETWORK SECURITY

Implement secure design principles in network architectures
Secure network components
Implement secure communication channels according to design

IDENTITY AND ACCESS MANAGEMENT (IAM)

Control physical and logical access to assets
Manage identification and authentication of people, devices, and services
Integrate identity as a third-party service
Implement and manage authorization mechanisms
Manage the identity and access provisioning lifecycle

SECURITY ASSESSMENT AND TESTING

Design and validate assessment, test, and audit strategies
Conduct security control testing
Collect security process data (e.g., technical and administrative)
Analyze test output and generate report
Conduct or facilitate security audits

SECURITY OPERATIONS

Understand and support investigations
Understand requirements for investigation types
Conduct logging and monitoring activities
Securely provisioning resources
Understand and apply foundational security operations concepts
Apply resource protection techniques
Conduct incident management
Operate and maintain detective and preventative measures
Implement and support patch and vulnerability management
Understand and participate in change management processes
Implement recovery strategies
Implement Disaster Recovery (DR) processes
Test Disaster Recovery Plans (DRP)
Participate in Business Continuity (BC) planning and exercises
Implement and manage physical security
Address personnel safety and security concerns

SOFTWARE DEVELOPMENT SECURITY

Understand and integrate security in the Software Development Life Cycle (SDLC)
Identify and apply security controls in development environments
Assess the effectiveness of software security
Define and apply secure coding guidelines and standards
Assess security impact of acquired software

Mohamed Atef

Cyber Security Consultant / Certified Instructor with more than 20 years of experience.