Certified Information Systems Security Professional (CISSP) 2024

Hours: 80 / Access Length: 12 Months / Delivery: Online, Self-Paced
Retail Price: $1,990.00

Course Overview:

This course uses the latest (ISC)2 CISSP Certified Information Systems Security Professional best practices to turn you into a cybersecurity expert. We’ll break down the eight areas of information security, including securing networks, preventing hacking, and protecting data privacy, using clear explanations, real-world examples, and hands-on labs.

Students will:

• Learn security management, risk assessment, compliance, and governance to protect critical assets.
• Secure networks, prevent cyberattacks, and implement firewalls, VPNs, and IDS/IPS.
• Manage user access with multi-factor authentication, RBAC, and SSO.
• Perform security operations to detect, analyze, and respond to cybersecurity threats in real-time.
• Protect sensitive data with encryption, hashing, and cryptographic key management.
• Identify vulnerabilities, conduct penetration testing, and ensure compliance with security assessment and testing.
• Ensure software development security and implement secure coding practices to protect applications from cyber threats.

Course Outline:

Lesson 1: Introduction

• Overview of the CISSP Exam
• The Elements of This Study Guide
• Study Guide Exam Objectives
• Objective Map

Lesson 2: Security Governance Through Principles and Policies

• Security 101
• Understand and Apply Security Concepts
• Security Boundaries
• Evaluate and Apply Security Governance Principles
• Manage the Security Function
• Security Policy, Standards, Procedures, and Guidelines
• Threat Modeling
• Supply Chain Risk Management
• Summary
• Study Essentials
• Written Lab

Lesson 3: Personnel Security and Risk Management Concepts

• Personnel Security Policies and Procedures
• Understand and Apply Risk Management Concepts
• Social Engineering
• Establish and Maintain a Security Awareness, Education, and Training Program
• Summary
• Study Essentials
• Written Lab

Lesson 4: Business Continuity Planning

• Planning for Business Continuity
• Project Scope and Planning
• Business Impact Analysis
• Continuity Planning
• Plan Approval and Implementation
• Summary
• Study Essentials
• Written Lab

Lesson 5: Laws, Regulations, and Compliance

• Categories of Laws
• Laws
• State Privacy Laws
• Compliance
• Contracting and Procurement
• Summary
• Study Essentials
• Written Lab

Lesson 6: Protecting the Security of Assets

• Identifying and Classifying Information and Assets
• Establishing Information and Asset Handling Requirements
• Data Protection Methods
• Understanding Data Roles
• Using Security Baselines
• Summary
• Study Essentials
• Written Lab

Lesson 7: Cryptography and Symmetric Key Algorithms

• Cryptographic Foundations
• Modern Cryptography
• Symmetric Cryptography
• Cryptographic Life Cycle
• Summary
• Study Essentials
• Written Lab

Lesson 8: PKI and Cryptographic Applications

• Asymmetric Cryptography
• Hash Functions
• Digital Signatures
• Public Key Infrastructure
• Asymmetric Key Management
• Hybrid Cryptography
• Applied Cryptography
• Cryptographic Attacks
• Summary
• Study Essentials
• Written Lab

Lesson 9: Principles of Security Models, Design, and Capabilities

• Secure Design Principles
• Techniques for Ensuring CIA
• Understand the Fundamental Concepts of Security Models
• Select Controls Based on Systems Security Requirements
• Understand Security Capabilities of Information Systems
• Summary
• Study Essentials
• Written Lab

Lesson 10: Security Vulnerabilities, Threats, and Countermeasures

• Shared Responsibility
• Data Localization and Data Sovereignty
• Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution
• Elements
• Client-Based Systems
• Server-Based Systems
• Industrial Control Systems
• Distributed Systems
• High-Performance Computing (HPC) Systems
• Real-Time Operating Systems
• Internet of Things
• Edge and Fog Computing
• Embedded Devices and Cyber-Physical Systems
• Microservices
• Infrastructure as Code
• Immutable Architecture
• Virtualized Systems
• Containerization
• Mobile Devices
• Essential Security Protection Mechanisms
• Common Security Architecture Flaws and Issues
• Summary
• Study Essentials
• Written Lab

Lesson 11: Physical Security Requirements

• Apply Security Principles to Site and Facility Design
• Implement Site and Facility Security Controls
• Implement and Manage Physical Security
• Summary
• Study Essentials
• Written Lab

Lesson 12: Secure Network Architecture and Components

• OSI Model
• TCP/IP Model
• Analyzing Network Traffic
• Common Application Layer Protocols
• Transport Layer Protocols
• Domain Name System
• Internet Protocol (IP) Networking
• ARP Concerns
• Secure Communication Protocols
• Implications of Multilayer Protocols
• Segmentation
• Edge Networks
• Wireless Networks
• Satellite Communications
• Cellular Networks
• Content Distribution Networks (CDNs)
• Secure Network Components
• Summary
• Study Essentials
• Written Lab

Lesson 13: Secure Communications and Network Attacks

• Protocol Security Mechanisms
• Secure Voice Communications
• Remote Access Security Management
• Multimedia Collaboration
• Monitoring and Management
• Load Balancing
• Manage Email Security
• Virtual Private Network
• Switching and Virtual LANs
• Network Address Translation
• Third-Party Connectivity
• Switching Technologies
• WAN Technologies
• Fiber-Optic Links
• Prevent or Mitigate Network Attacks
• Summary
• Study Essentials
• Written Lab

Lesson 14: Managing Identity and Authentication

• Controlling Access to Assets
• The AAA Model
• Implementing Identity Management
• Managing the Identity and Access Provisioning Life Cycle
• Summary
• Study Essentials
• Written Lab

Lesson 15: Controlling and Monitoring Access

• Comparing Access Control Models
• Implementing Authentication Systems
• Zero-Trust Access Policy Enforcement
• Understanding Access Control Attacks
• Summary
• Study Essentials
• Written Lab

Lesson 16: Security Assessment and Testing

• Building a Security Assessment and Testing Program
• Performing Vulnerability Assessments
• Testing Your Software
• Training and Exercises
• Implementing Security Management Processes and Collecting Security Process Data
• Summary
• Exam Essentials
• Written Lab

Lesson 17: Managing Security Operations

• Apply Foundational Security Operations Concepts
• Address Personnel Safety and Security
• Provision Information and Assets Securely
• Apply Resource Protection
• Managed Services in the Cloud
• Perform Configuration Management (CM)
• Manage Change
• Manage Patches and Reduce Vulnerabilities
• Summary
• Study Essentials
• Written Lab

Lesson 18: Preventing and Responding to Incidents

• Conducting Incident Management
• Implementing Detection and Preventive Measures
• Logging and Monitoring
• Automating Incident Response
• Summary
• Study Essentials
• Written Lab

Lesson 19: Disaster Recovery Planning

• The Nature of Disaster
• Understand System Resilience, High Availability, and Fault Tolerance
• Recovery Strategy
• Recovery Plan Development
• Training, Awareness, and Documentation
• Testing and Maintenance
• Summary
• Study Essentials
• Written Lab

Lesson 20: Investigations and Ethics

• Investigations
• Major Categories of Computer Crime
• Ethics
• Summary
• Study Essentials
• Written Lab

Lesson 21: Software Development Security

• Introducing Systems Development Controls
• Establishing Databases and Data Warehousing
• Storage Threats
• Understanding Knowledge-Based Systems
• Summary
• Study Essentials
• Written Lab

Lesson 22: Malicious Code and Application Attacks

• Malware
• Malware Prevention
• Application Attacks
• Injection Vulnerabilities
• Exploiting Authorization Vulnerabilities
• Exploiting Web Application Vulnerabilities
• Application Security Controls
• Secure Coding Practices
• Summary
• Study Essentials
• Written Lab

All necessary course materials are included.

Certification(s):

This course prepares a student to take the Certified Information Systems Security Professional (CISSP) national certification exam.

Certification Exam Eligibility Requirements:

Candidates must have a minimum of five years cumulative, full-time experience in two or more of the eight domains of the current CISSP Exam Outline. Earning a post-secondary degree (bachelors or masters) in computer science, information technology (IT) or related fields may satisfy up to one year of the required experience or an additional credential from the ISC2 approved list may satisfy up to one year of the required experience. Part-time work and internships may also count towards the experience requirement.   Visit the ISC2 Exam Eligibility Requirements page for more information.

System Requirements:

Internet Connectivity Requirements:

• Cable, Fiber, DSL, or LEO Satellite (i.e. Starlink) internet with speeds of at least 10mb/sec download and 5mb/sec upload are recommended for the best experience.

NOTE: While cellular hotspots may allow access to our courses, users may experience connectivity issues by trying to access our learning management system.  This is due to the potential high download and upload latency of cellular connections.   Therefore, it is not recommended that students use a cellular hotspot as their primary way of accessing their courses.

Hardware Requirements:

• CPU: 1 GHz or higher
• RAM: 4 GB or higher
• Resolution: 1280 x 720 or higher.  1920x1080 resolution is recommended for the best experience.
• Speakers / Headphones
• Microphone for Webinar or Live Online sessions.

Operating System Requirements:

• Windows 7 or higher.
• Mac OSX 10 or higher.
• Latest Chrome OS
• Latest Linux Distributions
  

NOTE: While we understand that our courses can be viewed on Android and iPhone devices, we do not recommend the use of these devices for our courses. The size of these devices do not provide a good learning environment for students taking online or live online based courses.

Web Browser Requirements:

• Latest Google Chrome is recommended for the best experience.
• Latest Mozilla FireFox
• Latest Microsoft Edge
• Latest Apple Safari

Basic Software Requirements (These are recommendations of software to use):

• Office suite software (Microsoft Office, OpenOffice, or LibreOffice)
• PDF reader program (Adobe Reader, FoxIt)
• Courses may require other software that is described in the above course outline.