| Course includes: |
| |
10 CD-ROMs, 1 ISC2 eBook Study Guide & 1 Exam Simulator |
| |
| CISSP Exam: |
| |
The CISSP (Certified Information Systems Security Professionals) exam
is a six-hour, monitored paper-based exam covering 10 domains of information
system security knowledge, each representing a specific area of expertise.
The CISSP examination consists of 250 multiple choice questions, covering
topics such as Access Control Systems, Cryptography, and Security Management
Practices, and is administered by the International Information Systems
Security Certification Consortium or (ISC)². (ISC)² promotes the CISSP exam
as an aid to evaluating personnel performing information security functions.
Candidates for this exam are typically network security professionals and
system administrators with at least 4 years of direct work experience in
one or more of the 10 test domains. The QuickCert training course maps to
the exam objectives and offers numerous features such as exam tips, case
studies, and practice exams. |
| |
| Course Contents: |
| Session 1 |
| - |
Security Management Practices - Security management entails the identification
of an organization's information assets and the development, documentation,
and implementation of policies, standards, procedures, and guidelines. |
| - |
Management tools such as data classification and risk assessment/analysis
are used to identify threats, classify assets, and to rate system vulnerabilities
so that effective controls can be implemented. |
| Session 2 |
| - |
Security Architecture and Models - The Security Architecture and Models
domain contains the concepts, principles, structures, and standards used
to design, monitor, and secure operating systems, equipment, networks, applications
and those controls used to enforce various levels of availability, integrity,
and confidentiality. |
| Session 3 |
| - |
Access Control Systems and Methodology - Access controls are a collection
of mechanisms that work together to create a security architecture to protect
the assets of the information system. |
| Session 4 |
| - |
Application Development Security - This domain addresses the important
security concepts that apply to application software development. It outlines
the environment where software is designed and developed and explains the
critical role software plays in providing information system security. |
| Session 5 |
| - |
Operations Security - Operations Security is used to identify the controls
over hardware, media, and the operators and administrators with access privileges
to any of these resources. Audit and monitoring are the mechanisms, tools,
and facilities that permit the identification of security events and subsequent
actions to identify the key elements and report the pertinent information
to the appropriate individual, group, or process. |
| Session 6 |
| - |
Physical Security - The physical security domain provides protection techniques
for the entire facility, from the outside perimeter to the inside office
space, including all of the information system resources. |
| Session 7 |
| - |
Cryptography - The cryptography domain addresses the principles, means,
and methods of disguising information to ensure its integrity, confidentiality
and authenticity. |
| Session 8 |
| - |
Telecommunications, Network, and Internet Security - The telecommunications,
network, and Internet security domain discusses the:
- Network Structures
- Transmission methods
- Transport formats
- Security measures used to provide availability, integrity, and confidentiality
- Authentication for transmissions over private and public communications
networks and media. |
| Session 9 |
| - |
Business Continuity Planning - The Business Continuity Plan (BCP) domain
addresses the preservation and recovery of business operations in the event
of outages. |
| Session 10 |
| - |
Law, Investigations, and Ethics - The Law, Investigations, and Ethics
domain addresses:
- Computer crime laws and regulations
- The measures and technologies used to investigate computer crime incidents
|
