Certified Information System Security Professional (CISSP) - Training Courses | Afi U.

New

Certified Information System Security Professional (CISSP)

Private session

This training is available in a private or personalized format. It can be provided in one of our training centres or at your offices. Call one of our consultants of submit a request online.

Call now at 1 877 624.2344

  • Duration: 5 days
  • Regular price: On request

Course outline

Duration : 5 days

© AFI Expertise inc.

By participating in this intensive five-day knowledge-focused training, you will be prepared by an expert to design, implement, and manage information security programs. This training is designed to help you prepare for the CISSP exam.

Audience

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communications and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security

Prerequisites

  • Minimum of five years of experience working in IT Infrastructures and Cybersecurity

Objectives

By participating in this intensive 5-day knowledge-focused training, you will be prepared for the CISSP exam by a security expert.

Contents

Module 1: Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)

  • Understand and Apply Concepts of Confidentiality, Integrity, and Availability
  • Apply Security Governance Principles
  • Compliance
  • Understand Legal and Regulatory Issues that Pertain to Information Security in a Global Context
  • Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines
  • Understand Business Continuity Requirements
  • Contribute to Personnel Security Policies
  • Understand and Apply Risk Management Concepts
  • Understand and Apply Threat Modeling
  • Integrate Security Risk Considerations into Acquisitions Strategy and Practice
  • Establish and Manage Security Education, Training, and Awareness

Module 2: Asset Security (Protecting Security of Assets)

  • Classify Information and Supporting Assets
  • Determine and Maintain Ownership
  • Protect Privacy
  • Ensure Appropriate Retention
  • Determine Data Security Controls
  • Establish Handling Requirements

Module 3: Security Engineering (Engineering and Management of Security)

  • Implement and Manage an Engineering Life Cycle Using Security Design Principles
  • Understand Fundamental Concepts of Security Models
  • Select Controls and Countermeasures Based Upon Information Systems Security Standards
  • Understand the Security Capabilities of Information Systems
  • Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
  • Assess and Mitigate Vulnerabilities in Web-based Systems
  • Assess and Mitigate Vulnerabilities in Mobile Systems
  • Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
  • Apply Cryptography
  • Apply Secure Principles to Site and Facility Design
  • Design and Implement Facility Security

Module 4: Communications and Network Security (Designing and Protecting Network Security)

  • Apply Secure Design Principles to Network Architecture
  • Securing Network Components
  • Design and Establish Secure Communication Channels
  • Prevent or Mitigate Network Attacks

Module 5: Identity and Access Management (Controlling Access and Managing Identity)

  • Control Physical and Logical Access to Assets
  • Manage Identification and Authentication of People and Devices
  • Integrate Identity as a Service (IDaaS)
  • Integrate Third-Party Identity Services
  • Implement and Manage Authorization Mechanisms
  • Prevent or Mitigate Access Control Attacks
  • Manage the Identity and Access Provisioning Life Cycle

Module 6: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

  • Design and Validate Assessment and Test Strategies
  • Conduct Security Control Testing
  • Collect Security Process Data
  • Conduct or Facilitate Internal and Third-Party Audits

Module 7: Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

  • Understand and Support Investigations
  • Understand Requirements for Investigation Types
  • Conduct Logging and Monitoring Activities
  • Secure the Provisioning of Resources through Configuration Management
  • Understand and Apply Foundational Security Operations Concepts
  • Employ Resource Protection Techniques
  • Conduct Incident Response
  • Operate and Maintain Preventative Measures
  • Implement and Support Patch and Vulnerability Management
  • Participate in and Understand Change Management Processes
  • Implement Recovery Strategies
  • Implement Disaster Recovery Processes
  • Test Disaster Recovery Plan
  • Participate in Business Continuity Planning
  • Implement and Manage Physical Security
  • Participate in Personnel Safety

Module 8: Software Development Security (Understanding, Applying, and Enforcing Software Security)

  • Understand and Apply Security in the Software Development Life Cycle
  • Enforce Security Controls in the Development Environment
  • Assess the Effectiveness of Software Security
  • Assess Software Acquisition Security

Surround yourself with the best

Ralph Pierre Pelry
Trainer