CISSP: Certified Information Systems Security Professional
Introduction/Audience
This 5-day security class is ideal for Managers, CIO’s, and IT Professionals
that need a general, non-vendor specific overview of security practices. It
will assist in establishing the foundation for implementing a security plan
at your company and spending your budget in areas that will most benefit your
enterprise. The class can also be used as a test-prep for the prestigious
CISSP certification test.
The CISSP certification meets the DoD Directive 8570.1 requirements for Technical Level III, Management Level II & III, IASAE Level I, & II.
The class will consist of approximately 70% lecture and 30% labs.
Prerequisites
A+, Networking+, Security+
About the CISSP Exam and Certification
Welcome to the world of the Certified Information Systems Security Professional (CISSP)! At its heart, the information security standards developed by the International Information Systems Security Certification Consortium (or ISC2) are relied on by organizations across the globe. The most fundamental method of demonstrating your own understanding of information security standards is by achieving the CISSP certification.
Since the early 2000s, the CISSP certification has grown to become one of the most sought after and internationally recognized IT credentials available; consistently ranking in the top 5 industry certifications across career certification surveys.
CISSP exam eligibility requirements:
- Work Experience: A minimum of five years security work experience in two or more CISSP domains. (four years with applicable degree or certification)
- Accept the CISSP Code of Ethics and attest to the truth of your professional experience
- Answer four questions regarding criminal history and related background
- Have your qualifications endorsed by another (ISC)² certified professional
CISSP Exam Format
The CISSP exam is designed to objectively assess and measure Information Security knowledge. Concepts covered in the CISSP exam are directly derived from the CISSP Common Body of Knowledge (CBK). The CISSP program is the first IT certification to be an ANSI ISO/IEC Standard 17024:2003 accreditation. A summary of the exam structure and passing requirements are as follows:
- There are 250 total multiple choice questions which make up the CISSP exam, covering all ten CBK Domains
- Individuals have 6 hours to complete the exam
- The passing grade required is a scale score of 700 out of a possible 1000 points
The ten domains from the CISSP CBK, covered by the CISSP exam, are listed below.
- Information Security and Risk Management
- Access Control
- Security Architecture and Design
- Telecommunications and Network Security
- Business Continuity and Disaster Recovery Planning
- Application Security
- Cryptography
- Legal, Regulations, Compliance and Investigations
- Physical (Environmental) Security
- Operations Security
Course Outline
- Introduction to the Management of Information Security
- Management Practices
- Access Control
- Security Models and Architecture
- Physical Security
- Telecommunications and Networking Security
- Cryptography
- Disaster Recovery and Business Continuity
- Law, Investigation, and Ethics
- Applications and Systems Development
- Operations Security
- Planning
- Planning for Security
- Planning for Contingencies
- Policy and Programs
- Information Security Policy
- Developing the Security Program
- Security Management Models and Practices
- Protection
- Risk Management: Identifying and Assessing Risk
- Risk Management: Controlling Risk
- Protection Mechanisms
- People and Projects
- Personnel and Security
- Law and Ethics
- Information Security Project Management
