CISSP certification preparation course

Want to learn and gain a deep understanding of cybersecurity and transform yourself into a cybersecurity expert?

Contact Us

Business coaching for leaders

Course Overview

This course prepares you for the globally recognized Certified Information Systems Security Professional (CISSP) certification, providing a comprehensive deep-dive into the eight domains of the CISSP Common Body of Knowledge (CBK). Each domain represents a specific area of information security, contributing to an inclusive framework for understanding, developing, and managing a robust security posture for any organization.

Each module contains an evaluation of what was learned through quizzes and interactive quizzes, and a review of the answers. The course final evaluation is conducted through a mock test. Access to digital flashcards is provided.

Day 1 – Security and Risk Management

Key Learnings

  • Security Governance: Understanding how to align security functions with business objectives, defining roles and responsibilities, and establishing performance metrics.
  • Risk Management: Proficiency in applying risk management frameworks, methodologies, and assessment techniques.
  • Legal, Regulatory, and Ethical Considerations: Navigating the landscape of legal and regulatory requirements related to information security, along with adherence to professional ethics.
  • Security Policies and Procedures: Developing, implementing, and managing effective information security policies, procedures, and guidelines.
  • Business Continuity and Disaster Recovery: Development and management of business continuity and disaster recovery plans to ensure organizational

Day 2 – Asset Security

Key Learnings

  • Information and Asset Classification: Understanding the different types of assets and their classification based on their sensitivity and criticality.
  • Data Ownership and Responsibilities: Grasping the roles and responsibilities associated with data ownership, custodianship, and users, and how to maintain accountability.
  • Data Protection Methods: Learning about different protection methods for ensuring the confidentiality, integrity, and availability of data.
  • Data Retention, Storage, and Destruction: Knowledge about maintaining data security through its lifecycle, including proper storage, retention, and secure destruction methods.
  • Privacy Protection: Understanding and implementing mechanisms for protecting privacy, establishing baselines, and handling assets securely to ensure data privacy and compliance with regulations.

Day 3 – Security Architecture and engineering

Key Learnings

  • Security Models and Architecture: Understanding and applying the fundamental principles of security models and the design and architecture of secure information systems.
  • System and Application Security Design: Knowledge of system and application security design, including security architectures, systems evaluation, and the design of trustworthy systems.
  • Cryptography: Understanding the principles and use of cryptography, key management lifecycle, and implementation of cryptographic systems.
  • Physical Security: Knowledge of physical security elements such as facility design and protection mechanisms, their integration into comprehensive security architecture, and environmental controls.
  • Security Capabilities of Information Systems: Understanding the security capabilities of information systems including memory protection, virtualization, trusted platform module, and security of system interfaces.

Day 4 – Communications and Network Security

Key Learnings

  • Secure Network Architecture Design: Understanding the design and management of secure network architecture including IP networking, intranets, extranets, and remote access.
  • Secure Communications: Knowledge of secure communication channels, secure network components, and how to protect data in transit.
  • Network Attacks and Countermeasures: Understanding the various network attacks and the appropriate countermeasures to ensure network security.
  • Communication Protocols: Grasping the secure use of various communication protocols and understanding their role in secure communications.
  • Network Boundary Protection: Learning about the implementation of network perimeter defences, intrusion detection systems, intrusion prevention systems, and other methods of protecting network boundaries.

Day 5 – Identity and Access Management

Key Learnings

  • Access Control Systems and Methodology: Understanding different access control models and systems, and how to implement them effectively.
  • Identification and Authentication: Knowledge of various methods for identifying and authenticating users to ensure secure access.
  • Authorization Mechanisms: Understanding the principles of authorization and its role in controlling access to resources.
  • Identity and Account Management: Grasping the concepts of identity management, account management, and lifecycle of provisioning.
  • Session Management Practices: Understanding various session management practices, including session tracking, monitoring, and preventing session hijacking.

Day 6 – Security Assessment and Testing

Key Learnings

  • Security Control Testing: Understanding how to design and conduct regular testing of security controls to ensure they are operating as intended.
  • Audit Strategies: Learning about the development and implementation of comprehensive security audit strategies and how to manage audit trails.
  • Vulnerability Assessment and Penetration Testing: Proficiency in performing vulnerability assessments and penetration tests to identify and mitigate vulnerabilities in systems.
  • Test Results Interpretation and Remediation: Developing the skills to interpret test results, manage remediation efforts, and communicate findings to stakeholders.
  • Log Reviews and Incident Investigations: Understanding the process of performing log reviews and incident investigations to identify and respond to potential security breaches.

Day 7 – Security Operations

Key Learnings

  • Incident Response Management: Understanding how to develop, implement, and manage incident response strategies effectively.
  • Disaster Recovery and Business Continuity: Proficiency in planning for disaster recovery and business continuity to ensure organizational resilience.
  • Resource Protection: Understanding the requirements for physical security and the principles of protecting resources within an organization.
  • Investigations Support: Gaining skills in supporting investigations, with an understanding of key legal and ethical considerations.
  • Managing Controls: Understanding and managing various types of controls that contribute to operational security.

Day 8 – Software Development Security

Key Learnings

  • Security in Software Development Lifecycle: Understanding and applying security principles throughout the software development lifecycle.
  • Software Vulnerabilities and Controls: Identifying common software vulnerabilities and applying appropriate security controls in development environments.
  • Secure Coding Practices: Understanding secure coding practices and the role of software testing in enhancing security.
  • Security in Development Environments: Grasping the unique security considerations and challenges in various development environments, including traditional, cloud, and DevOps environments.
  • Software Security Lifecycle Methodologies: Learning about various software security lifecycle methodologies, their application, and effectiveness.

Check out our trainers' profiles, accreditations & testimonials.

AS SEEN ON

Contact Us Today

Feel free to contact us through phone or email. We are just a contact away to meet all your training needs and will provide you with a proposal within a day.

Reach us now

Phone: +65 9362 6498

Email: jeffreywi@exceledgeintl.com

Open chat
Hello 👋
How we can help you?