This course provides a comprehensive discussion of the ten core subject areas fundamental to the understanding of security for CIOs, managers, and engineers. This course covers the ten domains that are required knowledge for the CISSPĀ® certification exam.
Domain 1
|
Information Security Management Practices
Security Controls
Risk Management
Safeguard Selection
Types of Policies
Procedures
Baseline
Guidelines
DOD Rainbow Series
TCSEC
GASSP
ITSEC
BS7799 / ISO 17799
Data Classification
Roles and Responsibilities
|
Domain 2
|
Access Control Systems and Methodology
Identification and Authentication
Biometrics
One Time Passwords
Single Sign On (SSO)
Kerberos
Authorization and Accountability
Types of Security Controls
Access Control Models
Layers of Security Controls
Centralized Access Control Methodologies
|
Domain 3
|
Law, Investigation & Ethics
Laws & Regulations
Types of Law
History of Computer Law in the US
US Laws That Exist
International Law
Liability
Incident Handling
CIRT
Types of Attacks
Investigation
Types of Evidence
Ethics
|
Domain 4
|
Physical Security
Security Controls
Site Selection
Site Design
Perimeter Security
Physical Controls
Personnel Access Control
Environmental Controls
Facilities Management
|
Domain 5
|
Business Continuity & Disaster Recovery Planning
Business Continuity Planning
Business Impact Assessment
Disaster Recovery Plan
Disaster Recovery Plan
External Consideration
|
Domain 6
|
Security Architecture & Models
Architecture
Ram vs Sequential Memory
Configuration
Confidentiality
Integrity
Security Concepts
Design Objectives
Design Issues
Lattice vs Non-Lattice
Integrity Models
Evaluation Criteria
Common Criteria
DITSCAP and NIACAP
Host Based Security
Client-Server Security
|
Domain 7
|
Cryptography
Uses
Limitations
Protocols & Standards
Basics of Cryptography
Basic Technologies
Encryption Systems
Digital Signatures
E-mail Security
Internet Security Using Encryption
Internet Security Using Encryption
Key Management - Activities
Public Key Infrastructure (PKI)
Cryptanalytic Techniques
Cryptographic Attacks
Export Issues
|
Domain 8
|
Telecommunications & Network Security
Telecommunications Security Management
Identification and Authentication
Network Protocols
Data Communications
Telecommunication Security Issues
Network Availability
Internet and Web Security
Well Known Attack Methods
Multimedia (Data/Voice/Video/Audio/ Facsimile) Security
Incident Response Management
|
Domain 9
|
Applications & Systems Development Security
Security Goals & Threats
System Life Cycle
Change Control
Application Development Principles
Application Development Security
Application Development Concerns
Application Threats
Application Development Controls
Application Access Controls
Application Preventative and Detective Controls
Database Security
Database Models
Database Definitions
Database Concerns
Database Security
Databases
Artificial Intelligence
|
Domain 10
|
Operations Security
Operational Security Issues
Administrative Responsibility
Resource Protection
Privileged Entity Controls
Operations Security Controls
Control By Instruction/Training
Trusted Facility Management
Threats and Vulnerabilities
Monitoring and Auditing
Violation Analysis
Operations Management
Ensure availability of critical systems
Maintain continuity of operations
Change Control
Media Control
|
Enrollment in this course is limited. If you would like more information regarding this course or would like to enroll, please contact us today.
