Course Duration:

5 days

Audience:

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites:

The CISSP® training program is targeted at professionals with at least 4-5 years of experience in the information security field or 3 years of experience and a college degree (or equivalent life experience).

This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career.

Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience.

It is also highly recommended that students complete the CompTIA Network+ CompTIA and Security+ certifications or possess equivalent professional experience upon beginning CISSP training. Students will also benefit from having one or more of the following security-related or technology-related certifications or equivalent industry experience: MCSE, MCTS, MCITP, SCNP, CCNP, RHCE, LCE, CNE, SSCP®, GIAC, CISA™, or CISM®.

Course Description:

This course caters to information security experts possessing extensive technical and managerial expertise, equipping them to proficiently strategize, construct, and oversee an organization’s security framework. It offers an exhaustive examination of information systems security principles and leading industry methodologies, encompassing the eight domains outlined in the CISSP Common Body of Knowledge (CBK).

The 8 domains included in the Common Body of Knowledge (CBK) are:

  • Domain 1:  Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)

  • Domain2:  Asset Security (Protecting Security of Assets)

  • Domain 3:  Security Architecture and  Engineering (Engineering and Management of Security)

  • Domain 4:  Communication and Network Security (Designing and Protecting Network Security)

  • Domain 5:  Identity and Access Management (Controlling Access and Managing Identity)

  • Domain 6:  Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

  • Domain 7:  Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

  • Domain 8:  Software Development Security (Understanding, Applying, and Enforcing Software Security)

Course Outline:

1 – Security and Risk Management

  • Security Governance Principles
  • Compliance
  • Professional Ethics
  • Security Documentation
  • Risk Management
  • Threat Modeling
  • Business Continuity Plan Fundamentals
  • Acquisition Strategy and Practice
  • Personnel Security Policies
  • Security Awareness and Training

2 – Asset Security

  • Asset Classification
  • Privacy Protection
  • Asset Retention
  • Data Security Controls
  • Secure Data Handling

3 – Security Engineering

  • Security in the Engineering Lifecycle
  • System Component Security
  • Security Models
  • Controls and Countermeasures in Enterprise Security
  • Information System Security Capabilities
  • Design and Architecture Vulnerability Mitigation
  • Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
  • Cryptography Concepts
  • Cryptography Techniques
  • Site and Facility Design for Physical Security
  • Physical Security Implementation in Sites and Facilities

4 – Information Security Management Goals

  • Organizational Security
  • The Application of Security Concepts

5 – Information Security Classification and Program Development

  • Information Classification
  • Security Program Development

6 – Risk Management and Ethics

  • Risk Management
  • Ethics

7 – Software Development Security

  • Software Configuration Management
  • Software Controls
  • Database System Security

8 – Cryptography

  • Ciphers and Cryptography
  • Symmetric-Key Cryptography
  • Asymmetric-Key Cryptography
  • Hashing and Message Digests
  • Email, Internet, and Wireless Security
  • Cryptographic Weaknesses

9 – Physical Security

  • Physical Access Control
  • Physical Access Monitoring
  • Physical Security Methods
  • Facilities Security

Special Note About This Course/Certification:

When it comes to CISSP certification we highly, highly, HIGHLY recommend that potential candidates study up on the domains in the CISSP before going to training. We cannot stress this enough.  The CISSP exam is no joke.

This is NOT the type of class that you can go into without much knowledge on the domains and expect to be successful at the end. Wesay that because occasionally we get folks that think that is the way to attack the CISSP. It is not. We recommend using the class as a knowledge gap filler.  You NEED to study before training and then study even more after the training if you want to be successful.  We recommend several months of study prior to taking the class.

Below are some resources that we feel are helpful in your studies.

IT Dojo CISSP Questions of the Day Videos 

https://www.youtube.com/channel/UCwUkAunxT1BNbmKVOSEoqYA 

Pete Ziegler’s CISSP Exam Cram

https://www.youtube.com/watch?v=_nyZhYnCNLA&list=PL7XJSuT7Dq_XPK_qmYMqfiBjbtHJRWigD

Prabh’s Coffee Shots

https://www.youtube.com/playlist?list=PL0hT6hgexlYx6ofKAChVOeQCi4AkV8YXL

CISSP Study Agenda and Resources

https://www.reddit.com/r/cissp/comments/953oln/cissp_study_agenda_and_resources_16weeks/

GIT HUB CISSP STUDY GUIDE

https://github.com/so87/CISSP-Study-Guide?fbclid=IwAR2qBPpVgNEWXca4TNa132sy3F_lLffGW2w2RJtLofi2pvMpFdzdKUTzjoc

CISSP Source Documents

https://www.reddit.com/r/cissp/comments/9bn74h/cissp_source_documents_uscentric_resources/

https://www.reddit.com/r/cissp/comments/9bn8pq/cissp_source_documents_us_privacy_laws/

https://www.reddit.com/r/cissp/comments/9bn7n8/cissp_source_documents_us_laws/

Study Notes and Theory 

This is a great website that has a lot of useful resources. He has both a free and paid version.  Highly recommend the paid version. https://www.studynotesandtheory.com

Also look at his Facebook page here.  https://www.facebook.com/groups/1525346961013038  This Facebook group is amazing.  Lots of support and it is very active.

Boson Test Engine

https://www.boson.com/certification/cissp#practiceTab

Sunflower Notes

https://www.sunflower-cissp.com/downloads/sunflower_cissp_layout.pdf

The Memory Palace

https://dc6afa65-28c1-415a-99fb-01db265cc419.usrfiles.com/ugd/dc6afa_ee5a52c700454d97a532d3e74b273b1d.pdf

SYBEX Library

https://amzn.to/3gimNFf

CISSP All-In-One Study Guide 9th Ed. 

https://amzn.to/3hM0tnP

CISSP Study Guide 3rd Edition 

http://amzn.to/2qsBgDw

Eleventh Hour CISSP 3rd Ed. Study Guide 

http://amzn.to/2pT3Dcc

How to Think Like a Manager for the CISSP Exam

https://amzn.to/2WjQoDI

What Clients Have to Say

“Just sharing some good news – I passed the CISSP exam! Thanks for getting me prepared. When my team mates are ready, or my friends are looking for training, I’ll make sure to point them in your direction.”
-Jesse W.
If you would like more information about ITdojo’s CISSP course, please let us know!  We would love to work with you and your team!