LEADS Corporation Limited
HOME > LTCL > Training > Certified Information Systems Security Professional (CISSP)

Certified Information Systems Security Professional (CISSP)

This training is jointly organized by BITM & LEADS Training & Consulting Ltd.

Training will be held in LEADS Training & Consulting Ltd

Course Outline:

Domain 1 — Security & Risk Management

Security & Risk Management
Confidentiality, Integrity, and Availability
Security Governance
The Complete and Effective Security Program
Compliance
Global Legal and Regulatory Issues
Understand Professional Ethics
Develop and Implement Security Policy
Business Continuity (BC) & Disaster Recovery (DR) Requirements
Manage Personnel Security
Risk Management Concepts
Threat Modeling
Acquisitions Strategy and Practice
Security Education, Training, and Awareness

Domain 2 — Asset Security

Asset Security
Data Management: Determine and Maintain Ownership
Data Standards
Longevity and Use
Classify Information and Supporting Assets
Asset Management
Protect Privacy
Ensure Appropriate Retention
Determine Data Security Controls
Standards Selection

Domain 3 — Security Engineering

Security Engineering
The Engineering Lifecycle Using Security Design Principles
Fundamental Concepts of Security Models
Information Systems Security Evaluation Models
Security Capabilities of Information Systems
Vulnerabilities of Security Architectures
Database Security
Software and System Vulnerabilities and Threats
Vulnerabilities in Mobile Systems
Vulnerabilities in Embedded Devices and Cyber-Physical Systems
The Application and Use of Cryptography
Site and Facility Design Considerations
Site Planning
Implementation and Operation of Facilities Security

Domain 4 — Communications & Network Security

Communications & Network Security
Secure Network Architecture and Design
Implications of Multi-Layer Protocols
Converged Protocols
Securing Network Components
Secure Communication Channels
Network Attacks

Domain 5 — Identity & Access Management

Identity & Access Management
Physical and Logical Access to Assets
Identification and Authentication of People and Devices
Identity Management Implementation
Identity as a Service (IDaaS)
Integrate Third-Party Identity Services
Implement and Manage Authorization Mechanisms
Prevent or Mitigate Access Control Attacks
Identity and Access Provisioning Lifecycle

Domain 6 — Security Assessment & Testing

Security Assessment & Testing
Assessment and Test Strategies
Collect Security Process Data
Internal and Third-Party Audits

Domain 7 — Security Operations

Security Operations
Investigations
Provisioning of Resources through Configuration Management
Resource Protection
Incident Response
Preventative Measures against Attacks
Patch and Vulnerability Management
Change and Configuration Management
The Disaster Recovery Process
Test Plan Review
Business Continuity and Other Risk Areas
Access Control
Personnel Safety

Domain 8 — Security in the Software Development Life Cycle

Security in the Software Development Life Cycle
Software Development Security Outline
Environment and Security Controls
Security of the Software Environment
Software Protection Mechanisms
Assess the Effectiveness of Software Security
Assess Software Acquisition Security



Start Course
Teacher: