CISSP Boot Camp
The CISSP® Boot Camp Course prepares technology and security professionals for the Certified Information Systems Security Professional (CISSP®) exam which covers the objectives as defined in the (ISC)2 Common Body of Knowledge and is based on the new requirements that go into effect starting in Jan 2012. CISSP® candidates are expected to have a broad range of skills across security management, as well as a technical understanding of a wide range of security controls. In this five-day intensive course, students will review, in detail, the ten core domains with a focus on preparing for the exam and gaining real world knowledge that can be used in the workplace. Throughout the course there is an emphasis placed on sample exam questions as well as tips and pointers for taking the exam – all designed to help you successfully pass the exam.
Location: For details about the location of training and for a link to make hotel reservations under the group discount, please refer to a scheduled course link shown below.
Course Style: 5 days - Instructor-led classroom. This is an intensive, five-day course that earns 40 CPEs based on the standard 50-minute hour calculation used by many professional organizations.
Audience: This course is designed for managers, engineers, auditors and/or security professionals that are preparing to take the (ISC)2 CISSP® exam or practitioners that just want a better understanding of security.
Prerequisites: There are no prerequisites for this course, although having experience in at least 3 of the 10 domains of the Common Body of Knowledge is extremely useful.
Course Content: The following topics reflect the requirements of the ten domains of the Common Body of Knowledge and will be covered in detail during the course:
- Domain 1 – Access Control – This domain reviews concepts and methodologies involved in granting and restricting access to resources including: Access Control Categories and Types, Access Control Threats, Access to Systems, Access to Data, Intrusion Detection and Prevention Systems, and Access Control Assurance.
- Domain 2 – Telecommunications and Network Security – This domain reviews the concepts of network security and designs for building security into data and voice communication infrastructures including a focus on the seven layers of the OSI model.
- Domain 3 - Information Security Governance and Risk Management – This domain addresses tools and techniques for risk management, and information security policies, procedures, guidelines and standards including: The Business Case for Information Security Management, Core Information Security Principles, Information Security Governance, Security Awareness, Risk Management, Ethics, Data Classification & Handling.
- Domain 4 – Software Development Security – This domain focuses on software development concepts and lifecycles including: Development and Programming Concepts, Audit and Assurance Mechanisms, Malicious Software (Malware), The Database and Data Warehousing Environment, and Web Application Environment.
- Domain 5 – Cryptography – This domain reviews concepts and methods for encrypting data to ensure authenticity, integrity, confidentiality and non repudiation. Topics include: Key Concepts and Definitions, Encryption Systems, Message Integrity Controls, Digital Signatures, Encryption Management, Cryptanalysis and Attacks, and Encryption Usage.
- Domain 6 – Security Architecture and Design – This domain reviews the concepts, principles, structures and standards of security architecture and computing systems including: Architecture and Design Components and Principles, Models and Architecture Theory, Product Evaluation Methods and Criteria.
- Domain 7 – Operations Security – This domain reviews concepts for management of hardware, media and operators of these resources including: Privileged Entity Controls, Resource Protection, Continuity of Operations, Change Control Management
- Domain 8 – Business Continuity and Disaster Recover Planning – This domain addresses principles for responding and recovering from disasters including: Industry and Professional Standards, Organization Continuity, Threat Assessment, Risk Assessment, Business Impact Analysis, Plan Development and Implementation.
- Domain 9 – Legal, Regulations, Compliance and Investigations – This domain addresses laws, regulations and legal systems surrounding information security including: Major Legal Systems, Information Technology Laws and Regulations, Incident Response, and Computer Forensics.
- Domain 10 – Physical Security – This domain addresses the threats, vulnerabilities and countermeasures involved to physically protect an organization’s resources including: Site Location, The Layered Defense Model, Information Protection and Management Services.
Materials Provided: The following materials are included as part of the course price:
- Hard copy of slide-deck with notes
- Copy of the Official (ISC)² Guide to the CISSP® CBK® shipped once registration & payment have been confirmed to allow for pre-study before the course.
What's Included: The following items are included as part of the course price:
- Course Materials noted above
- Free Day Parking at the facility (no overnight parking)
- Morning and Afternoon Snack Station
- Beverages Throughout the Day
- Full Buffet-style Lunch, freshly prepared with a variety of hot and cold dishes