CISSP - Exam Preparation Boot Camp

This 5-day boot camp provides, detailed instruction & thousands of exam preparation questions. The CISSP credential demonstrates competence in the 10 domains of the International Information Systems Security Certification Consortium (ISC)� CISSP® CBK

Course Outline

This 5-day intensive boot camp provides, detailed instruction and thousands of exam preparation questions.

The Certified Information Systems Security Professional (CISSP®) certification provides information security professionals with not only an objective measure of competence but also a globally recognized standard of achievement. This designation is the first credential accredited by ANSI to ISO Standard 17024:2003 in the field of information security.

The CISSP credential demonstrates competence in the 10 domains of the International Information Systems Security Certification Consortium (ISC)² CISSP® CBK®.

10 CISSP® CBK® Domains
   1. Access Control
   2. Application Security
   3. Business Continuity and Disaster Recovery Planning
   4. Cryptography
   5. Information Security and Risk Management
   6. Legal, Regulations, Compliance and Investigations
   7. Operations Security
   8. Physical (Environmental) Security
   9. Security Architecture and Design
  10. Telecommunications and Network Security

Audience Professionals seeking comprehensive knowledge of security and possibly CISSP certification

Course Outline DOMAIN 1: Access Control
Access Control
- Introduction to Access Control
- Definitions and Key Concepts
- Information Classification and Access Control
- Information Protection Requirements
- Information Protection Environment
- Security Technology and Tools
    * Centralized Access Control Methodologies
    * Decentralized/Distributed Access Control Methodologies
    * Access to Data
- Access Control Categories and Types
- Access Control Threats
- Access Control Technologies
- Assurance Mechanisms
- Assurance, Trust, and Confidence Mechanisms
- Intrusion Detection
- Information Protection and Management Services
- CBK
    * Components
    * Examples

DOMAIN 2: Application Security
Application Security
- Introduction to Application Security
- Information Protection Requirements
    * The C-I-A Triad
- Information Protection Environment
    * Open Source Code and Closed Source Code
    * Software Environment
    * The Database and Data Warehousing Environment
    * DBMS Architecture
    * Databases and Data Warehouses
    * Database Interface Languages
    * Security Assertion Markup Language (SAML)
    * Data Warehousing
    * Database Vulnerabilities and Threats
- Security Technology and Tools
    * System Life Cycle and Systems Development
    * System (Software) Development Methods
    * Including Security in a Systems Development Method
    * Programming Language and Security
    * Software Protection Mechanisms
    * DBMS Controls
- Assurance, Trust, and Confidence Mechanisms
    * Information Integrity
    * Information Accuracy
    * Information Auditing
    * Evaluation/Certification and Accreditation
- Applications Systems Threats and Vulnerabilities
- Applications Security Controls
- Information Protection and Management Services
    * Configuration Management
    * Summary
- CBK
    * Components
    * Examples

DOMAIN 3: Business Continuity Planning and Disaster Recovery Planning
Business Continuity and Disaster Recovery Planning
- Introduction to Business Continuity and Disaster Recovery Planning
- Defining a Disaster
- Information Protection Requirements
- Information Protection Environment
- Project Scope Development and Planning
- Business Impact Analysis
- Emergency Assessment
- Continuity and Recovery Strategy
- Plan Design and Development
- Implementation
- Restoration
- Plan Management
- Security Technology and Tools
    * Phase I: Project Management and Initiation
    * Phase II: Business Impact Analysis (BIA)
    * Phase III: Recovery Strategies
    * Phase IV: Plan Development and Implementation
    * Phase V: Testing, Maintenance, Awareness, and Training
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
    * Summary
- CBK
    * Components
    * Examples

DOMAIN 4: Cryptography
Cryptography
- Introduction to Cryptography
- Key Concepts and Definitions
- History
- Information Protection Requirements
    * The C-I-A Triad
- Information Protection Environment
    * Introduction
    * Definitions
    * Cryptanalysis and Attacks
    * Import/Export Issues
- Security Technology and Tools
    * Basic Concepts of Cryptography
    * Encryption Systems
    * Symmetric Key Cryptography Algorithms
    * Asymmetric Key Cryptography Algorithms
    * Message Integrity Controls
- Assurance, Trust, and Confidence Mechanisms
    * Digital Signatures and Certificate Authorities
    * Public Key Infrastructure (PKI)
- Management of Cryptographic Systems
- Information Protection and Management Services
    * Key Management
    * Key Management Functions
    * Key Generation
    * Distribution
    * Installation
    * Storage
    * Change
    * Control
    * Disposal
    * Modern Key Management
    * Principles of Key Management
    * Summary
- Threats and Attacks
- CBK
    * Components
    * Examples

DOMAIN 5: Information Security and Risk Management
Information Security and Risk Management:
- Introduction to Information Security Management
- Purposes of Information Security Management
- Concepts: Confidentiality, Integrity, Availability
- Risk Analysis and Assessment
    * Information Protection Requirements
    * Information Protection Environment
    * Security Technology and Tools
    * Assurance, Trust, and Confidence Mechanisms
    * Information Protection Management Service
- Information Classification
    * Information Protection Requirements
    * Information Protection Environment
    * Security Technology and Tools
    * Assurance, Trust, and Confidence Mechanisms
    * Information Protection and Management Services
- Policies, Procedures, Standards, Baselines, Guidelines
    * Information Protection Requirements
    * Information Protection Environment
    * Security Technology and Tools
    * Information Protection Requirements
- Security Awareness Training and Education
    * Information Protection Environment
- Social Engineering
- Risk Management
- Ethics
- Implementation (Delivery) Options
    * Security Technology and Tools
    * Assurance, Trust, and Confidence Mechanisms
    * Information Protection Management Services
- CBK
    * Components
    * Examples

DOMAIN 6: Legal, Regulations, Compliance and Investigation
- Legal, Regulations, Compliance and Investigations
- Introduction to Law
- Major Legal Systems
- Legal Concepts
    * Information Protection Requirements
    * Information Protection Environment
    * Privacy
    * Recommended Course of Action
    * Security Technology and Tools
    * Assurance, Trust, and Confidence Mechanisms
    * Information Protection and Management Services
- Introduction to Regulations
    * Regulatory Issues
- Introduction to Investigations
    * Information Protection Requirements
    * Information Protection Environment
    * Security Technology and Tools
    * Assurance, Trust, and Confidence Mechanisms
    * Information Protection and Management Services
- Introduction to Computer Forensics
- Introduction to Ethics
    * Information Protection Requirements
    * Computer Ethics
    * Information Protection Environment
    * Security Technology and Tools
    * Assurance, Trust and Confidence Mechanisms
    * Information Protection and Management Services
    * Summary
- CBK
    * Components
    * Examples

DOMAIN 7: Operations Security
Operations Security
- Introduction to Operations Security
- Information Protection Requirements
    * Resource Protection
- Information Protection Environment
- Security Technology and Tools
    * Change Control Management
    * Physical Security Controls
    * Privileged Entity Control
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
    * Summary
- CBK
    * Components
    * Examples

DOMAIN 8: Physical (Environmental) Security
Physical (Environmental) Security
- Introduction to Physical (Environmental) Security
- Definitions and Key Concepts
- Layered Defense Model
- Information Protection Requirements
    * The C-I-A Triad
- Information Protection Environment
    * Site Location
    * Equipment Protection
    * Crime Prevention through Environmental Design (CPTED)
- Infrastructure Support Systems
- Security Technology and Tools
    * Perimeter and Building Grounds Boundary Protection
    * Building Entry Points
    * Inside the Building: Building Floors, Office Suites, Offices
    * Penetration (Intrusion) Detection Systems
- Assurance, Trust, and Confidence Mechanisms
    * Drills/Exercises/Testing
    * Vulnerability/ Penetration Tests
    * Creating a Checklist
    * Maintenance and Service
- Information Protection and Management Services
    * Awareness and Training
    * Summary
- CBK
    * Components
    * Examples

DOMAIN 9: Security Architecture and Design
Security Architecture and Design
- Introduction to Security Architecture and Design
- Components and Principles
    * Hardware
    * Software
- System Security Techniques
- Information Protection Requirements
- The C-I-A Triad
- Information Protection Environment
    * Platform Architecture
    * Network Environment
    * Enterprise Architecture
    * Security Models
- Security Technology and Tools
    * Network Protection
- Assurance, Trust, and Confidence Mechanisms
    * Trusted Computer Security Evaluation Criteria (TCSEC)
    * The Trusted Network Interpretation (TNI)
    * Information Technology Security Evaluation Criteria (ITSEC)
    * The Common Criteria (CC)
    * Certification and Accreditation
- Security Models and Architecture Theory
- Security Evaluation Methods and Criteria
- Information Protection and Management Services
- CBK
    * Components
    * Examples

DOMAIN 10: Telecommunications and Network Security
Telecommunications and Network Security\
- Introduction to Telecommunications and Network Security
- Key Concepts and Definitions
- Information Protection Requirements
- Information Protection Environment
    * Data Networks
    * Remote Access Services
    * Network Protocols
    * Network Threats and Attacks
    * Network Components
    * Telephony
- Security Technology and Tools
    * Content Filtering and Inspection
    * Intrusion Detection
- Assurance, Trust, and Confidence Mechanisms
- Information Protection and Management Services
- CBK
    * Components
    * Examples
Conclusion

Additional Details

Pre-Requisites

There are no pre-requisites to attend the seminar. However, not everyone will be qualified to take the exam or receive certification.

Certificates offered

The student kit includes a comprehensive workbook and other necessary materials for this class. Ottawa: * Apr 2, 2011 Toronto: * Feb 19, 2011

Cancellation Policy

Map & Reviews

CTE Solutions
[ View Provider's Profile ]

CTE Solutions Ottawa
11 Holland Avenue suite 100
Ottawa, Ontario
Canada   K1Y 4S1

Reviews

 

This course has not yet been rated by one of our members.

If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.

Here are some reviews of the training vendor.

   

This course was great, very informative, had Lionel as instructor and he was also very good.

Reviewed by Robin T. 2012

   

Instructor was eager to assist but lacked subject matter expertise. Course time management was very poor. Content provided could have been delivered effectively in a one day course.

Reviewed by Inta N. 2012

   

Good Course, good trainer. All questions addressed equally and in a timely professional manner.

Reviewed by Joe L. 2011

   

The course content was interesting; however, the instructor didn't have enough knowledge about Microsoft Sharepoint 2010 Development and wasn't able to answer questions without google search. In the future CTE needs to make sure the instructors have real on-hands experience and are highly trained in the technologies they are supposed be teaching.

Reviewed by Heliana P. 2011