Security University's CISSP® Prep Class
Register for CISSP class with Master CISSP Clement Dupuis today! 99% Pass Rate
'Easy to understand CISSP® prep curriculum with intense (daily) online quizzes ensure you master the 10 domains and successfully pass the CISSP® exam the first time”.
99% Pass the first time, OR return for FREE!
"2009 Stimulus Special" 2 classes for 1 class fee of $2,495 (must attend same class exam not incl) or $1,995 per attender - Register now! Clement's classes sell out fast!
don't forget to register @ www.CCCURE.ORG for your on-line practice exams
Where do you go after CISSP®?
Be More than Certified, 5,800 CISSP's are now Qualified.
| Class Price: |
$1,995 labs & 25+ quizzes! ( $2,595 including exam voucher) |
| Time: |
8:30am -6pm |
| Location: |
check schedule |
| Prerequisites: |
TCPIP |
| CPE Credits: |
40 |
 |
Download the 2009 SU class RoadMap
Ask about On-Site classes |
| Instructor: |
CISSP, Q/EH, Q/SA Q/PTL Q/FE, Q/SSE,
CWNA. CWSP Security + |
Where Qualified Happens!
What places Security University's CISSP training above all others?
- With our CISSP Experts, instructors & Clement, we have developed a reputation for excellence in training and prep for your CISSP exam.
- Our daily quizzes and course materials are always updated with the latest information on the exam objectives.
- Robust course materials that cater to your individual learning styles for a successful learning experience.
- Build your “personal” exam prep guide” based on what you need to know to pass the exam the first time.
- Expert mentoring by veteran security professionals before and after class guide you to success.
- Quiz, engage in materials and Quiz again is the secret to your exam success.
- 100+ retired exam questions to familiarize you with the exam style.
What You Will Learn:
Tips for taking the Exam &
SU Self Study Techniques
1. Information Security and Risk Management
Identify an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines to identify risk.
- CIA
- Roles and Responsibilities - RACI
- Asset Management
- Taxonomy - Information Classification
- Risk Management
- Risk Analysis & Assessment
- Information Classification
- Policies, Procedures, Standards, Baselines & Guidelines
- Security Awareness Programs
- Certification and Accreditation
2. Access Control
Access controls are a collection of mechanisms that work together to create a security architecture to protect the assets of the information system.
- AAA
- Access to systems & data
- IPS intrusion prevention & IDS detection
- Audit trail monitoring
- Authentication Methods
- Authorization - DAC, RBAC, MAC
- Accounting - Logging, Monitoring, Auditing
- Central/Decentralized and Hybrid Management
- Single Sign-on - Kerberos, Radius, Diameter, TACACS
- Threats
- Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering
3 Cryptography
Cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity.
- Terminology
- Cryptosystems
- Ciphers
- Algorithms
- Hashing
- Public Key Crypto
- Digital Signatures
- Symmetric/ Asymmetric
- PKI
- Internet Security
- Cryptosystems - SSL, S/MIME, PGP
- Cryptanalysis
4. Physical (Environmental) Security
The physical security domain provides protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources.
- Buildings, and related infrastructure against threatsTerminology
- Technical controls - access controls, intrusion detection system, and monitoring system
- Supporting facilities - heating/cooling, electrical plant, and water system
- Facility Design
- Fire Safety
- Electrical Security
- HVAC
- Perimeter Security - Fences, Gates, Lighting
- Physical facility - buildings and structures housing computer facilities
- Physical Access Control - Transponders, Badges, Swipe Cards
- Theft
- Intrusion Detection - CCTV, Alarms, Guards, & Dogs
5. Security Architecture and Design
Contains the concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of availability, integrity, and confidentiality.
- Identify the security issues and controls with architectures and designs.
- Describe the principles of common computer and network organizations, enterprise architecture and designs.
- Layering, Data Hiding and Abstraction
- Processors
- Memory - Segmentation/Rings, Types of Memory
- Operating Systems
- Defines and understand system models
- Assurance - TCSEC, ITSEC, CC
- Architecture Problems - Covert Channels + TOC/TOU, Object Reuse
6. Application Security
Addresses the important security concepts that apply to application software development and outlines the environment where software is designed and developed.
- General Security Principles
- Database
- Applications
- Artificial Intelligence Models
- SDL
- Programming/Data Attacks
- Malware
- Threats
- Real World Issues
- Change Management
- Database Security
- Mobil Code
7. Telecommunications and Network Security domain address:
- Network Structures
- Transmission methodology
- Transport formats
- OSI/DoD TCP/IP Models
- TCP/UDP/ICMP/IP
- Ethernet
- Devices - Routers/Switches/Hubs
- Firewalls
- Wireless
- WAN Technologies - X.25/Frame Relay/ PPP /ISDN/DSL/Cable
- Voice - PBX/Cell Phones/VOIP
- IPSec
- Network Vulnerabilities
8. Legal, Regulations, Compliance, and Investigations domain addresses:
- Computer crime laws and regulations
- The measures and technologies used to investigate computer crime incidents
- Ethics - Due Care/Due Diligence
- Intellectual Property
- Incident Response
- Forensics
- Evidence
- Laws - HIPAA, GLB, SOX
9. Business Continuity & Disaster Recovery Planning domain addresses business operations in the event of outages.
- Policy
- Roles and Teams
- Business Continuity Planning
- Business Impact Assessment
- Recovery Strategy
- Recovery Plan Development
- Emergency Response
- Data Backups, Vaulting, Journaling, Shadowing
- Backups & Off-Site Storage
- Software Escrow Arrangements
- External Communications
- Utilities
- Logistics & Supplies
- Emergency Response
- Required Notifications /Testing
10. Operations Security
Identify the controls over hardware, media, and administration to any of these resources. And audit & monitoring that identify security events and subsequent actions.
- Change Control/Configuration Management
- Dual Control, Separation of Duties, Rotation of Duties
- Information Security Controls
- Violation analysis
- Audit trails/reporting
- Resource Protection
- Appropriate administrator/operator privilege
- Recovery procedures
- Attack methods
- Vulnerability Assessment and Pen-Testing
Certification
CISSP® (Certified Information Systems Security Professional) Certifications is based on the CBK (Common Body of Knowledge) which comprises ten subject domains that is compiled and maintained through ongoing peer review by subject matter experts. requires exam candidates to have a minimum of five years of relevant work experience in two or more of the ten domains, 5 years of work experience with an applicable college degree, or a credential from the (ISC) 2 -approved list.
CISSP® is a registered trademark of (ISC)²®
SU CISSP® classes are not endorsed, sponsored or delivered by (ISC)²®.
Disclaimer
CISSP® a registered trademark of (ISC)²® Inc (International Information Systems Security Certification Consortium) Inc. The materials for the Security University classes have been developed specifically for SU and is not endorsed, sponsored or delivered by (ISC)²®. The goal of the course is to prepare security professionals for the
CISSP® exam by covering the ten domains defined by (ISC)²®
Send group inquiries to: cissp@securityuniversity.net
|
