CISSP: Certified Information System Security Professional (8 ECTS)

Learning outcomes

This course is an review course that contains information security concepts and industry best practices, covering the 8 domains of the CISSP Common Body of Knowledge (CBK)®:
• Security and Risk Management
• Asset Security
• Security Engineering
• Communications and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

This course will expand upon your knowledge by addressing the essential elements of those eight domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals. The course offers a job-related approach to the security process and will prepare you to pass the 2015 version of the CISSP® exam.

Content

In this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.


Course Content

Module 1: Security and Risk Management
Module 1.1: Security Governance Principles
Module 1.2: Compliance
Module 1.3: Professional Ethics
Module 1.4: Security Documentation
Module 1.5: Risk Management
Module 1.6: Threat Modeling
Module 1.7: Business Continuity Plan Fundamentals
Module 1.8: Acquisition Strategy and Practice
Module 1.9: Personnel Security Policies
Module 1.10: Security Awareness and Training

Module 2: Asset Security
Module 2.1: Asset Classification
Module 2.2: Privacy Protection
Module 2.3: Asset Retention
Module 2.4: Data Security Controls
Module 2.5: Secure Data Handling
Module 3: Security Engineering
Module 3.1: Security in the Engineering Lifecycle
Module 3.2: System Component Security
Module 3.3: Security Models
Module 3.4: Controls and Countermeasures in Enterprise Security
Module 3.5: Information System Security Capabilities
Module 3.6: Design and Architecture Vulnerability Mitigation
Module 3.7: Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
Module 3.8: Cryptography Concepts
Module 3.9: Cryptography Techniques
Module 3.10: Site and Facility Design for Physical Security
Module 3.11: Physical Security Implementation in Sites and Facilities

Module 4: Communications and Network Security
Module 4.1: Network Protocol Security
Module 4.2: Network Components Security
Module 4.3: Communication Channel Security
Module 4.4: Network Attack Mitigation

Module 5: Identity and Access Management
Module 5.1: Physical and Logical Access Control
Module 5.2: Identification, Authentication, and Authorization
Module 5.3: Identity as a Service
Module 5.4: Authorization Mechanisms
Module 5.5: Access Control Attack Mitigation

Module 6: Security Assessment and Testing
Module 6.1: System Security Control Testing
Module 6.2: Software Security Control Testing
Module 6.3: Security Process Data Collection
Module 6.4: Audits

Module 7: Security Operations
Module 7.1: Security Operations Concepts
Module 7.2: Physical Security
Module 7.3: Personnel Security
Module 7.4: Logging and Monitoring
Module 7.5: Preventative Measures
Module 7.6: Resource Provisioning and Protection
Module 7.7: Patch and Vulnerability Management
Module 7.8: Change Management
Module 7.9: Incident Response
Module 7.10: Investigations
Module 7.11: Disaster Recovery Planning
Module 7.12: Disaster Recovery Strategies
Module 7.13: Disaster Recovery Implementation

Module 8: Software Development Security
Module 8.1: Security Principles in the System Lifecycle
Module 8.2: Security Principles in the Software Development Lifecycle
Module 8.3: Database Security in Software Development
Module 8.4: Security Controls in the Development Environment
Module 8.5: Software Security Effectiveness Assessment

Teaching methods

100% Online (Self-Study) course.

Location and time

Up to Student - course is online (Self-Study) course.

Learning materials and recommended literature

Can be find in study environment.

Alternative completion methods of implementation

N/A

Internship and working life connections

N/A

Exam dates and retake possibilities

Can be find in study environment.

International connections

N/A

Student workload

Up to Student her-/himself.

Content scheduling

Up to student her-/himself.

Further information for students

ENROLLING
CampusOnline Student: Please fill in eform

Metropolia's Degree Student:
- Go to https://moodle.metropolia.fi/course/view.php?id=144
- Enrollment key for the course: cissp
- Password for final exam: cissp

Please review the course modules 1-8 material and then do the Final exam.

Evaluation scale

Hyväksytty/Hylätty

Assessment criteria, approved/failed

In order to pass the course you have to score at least 70% or more in the course exam. The course exam contains multiple choice questions.