•     CISSP: Certified Information System Security Professional TT00CR29-3006 01.01.2021-31.12.2021  8 credits  (ATX21TV) +-
    Learning outcomes of the course
    This course is an review course that contains information security concepts and industry best practices, covering the 8 domains of the CISSP Common Body of Knowledge (CBK)®:
    • Security and Risk Management
    • Asset Security
    • Security Engineering
    • Communications and Network Security
    • Identity and Access Management
    • Security Assessment and Testing
    • Security Operations
    • Software Development Security

    This course will expand upon your knowledge by addressing the essential elements of those eight domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals. The course offers a job-related approach to the security process and will prepare you to pass the 2015 version of the CISSP® exam.
    Course contents
    In this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.


    Course Content

    Module 1: Security and Risk Management
    Module 1.1: Security Governance Principles
    Module 1.2: Compliance
    Module 1.3: Professional Ethics
    Module 1.4: Security Documentation
    Module 1.5: Risk Management
    Module 1.6: Threat Modeling
    Module 1.7: Business Continuity Plan Fundamentals
    Module 1.8: Acquisition Strategy and Practice
    Module 1.9: Personnel Security Policies
    Module 1.10: Security Awareness and Training

    Module 2: Asset Security
    Module 2.1: Asset Classification
    Module 2.2: Privacy Protection
    Module 2.3: Asset Retention
    Module 2.4: Data Security Controls
    Module 2.5: Secure Data Handling
    Module 3: Security Engineering
    Module 3.1: Security in the Engineering Lifecycle
    Module 3.2: System Component Security
    Module 3.3: Security Models
    Module 3.4: Controls and Countermeasures in Enterprise Security
    Module 3.5: Information System Security Capabilities
    Module 3.6: Design and Architecture Vulnerability Mitigation
    Module 3.7: Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
    Module 3.8: Cryptography Concepts
    Module 3.9: Cryptography Techniques
    Module 3.10: Site and Facility Design for Physical Security
    Module 3.11: Physical Security Implementation in Sites and Facilities

    Module 4: Communications and Network Security
    Module 4.1: Network Protocol Security
    Module 4.2: Network Components Security
    Module 4.3: Communication Channel Security
    Module 4.4: Network Attack Mitigation

    Module 5: Identity and Access Management
    Module 5.1: Physical and Logical Access Control
    Module 5.2: Identification, Authentication, and Authorization
    Module 5.3: Identity as a Service
    Module 5.4: Authorization Mechanisms
    Module 5.5: Access Control Attack Mitigation

    Module 6: Security Assessment and Testing
    Module 6.1: System Security Control Testing
    Module 6.2: Software Security Control Testing
    Module 6.3: Security Process Data Collection
    Module 6.4: Audits

    Module 7: Security Operations
    Module 7.1: Security Operations Concepts
    Module 7.2: Physical Security
    Module 7.3: Personnel Security
    Module 7.4: Logging and Monitoring
    Module 7.5: Preventative Measures
    Module 7.6: Resource Provisioning and Protection
    Module 7.7: Patch and Vulnerability Management
    Module 7.8: Change Management
    Module 7.9: Incident Response
    Module 7.10: Investigations
    Module 7.11: Disaster Recovery Planning
    Module 7.12: Disaster Recovery Strategies
    Module 7.13: Disaster Recovery Implementation

    Module 8: Software Development Security
    Module 8.1: Security Principles in the System Lifecycle
    Module 8.2: Security Principles in the Software Development Lifecycle
    Module 8.3: Database Security in Software Development
    Module 8.4: Security Controls in the Development Environment
    Module 8.5: Software Security Effectiveness Assessment
    Name of lecturer(s)

    Virve Prami

    Mode of delivery

    Distance learning

    Recommended or required reading

    Can be find in study environment.

    Planned learning activities and teaching methods

    100% Online (Self-Study) course.

    Language of instruction

    English

    Timing

    01.01.2021 - 31.12.2021

    Group(s)
    • ATX21TV
    Seats

    0 - 5000

    Unit, in charge

    School of ICT

    Teacher(s)

    Virve Prami

    Further information for students

    ENROLLING

    Open UAS and CampusOnline Student: Please fill in eform



    Metropolia's Degree Student:

    - Go to https://moodle.metropolia.fi/course/view.php?id=144

    - Enrollment key for the course: cissp

    - Password for final exam: cissp



    Please review the course modules 1-8 material and then do the Final exam.

    Degree Programme

    Information and Communication Technology

    Unit location

    Karaportti 2

    Virtual proportion

    8 credits

    Evaluation scale

    Hyväksytty/Hylätty

    Completion alternatives

    N/A

    Work placement(s)

    N/A

    Exam schedule

    Can be find in study environment.

    International connections

    N/A

    Students use of time and load

    Up to Student her-/himself.

    Content periodicity

    Up to student her-/himself.

    Location and Time

    Up to Student - course is online (Self-Study) course.