CISSP: Certified Information System Security Professional (8 cr)

Objective

This course is an review course that contains information security concepts and industry best practices, covering the 8 domains of the CISSP Common Body of Knowledge (CBK)®:
• Security and Risk Management
• Asset Security
• Security Engineering
• Communications and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

This course will expand upon your knowledge by addressing the essential elements of those eight domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals. The course offers a job-related approach to the security process and will prepare you to pass the 2015 version of the CISSP® exam.

Content

In this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.


Course Content

Module 1: Security and Risk Management
Module 1.1: Security Governance Principles
Module 1.2: Compliance
Module 1.3: Professional Ethics
Module 1.4: Security Documentation
Module 1.5: Risk Management
Module 1.6: Threat Modeling
Module 1.7: Business Continuity Plan Fundamentals
Module 1.8: Acquisition Strategy and Practice
Module 1.9: Personnel Security Policies
Module 1.10: Security Awareness and Training

Module 2: Asset Security
Module 2.1: Asset Classification
Module 2.2: Privacy Protection
Module 2.3: Asset Retention
Module 2.4: Data Security Controls
Module 2.5: Secure Data Handling
Module 3: Security Engineering
Module 3.1: Security in the Engineering Lifecycle
Module 3.2: System Component Security
Module 3.3: Security Models
Module 3.4: Controls and Countermeasures in Enterprise Security
Module 3.5: Information System Security Capabilities
Module 3.6: Design and Architecture Vulnerability Mitigation
Module 3.7: Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
Module 3.8: Cryptography Concepts
Module 3.9: Cryptography Techniques
Module 3.10: Site and Facility Design for Physical Security
Module 3.11: Physical Security Implementation in Sites and Facilities

Module 4: Communications and Network Security
Module 4.1: Network Protocol Security
Module 4.2: Network Components Security
Module 4.3: Communication Channel Security
Module 4.4: Network Attack Mitigation

Module 5: Identity and Access Management
Module 5.1: Physical and Logical Access Control
Module 5.2: Identification, Authentication, and Authorization
Module 5.3: Identity as a Service
Module 5.4: Authorization Mechanisms
Module 5.5: Access Control Attack Mitigation

Module 6: Security Assessment and Testing
Module 6.1: System Security Control Testing
Module 6.2: Software Security Control Testing
Module 6.3: Security Process Data Collection
Module 6.4: Audits

Module 7: Security Operations
Module 7.1: Security Operations Concepts
Module 7.2: Physical Security
Module 7.3: Personnel Security
Module 7.4: Logging and Monitoring
Module 7.5: Preventative Measures
Module 7.6: Resource Provisioning and Protection
Module 7.7: Patch and Vulnerability Management
Module 7.8: Change Management
Module 7.9: Incident Response
Module 7.10: Investigations
Module 7.11: Disaster Recovery Planning
Module 7.12: Disaster Recovery Strategies
Module 7.13: Disaster Recovery Implementation

Module 8: Software Development Security
Module 8.1: Security Principles in the System Lifecycle
Module 8.2: Security Principles in the Software Development Lifecycle
Module 8.3: Database Security in Software Development
Module 8.4: Security Controls in the Development Environment
Module 8.5: Software Security Effectiveness Assessment

Location and time

Up to Student - course is online (Self-Study) course.

Materials

Can be find in study environment.

Teaching methods

100% Online (Self-Study) course which can be done in own space.

Course includes 8 lessons and Final Exam.

Employer connections

N/A

Exam schedules

Can be find in study environment.

International connections

N/A

Completion alternatives

N/A

Student workload

Up to Student her-/himself.

Content scheduling

Up to student her-/himself.

Evaluation scale

Hyväksytty/Hylätty

Assessment criteria, approved/failed

In order to pass the course you have to score at least 70% or more in the course exam. The course exam contains multiple choice questions.

Assessment methods and criteria

Pass after Student has done article reviews and Final Exam.

Final Exam has 40 question multi-choice. Each question has four to six possible answers.

You have 60 minutes to complete the exam and you can retake it 3 times.

Objective

This course is an review course that contains information security concepts and industry best practices, covering the 8 domains of the CISSP Common Body of Knowledge (CBK)®:
• Security and Risk Management
• Asset Security
• Security Engineering
• Communications and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

This course will expand upon your knowledge by addressing the essential elements of those eight domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals. The course offers a job-related approach to the security process and will prepare you to pass the 2015 version of the CISSP® exam.

Content

In this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.


Course Content

Module 1: Security and Risk Management
Module 1.1: Security Governance Principles
Module 1.2: Compliance
Module 1.3: Professional Ethics
Module 1.4: Security Documentation
Module 1.5: Risk Management
Module 1.6: Threat Modeling
Module 1.7: Business Continuity Plan Fundamentals
Module 1.8: Acquisition Strategy and Practice
Module 1.9: Personnel Security Policies
Module 1.10: Security Awareness and Training

Module 2: Asset Security
Module 2.1: Asset Classification
Module 2.2: Privacy Protection
Module 2.3: Asset Retention
Module 2.4: Data Security Controls
Module 2.5: Secure Data Handling
Module 3: Security Engineering
Module 3.1: Security in the Engineering Lifecycle
Module 3.2: System Component Security
Module 3.3: Security Models
Module 3.4: Controls and Countermeasures in Enterprise Security
Module 3.5: Information System Security Capabilities
Module 3.6: Design and Architecture Vulnerability Mitigation
Module 3.7: Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
Module 3.8: Cryptography Concepts
Module 3.9: Cryptography Techniques
Module 3.10: Site and Facility Design for Physical Security
Module 3.11: Physical Security Implementation in Sites and Facilities

Module 4: Communications and Network Security
Module 4.1: Network Protocol Security
Module 4.2: Network Components Security
Module 4.3: Communication Channel Security
Module 4.4: Network Attack Mitigation

Module 5: Identity and Access Management
Module 5.1: Physical and Logical Access Control
Module 5.2: Identification, Authentication, and Authorization
Module 5.3: Identity as a Service
Module 5.4: Authorization Mechanisms
Module 5.5: Access Control Attack Mitigation

Module 6: Security Assessment and Testing
Module 6.1: System Security Control Testing
Module 6.2: Software Security Control Testing
Module 6.3: Security Process Data Collection
Module 6.4: Audits

Module 7: Security Operations
Module 7.1: Security Operations Concepts
Module 7.2: Physical Security
Module 7.3: Personnel Security
Module 7.4: Logging and Monitoring
Module 7.5: Preventative Measures
Module 7.6: Resource Provisioning and Protection
Module 7.7: Patch and Vulnerability Management
Module 7.8: Change Management
Module 7.9: Incident Response
Module 7.10: Investigations
Module 7.11: Disaster Recovery Planning
Module 7.12: Disaster Recovery Strategies
Module 7.13: Disaster Recovery Implementation

Module 8: Software Development Security
Module 8.1: Security Principles in the System Lifecycle
Module 8.2: Security Principles in the Software Development Lifecycle
Module 8.3: Database Security in Software Development
Module 8.4: Security Controls in the Development Environment
Module 8.5: Software Security Effectiveness Assessment