This course covers Domain 1 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about the mechanisms you can use to exercise either a directing or restraining influence over the behavior, use, and content of a system.
- Discuss the relationship between access control and accountability
- Define common access control techniques and models
- Detail the specifics of access control administration
- Explain identification and authentication techniques
- Discuss centralized/decentralized control
- Explain intrusion detection and common methods of attack
Time : 2.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course covers Domain 2 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about the structures, transmissions methods, transport formats, and security measures used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media.
- Explain the International Standards Organization/Open Systems Interconnection
- (ISO/OSI) layers and characteristics
- Describe the design and function of communications and network security
- Describe the components, protocols and services involved in Internet/intranet/extranet design
- Define and describe communications security techniques to prevent, detect, and correct errors so that integrity, availability, and confidentiality of transactions over networks may be maintained
- Define and describe specific areas of communication and how they can be secured
- Explain current forms of network attacks and their countermeasures
Time : 3.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course covers Domain 3 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about identifying an organization's information assets, as well as the development, documentation, and implementation of appropriate policies, standards, procedures, and guidelines. It also covers how data classification, risk assessment, and risk analysis are used to identify the threats, classify assets, and to rate their vulnerabilities so that effective security controls can be implemented.
- Understand the principles of security management
- Understand risk management and how to use risk analysis to make information security management decisions
- Set information security roles and responsibilities throughout your organization
- Understand the considerations and criteria for classifying data
- Determine how employment policies and practices are used to enhance information security in your organization
- Use change control to maintain security
Time : 2.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course covers Domain 4 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about the security controls that are included within systems and applications software and the steps used in their development in both distributed and centralized environments.
- Demonstrate an understanding of challenges in both distributed and nondistributed environments
- Discuss databases and data warehousing issues
- Describe knowledge-based systems and examples of edge computing
- Discuss the types of attacks made on software vulnerabilities
- Describe and define malicious code
- Discuss system development controls
Time : 3.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course covers Domains 5 and 6 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about the principles, means, and methods of disguising information to ensure its integrity, confidentiality, and authenticity. It also covers concepts, principles, structures, and standards used to design, implement, monitor, and secure operating systems, equipment, networks, and applications.
- Compare and contrast symmetric and asymmetric algorithms
- Describe PKI and key management
- Detail common methods of attacking encryption, including general and specific attacks
- List common security models and their function
- Explain the basics of security architecture
- Describe the Internet Protocol Security (IPSec) standard
Time : 2.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course covers Domain 7 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about identifying the hardware and media controls, as well as the operators with access privileges to any of these resources. It also covers auditing and monitoring techniques that permit the identification of security events and their sources.
- Identify the key roles of operations security
- Define threats and countermeasures
- Explain how audit and monitoring can be used as operations security tools
- Define the role of Administrative management in operations security
- Define operations security concepts and describe operations security best practices
Time : 2.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course covers Domain 8 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about preservation in the face of major disruptions to normal business operations. It covers both the preparation and testing of specific actions to protect critical business processes from the effect of major system and network failures.
- Document the natural and man-made events that need to be considered in making disaster recovery and business continuity plans
- Explain the difference between disaster recovery planning (DRP) and business continuity planning (BCP) and the importance of developing plans that include both
- Detail the business continuity planning process
- Explain the need for, and development of, a backup strategy. Include information on determining what to back up, how often to back up, as well as the proper storage facility for backups
- Detail the disaster recovery planning process, including recovery plan development, implementation, maintenance, and the restoration of business functions
Time : 2.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course covers Domains 9 and 10 of the Certified Information Systems Security Professional (CISSP) exam. It explains what you need to know about computer crime laws and regulations, as well as the investigative measures and techniques which can be used to determine if a crime has been committed. It also covers the threats, vulnerabilities, and countermeasures that can be utilized to physically protect an enterprise's resources and sensitive information.
- Define what constitutes a computer crime and how such a crime is proven in court
- Explain the laws of evidence
- Discuss computer ethics
- Understand general principles that apply to the theft of information and assets
- Know the general criteria that apply to the location and construction of facilities
- Describe physical intrusion detection methodologies and products
Time : 3.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
This course provides five practice exams for the Certified Information Systems Security Professional (CISSP) exam.
- Practice for the Certified Information Systems Security Professional (CISSP) exam
Time : 5.0 hour(s)
This series is for anyone preparing for the CISSP exam, or for anyone who wants to learn more about information security subjects.
