CISSP

Contact us: admin@tiptechnologies.co.uk to get up to 90% discount on bundles.

What is CISSP?

Certified Information Systems Security Professional (CISSP) is a vendor-neutral information security certification demonstrating deep competence in designing, engineering and managing information security systems.

This 5 days CISSP course is designed to train delegates in all areas of the security Common Body of Knowledge, giving them everything they need to pass the official CISSP exam. Train with us and we guarantee you will pass your CISSP exam.

CISSP is the premier certification for demonstrating expertise in information security design and management. It is vendor-neutral, globally recognised and meets the rigorous ISO/IEC 17024 International Standard, making it an objective measure of excellence in security.

Prerequisite

A minimum of either five years full-time paid work experience, or four years’ experience, plus an information security university degree, in two or more of the following 8 CISSP domains:

Don’t have the required experience? Do not worry. By passing the exam, you can become an Associate of (ISC)². You’ll then have 5 to 6 years to gain the experience required to become a CISSP.

Who Should Attend

The course is intended for anybody who works in or is looking for a career in Information and Cyber Security.

 

Course Structure

This is a five days, classroom-based training course

The exam is computer based and must be booked separately through (ISC)2® here.

Course Content: 8 Domains

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communication and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security

Security and Risk Management:

  • Confidentiality, integrity, and availability concepts
  • Security governance principles
  • Compliance
  • Legal and regulatory issues
  • Professional ethic
  • Security policies, standards, procedures and guidelines

Asset Security:

  • Information and asset classification
  • Ownership (e.g. data owners, system owners)
  • Protect privacy
  • Appropriate retention
  • Data security controls
  • Handling requirements (e.g. markings, labels, storage)

Security Engineering:

  • Engineering processes using secure design principles
  • Security models fundamental concepts
  • Security evaluation models
  • Security capabilities of information systems
  • Security architectures, designs, and solution elements vulnerabilities
  • Web-based systems vulnerabilities
  • Mobile systems vulnerabilities
  • Embedded devices and cyber-physical systems vulnerabilities
  • Cryptography
  • Site and facility design secure principles
  • Physical security

Communication and Network Security:

  • Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
  • Secure network components
  • Secure communication channels
  • Network attacks

Identity and Access Management:

  • Physical and logical assets control
  • Identification and authentication of people and devices
  • Identity as a service (e.g. cloud identity)
  • Third-party identity services (e.g. on-premise)
  • Access control attacks
  • Identity and access provisioning lifecycle (e.g. provisioning review)

Security Assessment and Testing:

  • Assessment and test strategies
  • Security process data (e.g. management and operational controls)
  • Security control testing
  • Test outputs (e.g. automated, manual)
  • Security architectures vulnerabilities

Security Operations:

  • Investigations support and requirements
  • Logging and monitoring activities
  • Provisioning of resources
  • Foundational security operations concepts
  • Resource protection techniques
  • Incident management
  • Preventative measures
  • Patch and vulnerability management
  • Change management processes
  • Recovery strategies
  • Disaster recovery processes and plans
  • Business continuity planning and exercises
  • Physical security
  • Personnel safety concerns

 

Software Development Security:

  • Security in the software development lifecycle
  • Development environment security controls
  • Software security effectiveness
  • Acquired software security impact

CISSP Exam:

  • The CISSP exam is booked separately here and is taken at a Pearson Vue Test Centre
  • The exam tests knowledge in the 8 domains of CISSP
  • Multiple choice
  • 3 hours
  • 100 – 150 question  (English)
  • Computer-based
  • Pass mark is a scaled score of 700/1000

Why choose Tip Technology?

  • Tip Technologies provide you courseware, with presentation slides, practice questions, answer templates and exam guidance
  • We make the learning experience enjoyable
  • We provide pre- and post-course support so you never feel alone
  • All of our training are hands-on, using real-world example
  • We have an extremely high global pass rate

Advantages of CISSP Training

  • Shows commitment to the field of information security
  • Helps you stand out in a competitive market of IT Security professionals
  • Assurance of information security credibility when dealing with other companies or clients.
  • Indicates deep technical knowledge and skills
  • Professionals Keep up to date with and able to protect against the latest threats