CISSP: The Complete Exam Guide

26 Hours, 28 Minutes
Delivery Method
LearnNow On Demand

CISSP is the gold standard for security certifications. It covers the breadth of information security’s deep technical and managerial concepts. This course covers Domain 1 - Security and Risk Management. This domain lays the foundation, covering security concepts that all the other domains build upon. Understanding exactly what security means and the core concepts around assessing and managing the wide array of risks we face is fundamental to every domain in the CISSP. Domain 2 - Asset Security. An asset is anything we value. When we have highly valued assets, such as sensitive data, securing those assets throughout their lifecycle is paramount. We will learn about data standards, classification, regulations, retention, and controls to protect organizational value. Domain 3 - Security Engineering. Engineering is about understanding and designing systems that work. This domain will help you understand the engineering lifecycle and various models and security components required in data structures and physical facilities. We also learn how cryptography fits in to information security. Domain 4- Communication and Network Security. Information is not just stored; it is also transmitted and must be secured in transit. Understanding networking models, protocols, hardware components, and possible attack vectors is vital to information security. Domain 5 - Identity and Access Management. Controlling who can access valuable resources can lead to proper confidentiality, integrity, and availability. A CISSP must understand mechanisms and techniques to verify a subject’s authenticity before authorizing access. They must be able to assure that only proper interactions have occurred and mitigate potential attacks. Domain 6 - Security Assessment and Testing. Understanding the effectiveness of your security measures is vital. As you collect and review logs, verify software development security, and undergo security audits and certification you can have some assurance and insight into your security status and needs. Domain 7- Security Operations. From incident response that involves investigation of evidence to facility access management and disaster recovery planning, testing, and implementation, this domain requires putting security principles and concepts into practice. Domain 8 - Security in the Software Development Life Cycle. Many of the most publicized security issues have stemmed from flaws in the software code.


Purchase This On Demand Title or a LearnNow On Demand subscription

CISSP: The Complete Exam Guide
  Buy Now $129.99 Purchase this course for 12 months.
  Buy Now $99.95 Purchase this course and hundreds of others with our LearnNow On Demand 12-month subscription.

Who Should Attend

Anyone who wants to benefit from all theknowledge to pass the CISSP exam.

Course Objectives

    Domain 1: Security and Risk Management, Domain 2: Asset Security, Domain 3: Security Engineering, Domain 4: Communication and Network Security, Domain 5: Identity and Access Management, Domain 6: Security Assessment and Testing, Domain 7: Security Operations, Domain 8: Security in the Software Development Life Cycle


1 - Understanding Information Security Concepts in Domain 1 - Security and Risk Management
  • Defining Security
  • Security Governance
  • Effective Security Program
  • Compliance
  • Global Legal and Regulatory Issues
  • Understand Professional Ethics
  • Develop and Implement Security Policy
  • Business Continuity (BC) & Disaster Recovery (DR) Requirements
  • Manage Personnel Security
  • Risk Management Concepts
  • Threat Modeling
  • Acquisitions Strategy and Practice
  • Security Education, Training, and Awareness
2 - Understanding Information Security Concepts in Domain 2 - Asset Security Managing Data: Determining and Maintaining Data Ownership
  • Data Standards
  • Protecting Data
  • Classifying Information and Supporting Assets
  • Protecting Privacy
  • Ensuring Appropriate Retention
  • Determining Data Security Controls
  • Selecting Standards
3 - Understanding Information Security Concepts in Domain 3 - Security Engineering:
  • Using Security Design Principles in The Engineering Lifecycle
  • Understanding Fundamental Concepts of Security Models
  • Exploring Information Systems Security Evaluation Models
  • Ensuring Security Capabilities of Information Systems
  • Discovering Vulnerabilities of Security Architectures
  • Securing Databases
  • Analyzing Vulnerabilities and Threats
  • Applying and Using Cryptography
  • Site Planning
  • Implementing and Operating Facilities Security
4 - Understanding Information Security Concepts in Domain 4- Communication and Network Security
  • Secure Network Architecture and Design
  • Implications of Multi-Layer Protocols
  • Converged Protocols
  • Securing Network Components
  • Secure Communication Channels
  • Network Attacks
5 - Understanding Information Security Concepts in Domain 5 - Identity and Access Management
  • Physical and Logical Access to Assets
  • Identification and Authentication of People and Devices
  • Identity Management Implementation
  • Identity as a Service (IDaaS)
  • Integrate Third-Party Identity Services
  • Implement and Manage Authorization Mechanisms
  • Prevent or Mitigate Access Control Attacks
  • Identity and Access Provisioning Lifecycle
6 - Understanding Information Security Concepts in Domain 6 - Security Assessment and Testing
  • Assessment and Test Strategies
  • Collect Security Process Data
  • Internal and Third-Party Audits
7 - Understanding Information Security Concepts in Domain 7 Security Operations
  • Investigations
  • Provisioning of Resources through Configuration Management
  • Foundational Security Operations Concepts
  • Resource Protection
  • Incident Response
  • Preventative Measures against Attacks
  • Patch and Vulnerability Management
  • Change and Configuration Management
  • The Disaster Recovery Process
  • Test Plan Review
  • Business Continuity and Other Risk Areas
  • Access Control
  • Internal Security
  • Building and Inside Security
  • Personnel Safety
8 - Understanding Information Security Concepts in Domain 8 - Security in the Software Development Life Cycle
  • Software Development Security Outline
  • Environment and Security Controls
  • Security of the Software Environment
  • Software Protection Mechanisms
  • Assess the Effectiveness of Software Security
  • Assess Software Acquisition Security