As the world becomes more and more aware of the need for security, professionals in the Information System Security field vie to set themselves apart as knowledgeable, competent professionals. The CISSP exam is currently the premiere IT Security certification, satisfying Level 3 DOD 8570.1 compliance. To pass this exam, an in depth understanding of ten diverse domains are required.
- Information Security Governance and Risk Management: Understanding the principles of risk management and how they drive the strategic decisions within an organization are essential. All policies and procedures stem from an understanding of associated risks and an evaluation of our risk tolerances. Learn both Qualitative and Quantitative analysis, as it pertains to implementing security solutions and see why cost/benefit analysis is ultimately at the root of all of our governance strategies.
- Operations Security: We examine the day to day responsibilities of the security staff including, but not limited to fault tolerance, intrusion detection, as well as configuration and change management.
- Cryptography: Understanding the processes underneath applications like secure email or secure web transactions, the Cryptography domains includes an examination on both public and private key cryptography, Integrity techniques as well as the non-repudiation services. IPSec, SSL, SSH, WPAII, PGP, S/MIME and other technologies are explored in appropriate depth.
- Access Control: Exploration of the ways we restrict the capabilities that subjects have in relation to network objects and resources. Elements include Kerberos, Biometric Authentication, RADIUS, as well as security principles and access control models.
- Telecommunications and Network Security: Networking principles and foundational theory are explored in this domain. The OSI Reference Model, Well-known protocols, network devices and technologies explained for understanding and comprehension. Networking made easy, so to speak!
- Physical Security: This domain looks at the more tangible elements of security operations—those designed to protect the safety of our employees and tangible assets.
- Laws, Investigations and Ethics: Since, in many instances, company policies are driven by industry specific laws and regulations, it is essential that a CISSP understands those relevant standards. Additionally, evidence collection and ethical behavior are also considered.
- Security Architecture and Design: Perfect the process and the product will follow. The central premise of this domain is to provide a rigorous method for the design of a system, with inherent security, as opposed to implementing security as an afterthought. Explore foundational security models like The System State Model, Bell-LaPadula, Clark-Wilson and others and learn how secure design enforces secure operation.
- Software Development Security: Once Again, the design process determines the security of the product. Technical project management, exploration of the Software Development Lifecycle, Database design and protection are the main topics covered.
- Business Continuity and Disaster Recovery Planning: The final domain is essentially what it is all about—Keeping the business going, thriving and moving forward, no matter what. The key to long term health in the face of disasters or major disruptions is through planning. Learn the differing components of a BCP/DRP and how each element affects the overall process and success of the plan within the context of the CISSP exam.
Our CISSP Exam Prep Boot Camp is designed to provide six intense days of training and study using proven training methods and custom courseware designed by information security training specialists. Our materials take complex topics and make them easy to understand by focusing on comprehension of material, instead of memorization of facts. It is this approach that gives our students the advantage on the CISSP exam and we boast over a 90% first time pass rate. Suggested, but not mandatory prerequisites are Security+, Network+ or equivalent experience.