CISSP Certification

• Educational Background: There are no specific educational prerequisites. However, learners should have a strong foundation in IT and cybersecurity principles. 

• Professional Experience: Candidates should ideally have a minimum of five years of cumulative work experience in two or more of the CISSP domains. One year of experience may be waived with a recognised degree or certification. 

• Language Proficiency: Learners should have a good command of English, as the course materials and CISSP certification exam are conducted in English. 

• Develop Advanced Cybersecurity Expertise: Gain a thorough understanding of the eight domains outlined in the CISSP CBK. 

• Master Risk Management and Incident Response: Learn to identify and mitigate risks, develop response strategies, and ensure data protection. 

• Design Secure Systems: Acquire the skills to create and manage secure IT architectures and software processes. 

• Prepare for the CISSP Exam: Develop the confidence and knowledge to pass the CISSP certification exam and apply your expertise in real-world scenarios. 

The CISSP Certification Training Course is tailored for IT and security professionals aiming to enhance their cybersecurity expertise and achieve CISSP certification. Below are the individuals who will benefit from this course:

• IT Security Managers
• Security Consultants
• Network Security Engineers
• Systems Administrators
• Risk Managers
• Cybersecurity Analysts 

Domain 1: Security and Risk Management 

• Understand and Apply Security Concepts 

• Evaluate and Apply Security Governance Principles 

• Legal and Regulatory Issues that Pertain to Information Security in a Global Context 

• Requirements for Investigation Types 

• Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines 

• Identify, Analyse, and Prioritise Business Continuity (BC) Requirements 

• Contribute to and Enforce Personnel Security Policies and Procedures 

• Understand and Apply Risk Management Concepts 

• Understand and Apply Threat Modelling Concepts and Methodologies 

• Apply Supply Chain Risk Management (SCRM) Concepts 

• Establish and Maintain a Security Awareness, Education, and Training Programme 

Domain 2: Asset Security 

• Identify and Classify Information and Assets 

• Establish Information and Asset Handling Requirements 

• Provision Resources Securely 

• Manage Data Lifecycle 

• Ensure Appropriate Asset Retention 

• Determine Data Security Controls and Compliance Requirements 

Domain 3: Security Architecture and Engineering 

• Research, Implement, and Manage Engineering Processes Using Secure Design Principles 

• Understand the Fundamental Concepts of Security Models 

• Select Controls Based Upon Systems Security Requirements 

• Understand Security Capabilities of Information Systems 

• Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements 

• Cryptographic Life Cycle 

• Understand Methods of Cryptanalytic Attacks 

• Apply Security Principles to Site and Facility Design 

• Design Site and Facility Security Controls 

• Manage the information system lifecycle 

Domain 4: Communication and Network Security 

• Implement Secure Design Principles in Network Architectures 

• Secure Network Components 

• Implement Secure Communication Channels According to Design 

Domain 5: Identity and Access Management 

• Control Physical and Logical Access to Assets 

• Manage Identification and Authentication of People, Devices, and Services 

• Integrate Identity as a Third-Party Service 

• Implement and Manage Authorisation Mechanisms 

• Manage the Identity and Access Provisioning Lifecycle 

• Implement Authentication Systems 

Domain 6: Security Assessment and Testing 

• Design and Validate Assessment, Test, and Audit Strategies 

• Conduct Security Control Testing 

• Collect Security Process Data 

• Analyse Test Output and Generate Report 

• Conduct or Facilitate Security Audits 

Domain 7: Security Operations 

• Understand and Support Investigations 

• Conduct Logging and Monitoring Activities 

• Securely Provisioning Resources 

• Understand and Apply Foundational Security Operations Concepts 

• Apply Resource Protection Techniques 

• Conduct Incident Management 

• Operate and Maintain Detective and Preventative Measures 

• Implement and Support Patch and Vulnerability Management 

• Participate in Change Management Processes 

• Implement Recovery Strategies 

• Implement disaster recovery (DR) processes 

• Test disaster recovery plans (DRP) 

• Participate in Business Continuity (BC) planning and exercises 

• Implement and manage physical security 

• Address personnel safety and security concerns 

Domain 8: Software Development Security 

• Integrate Security in the Software Development Life Cycle (SDLC) 

• Identify and Apply Security Controls in Development Environments 

• Assess the Effectiveness of Software Security 

• Assess Security Impact of Acquired Software 

• Define and Apply Secure Coding Guidelines and Standards