CISSP – Certified Information Systems Security Professional 

The Certified Information Systems Security Professional (CISSP) exam is a six-hour exam consisting of 250 questions that certifies security professionals in ten different areas, of access control systems and methodology, business continuity planning and disaster recovery planning, physical security, operations, security, management practices, telecommunications and networking security. Other areas important to the CISSP certification are cryptography, security architecture application and systems development, law, investigation, and ethics.

CISSP- Certified Information Systems Security Professional

Security and Risk Management

 

 . Introduction to Security and Risk Management

 

 . Important Definitions

 

 . Important Definitions  

 

 . Governance Requirements

 

 . Due Care and Due Diligence

 

 . Question

 

 . Compliance

 

 . Important Document

 

 . Ethics

 

 . Question

 

 . Security Document  

 

 .Security Document Types

 

 . Policy Sample

 

 . The Relationship Between Security Document Types

 

 . Risk Management

 

 . Risk Management Part  

 

 . Asset Evaluation

 

 . Exam Question

 

 . Rsa Archer

 

 . ARIS GRC

 

 . Business Continuity Plans

 

 . Business Continuity Plans – BCP

 

 . Business Impact Analysis- BIA

 

 . MTD – RTO- RPO

 

 . Disaster Recovery Plan -DRP

 

 . Alternatives Sites

 

 . Exam Quiz

 

 . The Need of Personnel Security

 

 . Employment Policies

 

 . Employment Policies -Part  

 

 . Termination

 

 . Security Awareness

 

 Domain Evaluation

 

Asset Security

 

 . Introduction to Asset Security

 

 . Asset Management

 

 . Information Asset List

 

 . Classification

 

 . Labeling

 

 . DLP

 

 . DLP – Data Classification

 

 . Klassify – Data Labeling  

 

 . Privacy

 

 . Retention

 

 . Data Security Control

 

 Domain Evaluation

 

Security Architecture and Engineering

 

 . Introduction to Security Architecture and Engineering

 

 . Security Engineering Lifecycle

 

 . NISP SP –

 

 . Trusted Computing Base _ TCB

 

 . TCB Vulnerability

 

 . Security Models

 

 . TCSEC

 

 . ITSEC

 

 . Security Architecture Questions

 

 . Enterprise Security Architecture

 

 . Virtualization

 

 . Fault Tolerance

 

 . Server Fault Tolerance Techniques

 

 . New Technology

 

 . Spoofing Number

 

 . Spoofing Email

 

 . Cryptography

 

 . Alternative Ciphers

 

 . Symmetric Encryption

 

 . Asymmetric Encryption

 

 . Hash

 

 . Physical Access barriers

 

 . Physical Security

 

 . Power Issue

 

 . Fire

 

 Domain Evaluation

 

Communications and Network Security

 

 . The OSI Model

 

 . TCP-IP Model

 

 . Network Architecture Components

 

 . Firewall

 

 . Network Types and Topolgies

 

 . Remote Access Technology

 

 . Wireless Network

 

 . Network Attacks

 

 . Remote Access Security Mechanisms

 

 . RAID

 

 . Backup

 

 . Network Questions

 

 Domain Evaluation

 

Identity and Access Management

 

 . Access Control

 

 . Authorization

 

 . Authentication

 

 . Single Sign on SSO

 

 . Central Administration (RADUIS)

 

 . Access Control Attack

 

 . Instrusion Detection System (IDS)

 

 . Access Control Inportant exam area

 

 . Access Control Questions

 

 Domain Evaluation

 

Cloud Security

 

 . Introduction to Cloud Security

 

 . NIST –

 

 . IaaS vs PaaS vs SaaS

 

 . SaaS

 

 . PaaS

 

 . IaaS

 

 . Storage Architecture

 

 . Data Life Cycle Security

 

 . Hypervisor

 

 . Virtualization Security

 

 . Perimeter Security

 

Security Assessment and Testing

 

 . Introduction Security Assessment and Testing

 

 . Test Output

 

 . Vulnerability asessment – Part  

 

 . Vulnerability asessment -Part  

 

 . Nessus VA

 

 . Nessus VA- Part  

 

 . Nessus VA Report

 

 . OWASP ZAP – VA

 

 . Nexpose VA

 

 . Penetration testing

 

 . Reconnaissance Demo -Maltego

 

 . Scanning Demo -Zenmap

 

 . Exploitation Demo -MetaSploit

 

 . Event Log Review

 

 . NIST –

 

 . SIEM Solution Demo – Qradar

 

 . SIEM Solution

 

 . Code Review

 

 . Security KPI’s

 

Security Operations

 

 . Introduction to Security Operation

 

 . Security Operation  

 

 Guidelines for Applying Security Operations Concepts

 

 Domain Evaluation

 

Software Development Security

 

 . The System Life Cycle

 

 . Software development Methods

 

 . Change Control Process

 

 . Security Consideration

 

 . Software Control

 

 . Introduction to SQL Injection  

 

 . What is SQL Injection

 

 Domain Evaluation

 

More than 20000 students on Udemy

  • 4.1 Instructor Rating
  • Best Seller Course
  • Highest Rated Course
  • Courses used by udemy for business clients.

210K students on our platform

  • Unlimited access to all courses.
  • Top Courses for every trending technologies.
  • 4.5 Average ratings for all the courses.
  • Certificate Internationally accepted.

Learn at your pace

Courses Made By Industry Experts

Enhance your career

Enroll NowContact us