The CISSP (Certified Information Systems Professional) certification demonstrates that the holder has demonstrated the ability to understand a broad range of security issues in diverse areas.

Objectives:

This 64-hour program (6.4 CEUs) is designed for Networking Security Professionals who wish to attain CISSP certification and facilitate their growth as a security professional. The program reflects the latest Information System Security issues, concerns, and countermeasures. The topics and sub elements of the following ten CBK domains are discussed in the program.

Program Content:

Security Management Practices
Security Architecture and Models
Access Control Systems & Methodology
Application Development Security
Operations Security
Physical Security
Cryptography
Telecommunications, Network, & Internet Security
Business Continuity Planning
Law, Investigations, & Ethics

Security Management Practices

Security management identifies the information assets of an organization as well as the development, documentation, and implementation of policies, standards, procedures, and guidelines.
Tools such as data classification and risk assessment/analysis are used to: identify threats, classify assets, and rate system vulnerabilities so that effective controls can be implemented.
Concepts of confidentiality, integrity and availability; Security threats, safeguards; vulnerabilities and attacks; Risk management processes; Building blocks of information security; Security awareness programs; and IS audit process are covered.

Security Architecture & Models

The Security Architecture and Models course contains the concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of availability, integrity, and confidentiality.
Common computer and network concepts, architecture and design; Common security models, architecture and evaluation criteria; Common flows and security issues associated with system architecture and designs; and Business systems and processes evaluation techniques are covered.

Access Control Systems & Methodology

Access controls are mechanisms that work together to create security architecture to protect the assets of the information system. Access control models, methodologies and techniques; Access control administration practices; Identification and authentication techniques; Methods of attack to access control systems; and the concept of penetration testing are covered.

Application Development Security

This domain addresses the important security concepts that apply to application software development. It outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security.

Operations Security

Operations Security identifies the controls over hardware, media, and the operators and administrators with access privileges to any of these resources. Audit and monitoring permit the identification of security events and subsequent actions to identify the key elements and report the pertinent information to the appropriate individual, group, or process.
Information systems operation practices; Control over hardware, media and operations control mechanisms; Problem and performance monitoring tools and techniques are covered.

Physical Security

The physical security domain provides protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources.

Cryptography

The cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity.

Telecommunication, Network, and Internet Security

Network Structures; Transmission methods; Transport formats; Security measures used to provide availability, integrity, and confidentiality; and Authentication for transmissions over private and public communications networks and media are covered.

Business Continuity Planning

The Business Continuity Plan (BCP) domain addresses the preservation and recovery of business operations in the event of outages. The concept of business continuity planning and disaster recovery; the business continuity planning process covering project scope and planning, business impact analysis and recovery; the disaster recovery process in terms of recovery plan development, implementation and restoration; and techniques in auditing a business continuity plan are covered.

Law, Investigations, and Ethics

Computer crime laws and regulations as well as the measures and technologies used to investigate crimes are covered.

For more information on this program, please contact 1-866-NOVA-EDU (1-866-668-2338) or visit our web site at http://www.novatrain.net.

close