Scribd Logo
Hochladen

Willkommen bei Scribd!

  • CISSP

    Hochgeladen von

    radicalsurge
    83 Ansichten8 Seiten
    done

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    done

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    83 Ansichten8 Seiten

    CISSP

    Hochgeladen von

    radicalsurge
    done

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 8

    Glen Gonsalves

    Certified Information Systems Security Professional

    458008
    Dr. Kevin Charest - Chairperson Certification Number

    6/30/2021
    Wim Remes - Secretary Expiration Date

    Certified Since: 2015

    Verify Member is in good standing at: www.isc2.org/verify Printed on: 10/3/2018


    Course Name CISSP

    Instructor Glen Gonsalves (CISSP


    ID – 458008)
    Course Duration 8 Days

    Course Fee 15000


    INTRODUCTION
    OVERVIEW

    SECURITY AND RISK MANAGEMENT (Day 1)

    Security Governance through Principles and Policies


    • Understand and apply concepts of CIA
    • Evaluate and apply security governance principles
    • Develop, Document and implement Security Policy, Standard, Procedure and
    Guidelines
    • Understand and apply threat modeling concepts and methodologies
    • Apply Risk Based Management concepts to the supply chain

    Personnel Security and Risk Management


    o Personnel Security Policies and Procedures
    o Security Governance
    o Understand and apply risk management concepts
    o Establish and maintain a security awareness, education and training program
    o Manage the security function

    Business Continuity Planning


    o Planning for Business Continuity
    o Project Scope and Planning
    o Business impact assessment
    o Continuity Planning
    o Plan Approval and implementation

    Laws, Regulations and Compliance


    o Categories of Laws
    o Laws
    o Compliance
    o Contracting and Procurement

    Investigations and Ethics


    o Investigations
    o Major categories of computer crime
    o Ethics
    INTRODUCTION
    OVERVIEW

    ASSET SECURITY (Day 2)

    Protecting Security of Assets


    o Identify and classify assets
    o Determining ownership
    o Using Security Baselines

    Cryptography and Symmetric Key Algorithms


    o Historical milestones in cryptography
    o Cryptographic Basics
    o Modern Cryptography
    o Symmetric cryptography
    o Cryptographic Lifecycle

    SECURITY ARCHITECTURE AND ENGINEERING


    PKI and Cryptographic Applications
    o Asymmetric Cryptography
    o Hash Functions
    o Digital Signatures
    o Public Key Infrastructure
    o Asymmetric Key Management
    o Applied Cryptography
    o Cryptographic Attacks
    Principles of Security Models, Design and Capabilities
    o Implement and manage Engineering Processes using secure design principles
    o Fundamental Concepts of Security Models
    o Controls based on system security requirements
    o Security Capabilities of Information
    Security Vulnerabilities, Threats and Countermeasures
    o Assess and mitigate security vulnerabilities
    o Client Based systems
    o Server based systems
    o Database systems security
    o Distributed Systems and Endpoint Security
    o Internet of things
    o Industrial Control Systems
    o Assess and mitigate vulnerabilities in Web/Mobile/embedded devices and cyber
    physical system
    INTRODUCTION
    OVERVIEW

    SECURITY ARCHITECTURE AND ENGINEERING (Day 3)

    PKI and Cryptographic Applications


    o Asymmetric Cryptography
    o Hash Functions
    o Digital Signatures
    o Public Key Infrastructure
    o Asymmetric Key Management
    o Applied Cryptography
    o Cryptographic Attacks
    Principles of Security Models, Design and Capabilities
    o Implement and manage Engineering Processes using secure design principles
    o Fundamental Concepts of Security Models
    o Controls based on system security requirements
    o Security Capabilities of Information
    Security Vulnerabilities, Threats and Countermeasures
    o Assess and mitigate security vulnerabilities
    o Client Based systems
    o Server based systems
    o Database systems security
    o Distributed Systems and Endpoint Security
    o Internet of things
    o Industrial Control Systems
    o Assess and mitigate vulnerabilities in Web/Mobile/embedded devices and cyber
    physical system
    o Essential security protection mechanisms
    o Common architecture flaws and security issues
    Physical Security Requirements
    o Security principles for site and facility design
    o Site and facility security controls
    o Implement and Manage Physical Security
    Malicious code and application attacks
    o Malicious code
    o Password attacks
    o Application attacks
    o Web application Security
    o Reconnaissance attacks
    o Masquerading attacks
    INTRODUCTION
    OVERVIEW

    COMMUNICATION AND NETWORK SECURITY (Day 4)

    Secure network architecture and Securing network components


    o OSI Model
    o TCP/IP Model
    o Converged Protocols
    o Wireless Networks
    o Secure Network Components
    o Cabling, Wireless, Topology, Communications and transmission media technology
    Secure Communication and Network Attacks
    o Network and Protocol Security Mechanisms
    o Secure Voice Communications
    o Multimedia Collaboration
    o Manage Email Security
    o Remote Access Security Management
    o Virtual Private Network
    o Virtualization
    o Network Address Translation
    o Switching Technologies
    o WAN Technologies
    o Miscellaneous Security Control Characteristics
    o Security Boundaries
    o Prevent or Mitigate Network Attacks
    INTRODUCTION
    OVERVIEW

    IDENTITY AND ACCESS MANAGEMENT (Day 5)

    Managing Identity and Authentication


    o Controlling access to assets
    o Identification and Authentication
    o Implementing Identity Management
    o Managing Identity and Access Provisioning
    Controlling and Monitoring Access
    o Access control models
    o Access control attacks

    INTRODUCTION
    OVERVIEW

    SECURITY ASSESSMENT AND TESTING (Day 6)

    Security assessment and testing


    o Building a Security assessment and testing program
    o Vulnerability assessments
    o Testing your software
    o Implementing Security Management Processes
    o Disaster recovery planning
    Disaster Recovery Planning
    o Nature of disaster
    o System Resilience and Fault tolerance
    o Recovery strategy
    o Recovery plan development
    o Training, awareness and documentation
    o Testing and maintenance
    INTRODUCTION
    OVERVIEW

    SECURITY OPERATIONS (Day 7)

    Managing Security Operations


    o Security Operation Concepts
    o Securely provisioning resources
    o Managing Configuration
    o Managing change
    o Managing patches and reducing vulnerabilities
    o Managing incident response
    o Implementing detective and preventive measures
    o Logging, monitoring and auditing
    Preventing and responding to incidents
    o Managing incident response
    o Implementing detective and preventive measures
    o Logging, monitoring and auditing

    INTRODUCTION
    OVERVIEW

    SOFTWARE DEVELOPMENT SECURITY (Day 8)

    Software Development Security


    o Systems development controls
    o Databases and data warehousing
    o Storing data and information
    o Knowledge based systems

    Das könnte Ihnen auch gefallen