• Overview

Course Overview

This training seminar, led by an (ISC)² authorized instructor, provides a comprehensive review of information security concepts and industry best practices. It covers the 8 domains of the CISSP CBK:

  1. Security and Risk Management
  2. Asset Security
  3. Security Engineering
  4. Communications and Network Security
  5. Identity and Access Management
  6. Security Assessment and Testing
  7. Security Operations
  8. Software Development Security

The course employs several types of activities to reinforce topics and increase knowledge retention, including open-ended questions, matching and poll questions, group activities, and group discussions. This interactive learning technique is based on sound adult learning theories.

This training course will help candidates review and refresh their information security knowledge and identify areas they need to study for the CISSP exam. The course features:

  • Official (ISC)² courseware
  • Instruction by an authorized (ISC)² instructor
  • Student handbook
  • Collaboration with classmates
  • Real-world learning activities and scenarios

Target Audience

This training course is intended for professionals who have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to advance within their current information security careers. The training seminar is ideal for those working in positions such as, but not limited to:

  • Security Consultant
  • Security Manager
  • IT Director/Manager
  • Security Auditor
  • Security Architect
  • Security Analyst
  • Security Systems Engineer
  • Chief Information Security Officer
  • Director of Security
  • Network Architect

Learning Objectives

Upon completion of this course, you should be able to:

  • Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness
  • Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference)
  • Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization’s security processes, information security systems, personnel, and organizational sub-units
  • Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media
  • Identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise
  • Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those assets
  • Match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture