CISSP Workshop
Certified Information Systems Security Professional (CISSP) is an independent information security certification granted by the International Information System Security Certification Consortium, also known as (ISC)².
Duration- 2Days Workshop
Pre-requisite
Candidates must have a minimum of 5 years of cumulative paid full-time work experience in 2 or more of the 8 domains of the CISSP CBK. Earning a 4-year college degree or regional equivalent or an additional credential from the (ISC)² approved list will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience.
Target Audience
Security Consultant/Security Manager/IT Director/Manager/Security Auditor/Security Architect/Security Analyst/Security System Engineer/Chief Information Security Officer/ Director of Security/Network Architect
Workshop Outline
Security and Risk Management
- Understand and apply concepts of confidentiality, integrity and availability
- Evaluate and apply security governance principles
- Determine compliance requirements
- Understand legal and regulatory issues that pertain to information security in a global context
- Understand, adhere to, and promote professional ethics
- Develop, document, and implement security policy, standards, procedures, and guidelines
- Identify, analyze, and prioritize Business Continuity (BC) requirements
- Contribute to and enforce personnel security policies and procedures
- Understand and apply risk management concepts
- Understand and apply threat modeling concepts and methodologies
- Apply risk-based management concepts to the supply chain
- Establish and maintain a security awareness, education, and training program
Security Architecture and Engineering
- Implement and manage engineering processes using secure design principles
- Understand the fundamental concepts of security models Select controls based upon systems security requirements
- Understand security capabilities of information systems (e.g., memory protection, Trusted
- Platform Module (TPM), encryption/decryption)
- Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
- Assess and mitigate vulnerabilities in web-based systems
- Assess and mitigate vulnerabilities in mobile systems
- Assess and mitigate vulnerabilities in embedded devices
- Apply cryptography
- Apply security principles to site and facility design Implement site and facility security controls
Asset Security
- Identify and classify information and assets
- Determine and maintain information and asset ownership
- Protect privacy
- Ensure appropriate asset retention
- Determine data security controls
- Establish information and asset handling requirements
Communication and Network Security
- Implement secure design principles in network architectures
- Secure network components
- Implement secure communication channels according to design
Identity and Access Management (IAM)
- Control physical and logical access to assets
- Manage identification and authentication of people, devices, and services
- Integrate identity as a third-party service
- Implement and manage authorization mechanisms
- Manage the identity and access provisioning lifecycle
Security Assessment and Testing
- Design and validate assessment, test, and audit strategies
- Conduct security control testing
- Collect security process data (e.g., technical and administrative)
- Analyze test output and generate report
- Conduct or facilitate security audits
Security Operations
- Understand and support investigations
- Understand requirements for investigation types
- Conduct logging and monitoring activities
- Securely provisioning resources
- Understand and apply foundational security operations concepts
- Apply resource protection techniques
- Conduct incident management
- Operate and maintain detective and preventative measures
- Implement and support patch and vulnerability management
- Understand and participate in change management processes
- Implement recovery strategies
- Implement Disaster Recovery (DR) processes
- Test Disaster Recovery Plans (DRP)
- Participate in Business Continuity (BC) planning and exercises
- Implement and manage physical security
- Address personnel safety and security concerns
Software Development Security
- Understand and integrate security in the Software Development Life Cycle (SDLC)
- Identify and apply security controls in development environments
- Assess the effectiveness of software security
- Assess security impact of acquired software
- Define and apply secure coding guidelines and standards
Locations offered
On-demand Anytime Anywhere Instructor led training available
Chennai, Bangalore, Hyderabad, Pune & other major cities in India, USA, UK, Middle east, Dubai & Singapore.
Offers
Early bird / Group / Corporate Group / Festive offers available
Demo Session
For a Free Demo session of 2 Hours – Contact 9500067713 / 044 – 4005 0999 or Register yourself using the link https://docs.google.com/forms/d/e/1FAIpQLSdhXC9DF8cgObBKIxtZmK3b1hsbmnYX62Grxwsyi96xBnLG0A/viewform