Skip Ribbon Commands
Skip to main content

CISSP - Certified Information Systems Security Professional


Duration: 5 Days




Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

​This training seminar provides a comprehensive review of information security concepts and industry best practices, covering the  8 domains  of the CISSP CBK (Common Body of Knowledge):

Security and Risk Management

Asset Security

Security Engineering

Communications and Network Security

Identity and Access Management

Security Assessment and Testing

Security Operations

Software Development Security

Course Objectives

At the end of this course, you will be well learned in the aspect of systems security

Related Courses:
CISSP-ISSAP Certification Prep Course
CISSP-ISSEP Certification Prep Course
CISSP-ISSMP Certification Prep Course
CSSLP Certification Prep Course
CAP Certification Prep Course
HCISPP Certification Prep Course

Course Audience

​This training course is intended for professionals who have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training seminar is ideal for those working in positions such as, but not limited to: 


  • Security Consultant
  • Security Manager
  • IT Director/Manager
  • Security Auditor
  • Security Architect
  • Security Analyst
  • Security Systems Engineer
  • Chief Information Security Officer
  • Director of Security
  • Network Architect


Course Outline

​Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)

Understand and Apply Concepts of Confidentiality, Integrity, and Availability

Apply Security Governance Principles


Understand Legal and Regulatory Issues that Pertain to Information Security in a Global Context

Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines

Understand Business Continuity Requirements

Contribute to Personnel Security Policies

Understand and Apply Risk Management Concepts

Understand and Apply Threat Modeling

Integrate Security Risk Considerations into Acquisitions Strategy and Practice

Establish and Manage Security Education, Training, and Awareness

Asset Security (Protecting Security of Assets)

Classify Information and Supporting Assets

Determine and Maintain Ownership

Protect Privacy

Ensure Appropriate Retention

Determine Data Security Controls

Establish Handling Requirements

Security Engineering (Engineering and Management of Security)

Implement and Manage an Engineering Life Cycle Using Security Design Principles

Understand Fundamental Concepts of Security Models

Select Controls and Countermeasures Based Upon Information Systems Security Standards

Understand the Security Capabilities of Information Systems

Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements

Assess and Mitigate Vulnerabilities in Web-based Systems

Assess and Mitigate Vulnerabilities in Mobile Systems

Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems

Apply Cryptography

Apply Secure Principles to Site and Facility Design

Design and Implement Facility Security

Communications and Network Security (Designing and Protecting Network Security)

Apply Secure Design Principles to Network Architecture

Securing Network Components

Design and Establish Secure Communication Channels

Prevent or Mitigate Network Attacks

Identity and Access Management (Controlling Access and Managing Identity)

Control Physical and Logical Access to Assets

Manage Identification and Authentication of People and Devices

Integrate Identity as a Service (IDaaS)

Integrate Third-Party Identity Services

Implement and Manage Authorization Mechanisms

Prevent or Mitigate Access Control Attacks

Manage the Identity and Access Provisioning Life Cycle

Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

Design and Validate Assessment and Test Strategies

Conduct Security Control Testing

Collect Security Process Data

Conduct or Facilitate Internal and Third-Party Audits

Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

Understand and Support Investigations

Understand Requirements for Investigation Types

Conduct Logging and Monitoring Activities

Secure the Provisioning of Resources through Configuration Management

Understand and Apply Foundational Security Operations Concepts

Employ Resource Protection Techniques

Conduct Incident Response

Operate and Maintain Preventative Measures

Implement and Support Patch and Vulnerability Management

Participate in and Understand Change Management Processes

Implement Recovery Strategies

Implement Disaster Recovery Processes

Test Disaster Recovery Plan

Participate in Business Continuity Planning

Implement and Manage Physical Security

Participate in Personnel Safety

Software Development Security (Understanding, Applying, and Enforcing Software Security)

Understand and Apply Security in the Software Development Life Cycle

Enforce Security Controls in the Development Environment

Assess the Effectiveness of Software Security

Assess Software Acquisition Security

Course Prerequisites

​Professionals with at least five years of experience and who demonstrate a globally recognized level of competence, as defined in the CISSP Common Body of Knowledge (CBK) in two or more of the eight security domains

Course Schedule
This course is not scheduled yet.