CISSP Certification

PREREQUISITE:
To optimize learning adoption during the entire training program, it is highly recommended that participants have certifications in Network+ or Security+, or obtain similar professional experience upon taking CISSP coursework training. It will be an advantage if candidates have possessed one or more of the following security-related or technology-related certifications or equivalent work experience:

• MCSE
• MCITP
• MCTS
• CCNP
• SCNP
• RHCE
• LCE
• CNE
• GIAC
• SSCP
• CISA
• CISM

COURSE OVERVIEW:
This training seminar is offered by MITS as an intensive review of information security principles and industry best techniques, encompassing the scope of the 8 domains of the CISSP CBK:

• Security and Risk Management
• Asset Security
• Security Engineering
• Communications and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

A wide array of learning activities are prepared to be utilized throughout the course training, reinforcing topics and improve knowledge retention. These learning activities include open ended questions from the instructor to the participants, relating questions and expressing opinions, engaging group activities, open or closed questions, and thorough group discussions. MITS provides participants with an interactive learning practices that are based on sound adult learning theories.

This program will help participants review and re-evaluate their gathered information on security knowledge and help determine aspects where they need to focus in preparation for the CISSP exam and features:

• Official (ISC)² courseware
• Guided by an authorized (ISC)² instructor
• Student handbook
• Interaction with other participants
• Real-world learning activities and scenarios

COURSE OBJECTIVE:
In this training program, participants will be able to:

• Understand and use the fundamental principles of risk assessment, risk analysis, data classification, and security awareness
• Establish risk management and the concepts used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference)
• Use a complete and thorough method for describing a current and/or future structure and behavior for an organization’s security processes, information security systems, personnel, and organizational sub-units
• Execute techniques and processes that coordinate effectively with the organization’s core objectives and strategic direction and meet the regulations and policies, concepts, principles, frameworks, and standards used to develop criteria for the security of information assets
• Evaluate the effectiveness of the applied security
• Develop the framework of an all-inclusive and responsive security program to make sure of the protection of an organization’s information assets
• Understand and analyze the structures, transmission methods, transport formats, and security measures used to generate confidentiality, dependability, integrity, and availability for transmissions over private and public communications networks and media
• Determine risks and their factors that can be quantitatively and qualitatively measured to maintain the development of business cases to lead responsive security in the organization
• Provide more knowledge in determining who or what may have changed the data or system information, potentially giving harm to the integrity of those asset
• Affiliate an entity, such as a person or a computer system, with the actions that entity takes against important resources, providing enterprises to have a better and clearer understanding of the status of their security framework and processes
• Design a plan for technology development, including risk
• Assess the system design against mission requirements
• Determine the appropriate fit of competitive prototyping and other assessment practices in the process
• Protect and control information processing resources in both centralized and distributed environments
• Execute the daily work processes required to keep protection services operating dependably and efficiently
• Understand the Software Development Life Cycle (SDLC) and how to use security to it
• Determine which security management(s) are appropriate for the development environment
• Evaluate the integrity and efficacy of software security

COURSE CURRICULUM:

1. Information Systems Access Control
   • Data Access Principles and Techniques
   • System Access and Authentication
   • Attacks and Penetration Tests
2. Security Architecture and Design
   • Security Architecture Structures
   • Security Models
   • Security Modes
   • System Support and Warranty
3. Network and Telecommunications Security
   • Data Network Design
   • Remote Data Access
   • Data Network Protection
   • Data Network Management
4. Information Security Management Goals
   • Enterprise Security
   • Security Principles Application Process
5. Information Security Classification and Program Development
   • Classification of Information
   • Development and Execution of Security Program
6. Risk Management and Ethics
   • Risk Management
   • Ethics
7. Software Development Security
   • Software Configuration Management
   • Software Control System
   • Database System Security
8. Introduction to Cryptography
   • Ciphers and Cryptography
   • Symmetric-Key Cryptography
   • Asymmetric-Key Cryptography
   • Digesting Hashes and Messages
   • Security to Networks such as Email and Internet
   • Cryptographic Weakness Defined
9. Physical Security
   • Physical Access Control Concepts and Practices
   • Physical Access Assessment
   • Physical Security Methods
   • Facilities Security
10. Operations Security
    • Operations Security Management
    • Operations Security Auditing and Assessment
    • Operational Risks, Threats and Protocols
11. Business Continuity and Disaster Recovery Planning
    • Business Continuity Plan Essentials
    • Business Continuity Plan Execution
    • Disaster Recovery Plan Essentials
    • Disaster Recovery Plan Execution
12. Legal, Regulations, Compliance, and Investigations
    • Computer Crime Laws and Policies
    • Computer Crime Incident Response

WHAT YOU’LL LEARN:
As soon as the participant has completed the training program, he or she will be able to gain several learning insights such as:

• Be able to describe the architecture, design and control the security of participant’s organization
• Gain relevant knowledge and skills needed to pass the CISSP certification exam
• Obtain the requisite of 30 CPEs or PDUs needed to apply and take up the CISSP certification exam
• Establish an active knowledge of the 8 domain areas as prescribed by CISSP – Common Book of Knowledge 2015 (CISSP CBK)

WHO NEEDS TO TAKE THIS COURSE:
CISSP certification is a globally acknowledged professional requirement in the IT Security industry. MITS offers this comprehensive training program for professionals who have at least 5 years of recent or current full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to gain the credibility and integrity in advancing their career opportunities within their current information security works. The coursework is a good choice for those individuals whose role in the organization includes, but not limited to:

• Security Consultant
• Security Manager
• IT Director
• IT Manager
• Security Auditor
• Security Architect
• Security Analyst
• Security Systems Engineer
• Chief Information Security Officer
• Director of Security
• Network Architect

Click here to request schedule and more course information.