CISSP (Certified Information Systems Security Professional)

Master the essential skills for protecting digital assets and networks with our CISSP certification course, tailored for IT security professionals seeking to enhance their qualifications and expertise.

Course Thumbnail

Essential Skills Gained

Checkmark

Design robust information security strategies aligned with best practices.

Checkmark

Implement comprehensive risk management and compliance techniques.

Checkmark

Understand diverse cryptographic methods and their applications.

Checkmark

Develop and manage disaster recovery and business continuity plans.

Format

  • Instructor-led
  • 5 days with lectures and hands-on labs.

Audience

  • Chief Information Security Officers (CISOs)
  • IT Security Managers
  • Information Security Analysts
  • Security Auditors

Description

Information security is part of every IT professional’s job. Hackers are constantly trying to compromise your networks, steal sensitive data, and overwhelm your systems. Planning, implementing, enforcing, or even removing security are tasks we all do to keep users and systems safe. Performing these tasks properly and in alignment with industry best practices is critical to virtually every technology role, from decision maker to developer to operator. This scenario-based course focuses on computer security as an applied process across job roles and industries. The course also helps to prepare students for achieving the Certified Information Systems Security Professional (CISSP) certification. CISSP is widely regarded as the most valuable vendor-neutral credential a computer security professional can hold. It is frequently identified as a prerequisite for security jobs across all industries including security design, implementation, maintenance, policy development, and management of secured systems, process/procedures, policies, applications and networks. This course is primarily for Information Technology Security Professionals who want to advance their security certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), and related courses. This course also covers most of the knowledge required to prepare for the Systems Security Certified Practitioner (SSCP) certification exam.

Calendar icon

Upcoming Course Dates

August 25-29, 2025

7:00 AM - 3:00 PM

Virtual: Online - America/Los_Angeles

Enroll

$3095

October 20-24, 2025

7:00 AM - 3:00 PM

Virtual: Online - America/Los_Angeles

Enroll

$3095

December 15-19, 2025

8:00 AM - 4:00 PM

Virtual: Online - America/Denver

Enroll

$3095

Course Outline

Download PDF

Access Control

  1. Security Principles and the Principle of Least

  2. Confidentiality

  3. Integrity

  4. Availability

  5. Identification, Authentication, Authorization, Access, and Accounting

  6. Authentication Techniques and Standards

  7. Access Control Models

  8. Access Control Methods and Implementations

  9. Access Control Accounting and Auditing

Information Security Governance and Risk Management

  1. Fundamental Principles of Security

  2. Confidentiality

  3. Integrity

  4. Availability

  5. Balancing the Security Principles

  6. Security vs. Usability vs. Cost

  7. Security Definitions

  8. Types of Security Controls

  9. Security Frameworks

  10. ISO/IEC 27001

  11. COSO

  12. COBIT

  13. Process Management

  14. Security Management

  15. Risk Management

  16. Risk Assessment and Analysis

  17. Asset Classification

  18. Data Classification

  19. Risk Mitigation Strategies

  20. Policies

  21. Standards

  22. Guidelines

  23. Baselines

  24. Procedures

  25. Executive Leadership in Risk Management

  26. Implementing Governance and Compliance Strategies

Security Architecture and Design

  1. Computer System Architecture

  2. Operating System Security Architecture

  3. Application Security Architecture

  4. System Security Models

  5. Security Architecture Evaluation and Certification

  6. Trusted Computer System Evaluation Criteria (TCSEC, or Orange Book)

  7. Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408)

  8. System Testing and Certification

Business Continuity and Disaster Recovery Planning

  1. Standards and Best Practices

  2. Planning for Incidents

  3. The Business Continuity Process

  4. Implementing A Disaster Recovery Plan

Cryptography

  1. Overview of Cryptography

  2. The History of Cryptography (Without Math)

  3. The Use of Cryptography (With Math)

  4. Symmetric Key (Shared Secret Key) Cryptography

  5. Diffie-Hellman Key Agreement

  6. Asymmetric Key (Public – Private Key) Cryptography

  7. Digital Signature (Hash) Cryptography

  8. Implementing All Types of Cryptography in Cryptosystems

  9. Public Key Infrastructure (PKI) and Certificates

  10. Encrypted VPN Tunnels

  11. Digitally Signed Documents and Email

  12. Encrypting Data At Rest and In Transit

Legal, Regulations, Investigations and Compliance

  1. The Complexity of Cybercrime

  2. Regions

  3. Laws

  4. Law Enforcement

  5. Privacy Laws

  6. Intellectual Privacy Laws

  7. Eavesdropping and Workplace Spying Laws

  8. Legal Liability and Security Compliance

  9. Conducting a Security Investigation

  10. Ethics of Information Security

Operations Security (formerly Security Operations)

  1. The Role of Operations in Information Security

  2. Personnel Management and Administration

  3. Planning System Security

  4. Implementing and Maintaining System Security

  5. Applying Controls

  6. System Hardening

  7. Trusted Recovery

  8. Configuration Management

  9. Change Control Process

  10. Change Control Documentation

  11. Change Control Compliance and Auditing

  12. Vulnerability Assessment

  13. Continuous Security Lifecycle

Physical (Environmental) Security

  1. The Importance of Physical Security in Information Security

  2. Planning Physical Security

  3. Identifying and Protecting Assets

  4. Internal Physical Security Threats and Controls

  5. Perimeter Physical Security Threats and Controls

  6. External Physical Security Threats and Controls

Software Development Security

  1. Security as a Part of Software Development

  2. System Development Lifecycle

  3. Secure Software Development Lifecycle

  4. Software Development Models

  5. Change Control and Update Management

  6. Cloud Computing

  7. Web and Mobile Applications

  8. Database Management and Security

  9. Malicious Software

  10. Viruses

  11. Trojan Horses

  12. Worms

  13. Rootkits

  14. Backdoors

Telecommunications and Network Security

  1. The Open Systems Interconnect Model

  2. TCP/IP Security

  3. IPv4 Security and Threats

  4. IPv6 Security and Threats

  5. Network Cabling Types and Security

  6. Network Devices

  7. Hubs

  8. Switches

  9. Routers

  10. Bridges

  11. Gateways

  12. Security Network Devices

  13. Firewalls and Content Filters

  14. Proxy Servers

  15. Intrusion Detection Systems

  16. Intrusion Prevention Systems

  17. Firewalls

  18. WAN Security

  19. Dial-Up Network Security

  20. Virtual Private Network (VPN) Security

  21. Internet Protocol Security (IPsec)

Your Team has Unique Training Needs.

Your team deserves training as unique as they are.

Let us tailor the course to your needs at no extra cost.