(ISC)²

CISSP Third Edition Pearson uCertify

(Pearson-CISSP-2018) / ISBN : 978-1-64459-008-9
Lessons
TestPrep
268 Reviews
Get A Free Trial

Skills You’ll Get

The vendor-neutral ISC2 CISSP certification is the ideal credential for those with proven deep technical and managerial competence to design, engineer, implement, and manage the overall information security program to protect organizations. The CISSP certification is created and managed by one of the most prestigious security organizations in the world and has a number of stated goals. Although not critical for passing the exam, having knowledge of the organization and of these goals is helpful in understanding the motivation behind the creation of the exam.
Download Course Outline

1

Introduction

  • The Goals of the CISSP Certification
  • The Value of the CISSP Certification
  • The Common Body of Knowledge
  • Steps to Becoming a CISSP
  • Facts About the CISSP Exam
  • About the CISSP Cert Guide, Third Edition
2

Security and Risk Management

  • Security Terms
  • Security Governance Principles
  • Compliance
  • Legal and Regulatory Issues
  • Professional Ethics
  • Security Documentation
  • Business Continuity
  • Personnel Security Policies and Procedures
  • Risk Management Concepts
  • Geographical Threats
  • Threat Modeling
  • Security Risks in the Supply Chain
  • Security Education, Training, and Awareness
  • Review All Key Topics
3

Asset Security

  • Asset Security Concepts
  • Identify and Classify Information and Assets
  • Information and Asset Ownership
  • Protect Privacy
  • Asset Retention
  • Data Security Controls
  • Information and Asset Handling Requirements
  • Review All Key Topics
4

Security Architecture and Engineering

  • Engineering Processes Using Secure Design Principles
  • Security Model Concepts
  • System Security Evaluation Models
  • Certification and Accreditation
  • Control Selection Based upon Systems Security Requirements
  • Security Capabilities of Information Systems
  • Security Architecture Maintenance
  • Vulnerabilities of Security Architectures, Designs, and Solution Elements
  • Vulnerabilities in Web-Based Systems
  • Vulnerabilities in Mobile Systems
  • Vulnerabilities in Embedded Devices
  • Cryptography
  • Cryptographic Types
  • Symmetric Algorithms
  • Asymmetric Algorithms
  • Public Key Infrastructure
  • Key Management Practices
  • Message Integrity
  • Digital Signatures
  • Applied Cryptography
  • Cryptanalytic Attacks
  • Digital Rights Management
  • Site and Facility Design
  • Site and Facility Security Controls
  • Review All Key Topics
5

Communication and Network Security

  • Secure Network Design Principles
  • IP Networking
  • Protocols and Services
  • Converged Protocols
  • Wireless Networks
  • Communications Cryptography
  • Secure Network Components
  • Secure Communication Channels
  • Network Attacks
  • Review All Key Topics
6

Identity and Access Management (IAM)

  • Access Control Process
  • Physical and Logical Access to Assets
  • Identification and Authentication Concepts
  • Identification and Authentication Implementation
  • Identity as a Service (IDaaS) Implementation
  • Third-Party Identity Services Integration
  • Authorization Mechanisms
  • Provisioning Life Cycle
  • Access Control Threats
  • Prevent or Mitigate Access Control Threats
  • Review All Key Topics
7

Security Assessment and Testing

  • Design and Validate Assessment and Testing Strategies
  • Conduct Security Control Testing
  • Collect Security Process Data
  • Analyze and Report Test Outputs
  • Conduct or Facilitate Security Audits
  • Review All Key Topics
8

Security Operations

  • Investigations
  • Investigation Types
  • Logging and Monitoring Activities
  • Resource Provisioning
  • Security Operations Concepts
  • Resource Protection
  • Incident Management
  • Detective and Preventive Measures
  • Patch and Vulnerability Management
  • Change Management Processes
  • Recovery Strategies
  • Disaster Recovery
  • Testing Disaster Recovery Plans
  • Business Continuity Planning and Exercises
  • Physical Security
  • Personnel Safety and Security
  • Review All Key Topics
9

Software Development Security

  • Software Development Concepts
  • Security in the System and Software Development Life Cycles
  • Security Controls in Development
  • Assess Software Security Effectiveness
  • Security Impact of Acquired Software
  • Secure Coding Guidelines and Standards
  • Review All Key Topics

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

ISC2 has the following pre-requisites:

  • At least five years of cumulative, paid, full-time work experience.
  • In two or more of the eight domains of the (ISC)2 CISSP Common Body of Knowledge (CBK).

USD 699

Pearson VUE

Multiple choice questions and advanced innovative questions

The exam contains 100-150 questions.

180 minutes

700

  • A candidate may sit for CISSP exam up to three times within a 12-month period.
  • If a candidate does not pass the exam the first time, he/she may retest after 30 test-free days.
  • If a candidate does not pass the exam the second time, he/she may retest after an additional 90 test-free days.
  • If a candidate does not pass the exam the third time, he/she may retest after 180 test-free days from their most recent exam attempt.

Three years

Know more about the CISSP

CISSP Third Edition Pearson uCertify

$159.99

Buy Now