(ISC)²

CISSP Third Edition Pearson uCertify

(Pearson-CISSP-2018-complete) / ISBN : 978-1-64459-010-2
Lessons
Lab
TestPrep
347 Reviews
Get A Free Trial

Skills You’ll Get

The (ISC)² CISSP certification is a vendor-neutral and highly acknowledged cybersecurity credential. This certification is for those with deep technical and managerial competence to design, engineer, implement, and manage overall information security programs to protect organizations. The CISSP certification is created and managed by one of the most prestigious security organizations in the world and has several stated goals.
Download Course Outline

1

Introduction

  • The Goals of the CISSP Certification
  • The Value of the CISSP Certification
  • The Common Body of Knowledge
  • Steps to Becoming a CISSP
  • Facts About the CISSP Exam
  • About the CISSP Cert Guide, Third Edition
2

Security and Risk Management

  • Security Terms
  • Security Governance Principles
  • Compliance
  • Legal and Regulatory Issues
  • Professional Ethics
  • Security Documentation
  • Business Continuity
  • Personnel Security Policies and Procedures
  • Risk Management Concepts
  • Geographical Threats
  • Threat Modeling
  • Security Risks in the Supply Chain
  • Security Education, Training, and Awareness
  • Review All Key Topics
3

Asset Security

  • Asset Security Concepts
  • Identify and Classify Information and Assets
  • Information and Asset Ownership
  • Protect Privacy
  • Asset Retention
  • Data Security Controls
  • Information and Asset Handling Requirements
  • Review All Key Topics
4

Security Architecture and Engineering

  • Engineering Processes Using Secure Design Principles
  • Security Model Concepts
  • System Security Evaluation Models
  • Certification and Accreditation
  • Control Selection Based upon Systems Security Requirements
  • Security Capabilities of Information Systems
  • Security Architecture Maintenance
  • Vulnerabilities of Security Architectures, Designs, and Solution Elements
  • Vulnerabilities in Web-Based Systems
  • Vulnerabilities in Mobile Systems
  • Vulnerabilities in Embedded Devices
  • Cryptography
  • Cryptographic Types
  • Symmetric Algorithms
  • Asymmetric Algorithms
  • Public Key Infrastructure
  • Key Management Practices
  • Message Integrity
  • Digital Signatures
  • Applied Cryptography
  • Cryptanalytic Attacks
  • Digital Rights Management
  • Site and Facility Design
  • Site and Facility Security Controls
  • Review All Key Topics
5

Communication and Network Security

  • Secure Network Design Principles
  • IP Networking
  • Protocols and Services
  • Converged Protocols
  • Wireless Networks
  • Communications Cryptography
  • Secure Network Components
  • Secure Communication Channels
  • Network Attacks
  • Review All Key Topics
6

Identity and Access Management (IAM)

  • Access Control Process
  • Physical and Logical Access to Assets
  • Identification and Authentication Concepts
  • Identification and Authentication Implementation
  • Identity as a Service (IDaaS) Implementation
  • Third-Party Identity Services Integration
  • Authorization Mechanisms
  • Provisioning Life Cycle
  • Access Control Threats
  • Prevent or Mitigate Access Control Threats
  • Review All Key Topics
7

Security Assessment and Testing

  • Design and Validate Assessment and Testing Strategies
  • Conduct Security Control Testing
  • Collect Security Process Data
  • Analyze and Report Test Outputs
  • Conduct or Facilitate Security Audits
  • Review All Key Topics
8

Security Operations

  • Investigations
  • Investigation Types
  • Logging and Monitoring Activities
  • Resource Provisioning
  • Security Operations Concepts
  • Resource Protection
  • Incident Management
  • Detective and Preventive Measures
  • Patch and Vulnerability Management
  • Change Management Processes
  • Recovery Strategies
  • Disaster Recovery
  • Testing Disaster Recovery Plans
  • Business Continuity Planning and Exercises
  • Physical Security
  • Personnel Safety and Security
  • Review All Key Topics
9

Software Development Security

  • Software Development Concepts
  • Security in the System and Software Development Life Cycles
  • Security Controls in Development
  • Assess Software Security Effectiveness
  • Security Impact of Acquired Software
  • Secure Coding Guidelines and Standards
  • Review All Key Topics

1

Security and Risk Management

  • Setting Up Kerberos Delegation
  • Assigning Permissions to Folders
  • Taking Incremental Backup
  • Taking a Full Backup
  • Configuring RAID 5
2

Asset Security

  • Completing the Chain of Custody
  • Restricting Local Accounts
  • Using Windows Firewall
  • Configuring Linux Firewall Using Iptable
3

Security Architecture and Engineering

  • Generating a Symmetric Key
  • Generating an Asymmetric Key
  • Encrypting the Disk
  • Encrypting a File or Folder
  • Using OpenSSL to Create a Public/Private Key Pair
  • Observing an MD5-Generated Hash Value
  • Observing an SHA-Generated Hash Value
  • Causing a DarkComet Trojan Infection
  • Using the John the Ripper Tool
  • Attacking a Website Using XSS Injection
  • Conducting a Cross-Site Request Forgery Attack
  • Using Social Engineering Techniques to Plan an Attack
  • Configuring Audit Group Policy
  • Enabling Intrusion Prevention and Detection
  • Using Burp Suite
  • Performing DoS Attack with SYN Flood
4

Communication and Network Security

  • Configuring VLAN
  • Configuring a VPN
  • Performing ARP Spoofing
  • Setting Up a Honeypot
  • Creating ACL (Access Control Lists) in router
  • Configuring IPSec
  • Configuring Static Routing
  • Configuring Dynamic Routing
  • Configuring Static NAT
  • Configuring Dynamic NAT
  • Defending against IP Spoofing
  • Performing Session Hijacking Using Burp Suite
5

Identity and Access Management (IAM)

  • Configuring Extended Access Control List
  • Configuring User Access Control Settings in Windows
  • Creating ACL with Iptables
  • Creating a Password Policy in Windows
  • Creating a Password Policy in Linux
6

Security Assessment and Testing

  • Reviewing an Authorization Letter for Penetration Testing
  • Using nmap for Scanning
  • Scanning Ports Using Metasploit
  • Exploiting Windows 7 Using Metasploit
  • Enabling a Keylogger in a Target Machine
7

Security Operations

  • Conducting Vulnerability Scanning Using Nessus
  • Configuring Snort
8

Software Development Security

  • Exploiting a Website Using SQL Injection

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

To qualify for this cybersecurity certification, you must pass the exam and have at least five years of cumulative, paid work experience in two or more of the eight domains of the (ISC) CISSP Common Body of Knowledge (CBK).

USD 699

Pearson VUE

Multiple choice and advanced innovative questions

The exam contains 100-150 questions.

240 minutes

700

  • If you don’t pass the exam the first time, you can retest after 30 days.
  • If you don’t pass a second time, you can retest after an additional 90 days.
  • If you don’t pass a third time, you can retest after 180 days from your most recent exam attempt.

Three years

Know more about the CISSP

CISSP Third Edition Pearson uCertify

$279.99

Buy Now