CISSP- C3 Course Outline
Course Length: Ten Weeks, Meeting Once Per week
Description
This course introduces students to the ten domains of
knowledge that will be necessary to study for the CISSP exam. To
successfully sit for the exam , you must meet the experience
requirements, and also study for exam. Our course will be a
giant step forward in your exam preparation process.
Audience
Successful candidates must meet ISC2 prerequisite
experiential requirements before sitting for the exam. PKS is
not responsible for reviewing the student’s background.
Candidates must have a total of 5 years of experience in at
least two of the domains.
Requirements/Prerequisites
Skills in computer typing/keyboarding, command of the
English language and reading should be at a high-school school
graduate level for entry level skills.
To successfully navigate this course you must be competent in
the following:
o Microsoft Word
o E-mail, including sending and receiving attachments
o Internet Navigation using a web browser
Access to a computer and high-speed internet access.
o Students in the St. Louis area may reserve time in our
computer lab if need be. 48 hour notice required for
reservations and subject to availability.
.
Course Outline
WEEK 1
Access Control – a collection of mechanisms that work together
to create security architecture to protect the assets of the
information system.
Concepts/methodologies/techniques
Effectiveness
Attacks
WEEK 2
Telecommunications and Network Security – discusses network
structures, transmission methods, transport formats and security
measures used to provide availability, integrity and
confidentiality.
Network architecture and design
Communication channels
Network components
Network attacks
WEEK 3
Information Security Governance and Risk Management – the
identification of an organization’s information assets and the
development, documentation and implementation of policies,
standards, procedures and guidelines.
Security governance and policy
Information classification/ownership
Contractual agreements and procurement processes
Risk management concepts
Personnel security
Security education, training and awareness
Certification and accreditation
Week 4
Software Development Security – refers to the controls that
are included within systems and applications software and the
steps used in their development.
Systems development life cycle (SDLC)
Application environment and security controls
Effectiveness of application security
Week 5
Cryptography – the principles, means and methods of disguising
information to ensure its integrity, confidentiality and
authenticity.
Encryption concepts
Digital signatures
Cryptanalytic attacks
Public Key Infrastructure (PKI)
Information hiding alternatives
Week 6
Security Architecture and Design – contains the concepts,
principles, structures and standards used to design, implement,
monitor, and secure, operating systems, equipment, networks,
applications, and those controls used to enforce various levels
of confidentiality, integrity and availability.
Fundamental concepts of security models
Capabilities of information systems (e.g. memory protection,
virtualization)
Countermeasure principles
Vulnerabilities and threats (e.g. cloud computing,
aggregation, data flow control)
Week 7
Security Operations – used to identify the controls over
hardware, media and the operators with access privileges to any
of these resources.
Resource protection
Incident response
Attack prevention and response
Patch and vulnerability management
Week 8
Business Continuity and Disaster Recovery Planning – addresses
the preservation of the business in the face of major
disruptions to normal business operations.
Business impact analysis
Recovery strategy
Disaster recovery process
Provide training
Week 9
Legal, Regulations, Investigations and Compliance – addresses
computer crime laws and regulations; the investigative measures
and techniques which can be used to determine if a crime has
been committed and methods to gather evidence.
Legal issues
Investigations
Forensic procedures
Compliance requirements/procedures
Week 10
Physical (Environmental) Security – addresses the threats,
vulnerabilities and countermeasures that can be utilized to
physically protect an enterprise’s resources and sensitive
information.
Site/facility design considerations
Perimeter security
Internal security
Facilities security
|
