Course Outline

Access Control

Security architecture that protects the assets of your systems:

  • Concepts, methodologies and techniques
  • Effectiveness
  • Attacks

Telecommunications & Network Security

Network structures, transmission methods, transport formats and security measures that provide availability, integrity and confidentiality:

  • Network architecture and design
  • Communication channels
  • Network components
  • Network attacks

Information Security Governance & Risk Management

Identifying an organisation’s information assets, and the development, documentation and implementation of policies, standards, procedures and guidelines:

  • Security governance and policy
  • Information classification and ownership
  • Contractual agreements and procurement processes
  • Risk management concepts
  • Personnel security
  • Security education, training and awareness
  • Certification and accreditation

Software Development Security

The controls found in systems and applications software, and their development:

  • Systems Development Life Cycle (SDLC)
  • Application environment and security controls
  • Effectiveness of application security

Cryptography

The principles, means and methods of disguising information; to ensure its integrity, confidentiality and authenticity:

  • Encryption concepts
  • Digital signatures
  • Cryptanalytic attacks
  • Public Key Infrastructure (PKI)
  • Information hiding alternatives

Security Architecture & Design

The concepts, principles, structures and standards used to design, implement, monitor, and secure, operating systems, equipment, networks and applications:

  • Fundamental concepts of security models
  • Capabilities of information systems (e.g. memory protection, virtualization)
  • Countermeasure principles
  • Vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)

Security Operations (formerly 'Operations Security')

Controls over hardware, media and operators with access privileges:

  • Resource protection
  • Incident response
  • Attack prevention and response
  • Patch and vulnerability management

Business Continuity & Disaster Recovery Planning

How to maintain business in the face of major disruptions:

  • Business impact analysis
  • Recovery strategy
  • Disaster recovery process
  • Provide training

Legal, Regulations, Investigations and Compliance

Computer crime laws, investigation and how to gather evidence:

  • Legal issues
  • Investigations
  • Forensic procedures
  • Compliance requirements/procedures

Physical (Environmental) Security

How to protect your business's resources and sensitive information:

  • Site / facility design considerations
  • Perimeter security
  • Internal security
  • Facilities security

Requirements

To attend the CISSP CBK Review you do not need to have the prerequisite experience for the examination. It is available to anyone working in the field of IT and Information Security and aims to give you a thorough understanding of Information Security even if you do not intend to sit the examination.

If you intend to go on to the examination:

CISSP candidates:

Must have a minimum of five years of direct full-time security professional work experience in two or more of the ten domains of the (ISC)2® CISSP CBK®, or four years of direct full-time security professional work experience in two or more of the ten domains of the CISSP CBK with a college degree.

Associate of (ISC)2 for CISSP:

Associate of (ISC)2 status is available to those knowledgeable in key areas of industry concepts but lacking the work experience. As a candidate, you may take the CISSP examination and subscribe to the (ISC)2 Code of Ethics, however to earn the CISSP credential you will have to acquire the necessary years of professional experience required, provide proof and be endorsed by a member of (ISC)2 in good standing. If you are working towards this credential, you will have a maximum of six years from your exam pass date to acquire the necessary five years of professional experience. For more information please refer to: www.isc2.org
  35 Hours
 

Need help picking the right course?
Call us +971 4369 2815

Testimonials

I liked the in-depth knowledge about the subject of the trainer, good explanation, highlighting important things!.

Andreas Rhein

Related Courses

Introduction to ISO27001

 7 hours

This is a one day Introduction to ISO27001

ISO/IEC 27005 Foundation

 14 hours

ISO/IEC 27005 Foundation training enables you to learn the basic elements to manage Information Security Risks as specified in ISO/IEC 27005. During this training course, you will be able to understand the concepts and models of Information

ISO/IEC 27005 Introduction

 7 hours

Why should you attend? ISO/IEC 27005 training course enables you to comprehend the basic concepts of Information Security Risk Management by using the standard ISO/IEC 27005 as a reference framework. By attending the ISO/IEC 27005

ISO/IEC 27005 Lead Risk Manager

 35 hours

ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard

ISO/IEC 27005 Risk Manager

 21 hours

ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference

ISO27001: 2013 Lead Auditor (certification course)

 35 hours

CISA - Certified Information Systems Auditor

 28 hours

Description: CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Our CISA course is an intense, very competitive and exam focused training course. With

Building up information security according to ISO 27005

 21 hours

This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.

CISMP - Certificate in Information Security Management Principles

 21 hours

A thorough, practical, 3 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. The CISMP course is aligned with the latest national

Network Penetration Testing

 35 hours

This class will help the attendees to scan, test, hack and secure their own systems. To gain an in-depth knowledge and practical experience with the current essential security systems. The attendees will get to know how perimeter defences

Public Key Infrastructure

 21 hours

The training is directed to all operating systems administrators, who plan to implement a public key infrastructure based on MS Windows Server 2012 R2 and plan to use qualified electronic signature certificates.  The participants will learn

CISSP - Certified Information Systems Security Professional

 35 hours

Overview: Certified Information Systems Security Professional certification is recognised as a key qualification for developing a senior career in information security, audit and IT governance management. Held by over 30,000 qualified

Information Systems Auditor

 35 hours

Description: This course is the non-certifcation version of the "CISA - Certified Information Systems Auditor" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and

Digital Identity for Telecom

 21 hours

Digital identity refers to the information used by computer systems to verify user identity. Some issues related to digital identity include e-signatures, access control and fraud detection. This instructor-led, live training (online or onsite)

IBM Qradar SIEM: Beginner to Advanced

 14 hours

IBM Qradar SIEM is a security analytic suite for gaining insight into critical threats. Using IBM Qradar SIEM, users can gain insights, identify threats, and automate security intelligence. This instructor-led, live training (online or onsite) is