Certified Information Systems Security Professional (CISSP)
(CISSP-2018)
/ ISBN: 9781616910808
This course includes
Lessons
TestPrep
LiveLab
Certified Information Systems Security Professional (CISSP)
Kick start your prep for the (ISC)² CISSP certification exam with the Certified Information Systems Security Professional (CISSP) study guide. The CISSP training course has labs that are versatile and deliver a hands-on experience, replacing expensive physical labs. The CISSP course and labs offer coverage of the CISSP exam objectives and provide an understanding in areas such as security and risk management, asset security, security architecture, and engineering, identity and access management (IAM), and software development security.
The vendor-neutral (ISC)² CISSP certification is ideal for those with the technical and managerial competence to design, engineer, implement, and manage overall information security programs to protect organizations. This CISSP exam validates a candidate's working knowledge of information technology security. The exam covers ten domains of knowledge, including access control, business continuity, and security architecture.
Lessons
-
22+ Lessons
-
420+ Quizzes
-
743+ Flashcards
-
1222+ Glossary of terms
TestPrep
-
116+ Pre Assessment Questions
-
3+ Full Length Tests
-
115+ Post Assessment Questions
-
345+ Practice Test Questions
Lab
-
109+ Performance lab
- Overview of the CISSP Exam
- Notes on This Course's Organization
- Understand and Apply Concepts of Confidentiality, Integrity, and Availability
- Evaluate and Apply Security Governance Principles
- Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
- Understand and Apply Threat Modeling Concepts and Methodologies
- Apply Risk-Based Management Concepts to the Supply Chain
- Summary
- Exam Essentials
- Written Lab
- Personnel Security Policies and Procedures
- Security Governance
- Understand and Apply Risk Management Concepts
- Establish and Maintain a Security Awareness, Education, and Training Program
- Manage the Security Function
- Summary
- Exam Essentials
- Written Lab
- Planning for Business Continuity
- Project Scope and Planning
- Business Impact Assessment
- Continuity Planning
- Plan Approval and Implementation
- Summary
- Exam Essentials
- Written Lab
- Categories of Laws
- Laws
- Compliance
- Contracting and Procurement
- Summary
- Exam Essentials
- Written Lab
- Identify and Classify Assets
- Determining Ownership
- Using Security Baselines
- Summary
- Exam Essentials
- Written Lab
- Historical Milestones in Cryptography
- Cryptographic Basics
- Modern Cryptography
- Symmetric Cryptography
- Cryptographic Lifecycle
- Summary
- Exam Essentials
- Written Lab
- Asymmetric Cryptography
- Hash Functions
- Digital Signatures
- Public Key Infrastructure
- Asymmetric Key Management
- Applied Cryptography
- Cryptographic Attacks
- Summary
- Exam Essentials
- Written Lab
- Implement and Manage Engineering Processes Using Secure Design Principles
- Understand the Fundamental Concepts of Security Models
- Select Controls Based On Systems Security Requirements
- Understand Security Capabilities of Information Systems
- Summary
- Exam Essentials
- Written Lab
- Assess and Mitigate Security Vulnerabilities
- Client-Based Systems
- Server-Based Systems
- Database Systems Security
- Distributed Systems and Endpoint Security
- Internet of Things
- Industrial Control Systems
- Assess and Mitigate Vulnerabilities in Web-Based Systems
- Assess and Mitigate Vulnerabilities in Mobile Systems
- Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
- Essential Security Protection Mechanisms
- Common Architecture Flaws and Security Issues
- Summary
- Exam Essentials
- Written Lab
- Apply Security Principles to Site and Facility Design
- Implement Site and Facility Security Controls
- Implement and Manage Physical Security
- Summary
- Exam Essentials
- Written Lab
- OSI Model
- TCP/IP Model
- Converged Protocols
- Wireless Networks
- Secure Network Components
- Cabling, Wireless, Topology, Communications, and Transmission Media Technology
- Summary
- Exam Essentials
- Written Lab
- Network and Protocol Security Mechanisms
- Secure Voice Communications
- Multimedia Collaboration
- Manage Email Security
- Remote Access Security Management
- Virtual Private Network
- Virtualization
- Network Address Translation
- Switching Technologies
- WAN Technologies
- Miscellaneous Security Control Characteristics
- Security Boundaries
- Prevent or Mitigate Network Attacks
- Summary
- Exam Essentials
- Written Lab
- Controlling Access to Assets
- Comparing Identification and Authentication
- Implementing Identity Management
- Managing the Identity and Access Provisioning Lifecycle
- Summary
- Exam Essentials
- Written Lab
- Comparing Access Control Models
- Understanding Access Control Attacks
- Summary
- Exam Essentials
- Written Lab
- Building a Security Assessment and Testing Program
- Performing Vulnerability Assessments
- Testing Your Software
- Implementing Security Management Processes
- Summary
- Exam Essentials
- Written Lab
- Applying Security Operations Concepts
- Securely Provisioning Resources
- Managing Configuration
- Managing Change
- Managing Patches and Reducing Vulnerabilities
- Summary
- Exam Essentials
- Written Lab
- Managing Incident Response
- Implementing Detective and Preventive Measures
- Logging, Monitoring, and Auditing
- Summary
- Exam Essentials
- Written Lab
- The Nature of Disaster
- Understand System Resilience and Fault Tolerance
- Recovery Strategy
- Recovery Plan Development
- Training, Awareness, and Documentation
- Testing and Maintenance
- Summary
- Exam Essentials
- Written Lab
- Investigations
- Major Categories of Computer Crime
- Ethics
- Summary
- Exam Essentials
- Written Lab
- Introducing Systems Development Controls
- Establishing Databases and Data Warehousing
- Storing Data and Information
- Understanding Knowledge-Based Systems
- Summary
- Exam Essentials
- Written Lab
- Malicious Code
- Password Attacks
- Application Attacks
- Web Application Security
- Reconnaissance Attacks
- Masquerading Attacks
- Summary
- Exam Essentials
- Written Lab
Hands on Activities (Performance Labs)
- Encrypting the Disk
- Encrypting a File or Folder
- Configuring Audit Group Policy
- Completing the Chain of Custody
- Assigning Permissions to Folders
- Identifying risk actions
- Understanding elements of risk
- Identifying steps in quantitative risk analysis
- Configuring Standard Access Control List
- Configuring Extended Access Control List
- Identifying phases in BCP process
- Identifying CFAA provisions
- Checking the integrity of messages through MAC values
- Identifying asymmetric algorithms
- Identifying cryptographic attacks
- Using OpenSSL to Create a Public/Private Key Pair
- Observe an SHA-Generated Hash Value
- Observing an MD5-Generated Hash Value
- Identifying sequence of sender's process in digital signature system
- Understanding PKCS standards
- Identifying Information models
- Identifying protection mechanisms
- Identifying OSI layer functions
- Identifying OSI layers
- Identifying steps in the encapsulation/decapsulation process
- Identifying connectionless communication
- Identifying abbreviations for various Internet layer protocols
- Identifying TCP/IP protocol layers
- Identifying TCP/IP layers
- Identifying flag bit designator
- Using Windows Firewall
- Configuring Linux Firewall Using Iptable
- Identifying gateway firewalls
- Identifying hardware devices
- Connecting systems to the Internet through a router
- Identifying firewall techniques
- Identifying types of cable
- Identifying components of a coaxial cable
- Identifying network topologies
- Identifying UTP categories
- Identifying steps in CSMA technology
- Identifying LAN sub technologies
- Configuring IPSec
- Configuring VLAN
- Identifying secure communication protocols
- Identifying authentication protocols
- Identifying phreaker tools
- Identifying security solutions
- Configuring a VPN
- Identifying VPN protocols
- Configuring Static NAT
- Configuring Dynamic NAT
- Understanding NAT
- Identifying switching technology properties
- Identifying specialized protocols
- Understanding transparency
- Understanding security boundaries
- Using Ettercap for ARP Spoofing
- Identifying types of Denial of Service attacks
- Identifying access control types
- Identifying authorization mechanisms
- Restricting Local Accounts
- Identifying drawbacks of Kerberos authentication
- Identifying components of the Kerberos authentication protocol
- Identifying authentication services
- Identifying responsibilities
- Reviewing an Authorization Letter for Penetration Testing
- Identifying attacks
- Identifying social engineering attacks
- Configuring User Access Control Setting
- Scanning Ports Using Metasploit
- Exploiting Windows 7 Using Metasploit
- Enabling a Keylogger in a Target Machine
- Conducting Vulnerability Scanning Using Nessus
- Using nmap for Scanning
- Identifying terms associated with data destruction
- Identifying steps within an effective patch management program
- Identifying steps in incident response management
- Enabling Intrusion Prevention and Detection
- Configuring Snort
- Identifying malicious attacks
- Working with a host-based IDS
- Identifying sequence in which the IDS instructs the TCP to reset connections
- Performing DoS Attack with SYN Flood
- Identifying RAID level characteristics
- Identifying processing sites in disaster recovery plan
- Identifying disaster recovery plan tests
- Taking a Full Backup
- Taking Incremental Backup
- Configuring RAID 5
- Identifying computer crime types
- Identifying stages in a waterfall lifecycle model
- Understanding object-oriented programming terms
- Identifying levels in Software Capability Maturity Model
- Identifying testing methods
- Identifying primary phases of SDLC
- Identifying keys in a database
- Identifying storage types
- Causing a DarkComet Trojan Infection
- Identifying types of viruses
- Identifying types of viruses
- Using the John the Ripper Tool
- Using Social Engineering Techniques to Plan an Attack
- Attacking a Website Using XSS Injection
- Conducting a Cross-Site Request Forgery Attack
- Exploiting a Website Using SQL Injection
- Understanding application attacks
- Defending against IP Spoofing
- Using Burp Suite
| What are the prerequisites for this exam? | To qualify for this cybersecurity certification, you must pass the exam and have at least five years of cumulative, paid work experience in two or more of the eight domains of the (ISC)² CISSP Common Body of Knowledge (CBK). |
|---|---|
| What is the exam registration fee? | USD 699 |
| Where do I take the exam? | Pearson VUE |
| What is the format of the exam? | Multiple choice questions and advanced innovative questions |
| How many questions are asked in the exam? | The exam contains 100-150 questions. |
| What is the duration of the exam? | 240 minutes |
| What is the passing score? | 700 |
| What is the exam's retake policy? |
|
| What is the validity of the certification? | Three years |
| Where can I find more information about this exam? | To know more about the CISSP, click here. |
| What are the career opportunities after passing this exam? |
|
Hasanuzzaman Kazi
Zaid Rehman
David W. Blake
Show more
×
