Certified Information System Security Professional (CISSP) CBK Review培训

Last updated

课程编码

cissprev

课程时长

35 小时 通常来说是5天,包括中间休息。

要求

To attend the CISSP CBK Review you do not need to have the prerequisite experience for the examination. It is available to anyone working in the field of IT and Information Security and aims to give you a thorough understanding of Information Security even if you do not intend to sit the examination.

If you intend to go on to the examination:

CISSP candidates:

Must have a minimum of five years of direct full-time security professional work experience in two or more of the ten domains of the (ISC)2® CISSP CBK®, or four years of direct full-time security professional work experience in two or more of the ten domains of the CISSP CBK with a college degree.

Associate of (ISC)2 for CISSP:

Associate of (ISC)2 status is available to those knowledgeable in key areas of industry concepts but lacking the work experience. As a candidate, you may take the CISSP examination and subscribe to the (ISC)2 Code of Ethics, however to earn the CISSP credential you will have to acquire the necessary years of professional experience required, provide proof and be endorsed by a member of (ISC)2 in good standing. If you are working towards this credential, you will have a maximum of six years from your exam pass date to acquire the necessary five years of professional experience. For more information please refer to: www.isc2.org

课程概览

CISSP是一家信息保障专业人员,负责定义确保业务环境安全的架构,设计,管理和/或控制。广泛的知识和通过考试所需的经验是CISSP与众不同的原因。该证书展示了(ISC)2®CBK®提供的全球公认能力水平,涵盖了当今安全领域的关键主题,包括云计算,移动安全,应用程序开发安全,风险管理等。

本课程可帮助您查看信息安全实践的10个领域。它还是一个强大的学习工具,用于掌握与信息系统安全的各个方面相关的概念和主题。

目标:

  • 回顾CISSP CBK(共同知识体系)的主要议题。
  • 准备CISSP考试

Machine Translated

课程大纲

Access Control

Security architecture that protects the assets of your systems:

  • Concepts, methodologies and techniques
  • Effectiveness
  • Attacks

Telecommunications & Network Security

Network structures, transmission methods, transport formats and security measures that provide availability, integrity and confidentiality:

  • Network architecture and design
  • Communication channels
  • Network components
  • Network attacks

Information Security Governance & Risk Management

Identifying an organisation’s information assets, and the development, documentation and implementation of policies, standards, procedures and guidelines:

  • Security governance and policy
  • Information classification and ownership
  • Contractual agreements and procurement processes
  • Risk management concepts
  • Personnel security
  • Security education, training and awareness
  • Certification and accreditation

Software Development Security

The controls found in systems and applications software, and their development:

  • Systems Development Life Cycle (SDLC)
  • Application environment and security controls
  • Effectiveness of application security

Cryptography

The principles, means and methods of disguising information; to ensure its integrity, confidentiality and authenticity:

  • Encryption concepts
  • Digital signatures
  • Cryptanalytic attacks
  • Public Key Infrastructure (PKI)
  • Information hiding alternatives

Security Architecture & Design

The concepts, principles, structures and standards used to design, implement, monitor, and secure, operating systems, equipment, networks and applications:

  • Fundamental concepts of security models
  • Capabilities of information systems (e.g. memory protection, virtualization)
  • Countermeasure principles
  • Vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)

Security Operations (formerly 'Operations Security')

Controls over hardware, media and operators with access privileges:

  • Resource protection
  • Incident response
  • Attack prevention and response
  • Patch and vulnerability management

Business Continuity & Disaster Recovery Planning

How to maintain business in the face of major disruptions:

  • Business impact analysis
  • Recovery strategy
  • Disaster recovery process
  • Provide training

Legal, Regulations, Investigations and Compliance

Computer crime laws, investigation and how to gather evidence:

  • Legal issues
  • Investigations
  • Forensic procedures
  • Compliance requirements/procedures

Physical (Environmental) Security

How to protect your business's resources and sensitive information:

  • Site / facility design considerations
  • Perimeter security
  • Internal security
  • Facilities security

客户评论

★★★★★
★★★★★

课程分类

相关课程

促销课程

订阅促销课程

为尊重您的隐私,我公司不会把您的邮箱地址提供给任何人。您可以享有优先权和随时取消订阅的权利。

我们的客户

is growing fast!

We are looking to expand our presence in China!

As a Business Development Manager you will:

  • expand business in China
  • recruit local talent (sales, agents, trainers, consultants)
  • recruit local trainers and consultants

We offer:

  • Artificial Intelligence and Big Data systems to support your local operation
  • high-tech automation
  • continuously upgraded course catalogue and content
  • good fun in international team

If you are interested in running a high-tech, high-quality training and consulting business.

Apply now!

该网站在其他国家/地区