The goal of this five-day accelerated course is to provide information security professionals a fully-immersed all-inclusive CISSP training and certification experience. Our CISSP Boot Camp encompasses the CISSP Seminar, value-added instruction, on-site examination delivery, unlimited practice exams and scenarios, and meals.
The CISSP certification is governed by the International Information Systems Security Certifications Consortium (ISC²) and has gained importance as a key component in the selection process for management-level information security positions.
The Certification examination consists of 250 multiple-choice questions. Candidates have up to 6 hours to complete the examination. Ten CISSP information systems security test domains are covered in the examination pertaining to the Common Body of Knowledge:
Access Control Systems & Methodology
Applications & Systems Development
Business Continuity Planning
Law, Investigation & Ethics
Security Architecture & Models
Security Management Practices
Telecommunications, Network & Internet Security
The CISSP program is targeted at professionals with at least 5 years of experience in the information security field or 4 years of experience and a college degree (or equivalent experience).
Security Management Practices
Security management entails the identification of an organization’s information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines.
Management tools such as data classification and risk assessment/analysis are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented.
Security Architecture and Models
The Security Architecture and Models domain contains the concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of availability, integrity, and confidentiality.
Access Control Systems and Methodology
Access controls are a collection of mechanisms that work together to create a security architecture to protect the assets of the information system.
Application Development Security
This domain addresses the important security concepts that apply to application software development. It outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security.
Operations Security is used to identify the controls over hardware, media, and the operators and administrators with access privileges to any of these resources. Audit and monitoring are the mechanisms, tools, and facilities that permit the identification of security events and subsequent actions to identify the key elements and report the pertinent information to the appropriate individual, group, or process.
The physical security domain provides protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources.
The cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity.
Telecommunications, Network, and Internet Security
The telecommunications, network, and Internet security domain discusses the:
-Security measures used to provide availability, integrity, and confidentiality
-Authentication for transmissions over private and public communications networks and media.
-Business Continuity Planning
The Business Continuity Plan (BCP) domain addresses the preservation and recovery of business operations in the event of outages.
Law, Investigations, and Ethics
The Law, Investigations, and Ethics domain addresses:
-Computer crime laws and regulations
-The measures and technologies used to investigate computer crime incidents