Certified Information Systems Security Professional (CISSP ®) CBK Review Seminar

The CISSP Review Seminar is the most comprehensive Seminar covering the entire information system security CBK. It serves as a learning tool for concepts and topics, related to all aspects of information systems security

This is THE ONLY PROGRAM endorsed by the (ISC)² (the non-profit organization that developed and manages the CISSP Certification Program) to familiarize you with the CISSP CBK. InovaTech delivers this course either at our academic facilities or on-site at various locations, in partnership with (ISC)²

The (ISC)² CISSP 5-Day Review includes:

  Five-day, classroom-based course, with the Official Exam on Day Six, (The 5-day schedule is most often Monday to Friday)
 The official (ISC)² Practice CISSP Exam
  All updated reference materials
 Extensive interaction with (ISC)² Authorized Instructors and Information Systems Security subject matter experts
  Identification of topic areas students should focus their studies during exam preparation
 

CISSP CBK Review Seminars cover the following ten domains:

(1)   Information Security and Risk Management
(2)   Security Architecture and Design
(3)   Access Control
(4)   Application Security
(5)   Operations Security
(6)   Physical (Environmental) Security
(7)   Cryptography
(8)   Telecommunications and Network Security
(9)   Business Continuity and Disaster Recovery Planning
(10) Legal, Regulations, Compliance and Investigations

The CBK is the compilation and distillation of all information systems security material collected internationally of relevance to information system security professionals. The curriculum for the CISSP seminar is under continuous review, ensuring current information relevant to the ten CBK domains outlined below:

  Information Security and Risk Management - Information security and risk management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines. Management tools such as data classification and risk assessment/analysis are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented

  Security Architecture and Design - The Security Architecture and Design domain contains the concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of availability, integrity, and confidentiality
 
  Access Control - Access controls are a collection of mechanisms that work together to create a security architecture to protect the assets of the information system

  Application Security - This domain addresses the important security concepts that apply to application software development. It outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security

  Operations Security - Operations Security is used to identify the controls over hardware, media, and the operators and administrators with access privileges to any of these resources. Audit and monitoring are the mechanisms, tools, and facilities that permit the identification of security events and subsequent actions to identify the key elements and report the pertinent information to the appropriate individual, group, or process
 
  Physical (Environmental) Security - The physical (environmental) security domain provides protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources.
Cryptography - The cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity

  Telecommunications and Network Security - The telecommunications and network security domain discusses:

     - Network Structures
     - Transmission methods
     - Transport formats
     - Security measures used to provide availability, integrity, and confidentiality
     - Authentication for transmissions over private and public communications networks and media

  Business Continuity and Disaster Recovery Planning - The Business Continuity and Disaster Recovery Planning domain addresses the preservation and recovery of business operations in the event of outages
 
  Legal, Regulations, Compliance and Investigations - The Legal, Regulations, Compliance and Investigations domain addresses: Computer crime laws and regulations and the measures and technologies used to investigate computer crime incidents