I'm a Copywriter in a Digital Agency, I was searching for courses that'll help me broaden my skill set. Before signing up for Rob's.
CISSP
Free
14
Jan
The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security market. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization. The broad spectrum of topics included in the CISSP Common
Body of Knowledge (CBK®) ensures its relevance across all disciplines in the field of information security.
Course Outline:
Domain 1: Security and Risk Management
- Understand, adhere to, and promote professional ethics
- (ISC)2 Code of Professional Ethics
- Organizational code of ethics
- Understand and apply security concepts
- Confidentiality, integrity, and availability, authenticity and nonrepudiation
- Evaluate and apply security governance principles
- Determine compliance and other requirements
- Contractual, legal, industry standards, and regulatory requirements
- Privacy requirements
- Understand legal and regulatory issues that pertain to information security in a holistic context
- Cybercrimes and data breaches
- Licensing and Intellectual Property (IP) requirements
- Import/export controls
- Transborder data flow
- Privacy
- Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
- Develop, document, and implement security policy, standards, procedures, and guidelines
- Alignment of the security function to business strategy, goals, mission, and objectives
- Organizational processes (e.g., acquisitions, divestitures, governance committees)
- Organizational roles and responsibilities
- Security control frameworks
- Due care/due diligence
- Identify, analyze, and prioritize Business Continuity (BC) requirements
- Business Impact Analysis (BIA)
- Develop and document the scope and the plan
- Contribute to and enforce personnel security policies and procedures
- Understand and apply risk management concepts
- Understand and apply threat modeling concepts and methodologies
- Apply Supply Chain Risk Management (SCRM) concepts
- Risks associated with hardware, software, and services
- Third-party assessment and monitoring
- Minimum security requirements
- Service level requirements
- Establish and maintain a security awareness, education, and training program
- Candidate screening and hiring
- Employment agreements and policies
- Onboarding, transfers, and termination processes
- Vendor, consultant, and contractor agreements and controls
- Compliance policy requirements
- Privacy policy requirements
- Identify threats and vulnerabilities
- Risk assessment/analysis
- Risk response
- Countermeasure selection and implementation
- Applicable types of controls (e.g., preventive, detective, corrective)
- Control assessments (security and privacy)
- Monitoring and measurement
- Reporting
- Continuous improvement (e.g., Risk maturity modeling)
- Risk frameworks
Domain 2: Asset Security
- Identify and classify information and assets
- Establish information and asset handling requirements
- Provision resources securely
- Manage data lifecycle
- Ensure appropriate asset retention (e.g., End-of-Life (EOL), End-of-Support (EOS))
- Determine data security controls and compliance requirements
Domain 3: Security Architecture and Engineering
- Research, implement and manage engineering processes using secure design principles
- Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)
- Select controls based upon systems security requirements
- Understand security capabilities of Information Systems (IS) (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
- Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
- Select and determine cryptographic solutions
- Understand methods of cryptanalytic attacks
- Apply security principles to site and facility design
- Design site and facility security controls
Domain 4: Communication and Network Security
Domain 5: Identity and Access Management (IAM)
Domain 6: Security Assessment and Testing
Domain 7: Security Operations
Domain 8: Software Development Security
Instructor
0.0
0 rating
5 stars
0%
4 stars
0%
3 stars
0%
2 stars
0%
1 star
0%
Related Courses
Free
“My first thought was, who am I to teach?”
– Mary Kate McDevitt, Skillshare teacher with 50,000 students
TRUSTED BY OVER 6000+ STUDENTS
Join our community of students around,the world helping you succeed.