Security Concepts and Planning with CISSP Fundamentals

Introduction to Information Security
Overview of the CISSP® exam

Security Management Practices

• Concepts and Principals
• Data classification
• Change control
• Employment policies and practices
• Policies, standards, guidelines and procedure
• Roles and responsibilities

Access Control Systems & Methodology

• Techniques, administration and methodology
• Access control panels
• Methods of attack
• Monitoring for intrusion
• Penetration Testing

Telecommunications & Network Security

• Standards
• Architecture and design
• Network attacks and countermeasures

Applications & Systems Development Security

• Application issues
• Databases and data warehousing
• Information storage
• System development controls
• Malicious code
• Methods of attack

Cryptography

• Concepts, methodologies and practices
• Public and private key algorithms
• PKI
• Methods of attack

Law, Investigation and Ethics Laws

• Investigative processes and techniques
• Categories of computer crime
• Incident handling
• Ethics

Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)

• Key differences between BCP and DRP
• Project scope and planning
• Recovery strategy and plan development • Recovery techniques
• Events

Security Architecture & Models

• Principals of architecture and design
• Principals of security models
• Common flaws with system design and architecture

Operations Security

• Concepts
• Administrative management
• Controls
• Auditing
• Monitoring
• Intrusion detection, prevention and response

Physical Security

• Facility requirements
• Technical controls
• Environmental safeties
• Threats
• *Certified Information Systems Security Professional