Introduction to Information Security
Overview of the CISSP®
exam
Security Management Practices
Concepts and Principals
Data classification
Change
control
Employment policies and practices
Policies, standards, guidelines
and procedure
Roles and responsibilities
Access Control Systems & Methodology
Techniques, administration and methodology
Access control
panels
Methods of attack
Monitoring for intrusion
Penetration
Testing
Telecommunications & Network Security
Standards
Architecture and design
Network attacks and
countermeasures
Applications & Systems Development Security
Application issues
Databases and data warehousing
Information
storage
System development controls
Malicious code
Methods of
attack
Cryptography
Concepts, methodologies and practices
Public and private key
algorithms
PKI
Methods of attack
Law, Investigation and Ethics Laws
Investigative processes and techniques
Categories of computer
crime
Incident handling
Ethics
Business Continuity Planning (BCP) & Disaster Recovery Planning
(DRP)
Key differences between BCP and DRP
Project scope and planning
Recovery
strategy and plan development • Recovery techniques
Events
Security Architecture & Models
Principals of architecture and design
Principals of security
models
Common flaws with system design and architecture
Operations Security
Concepts
Administrative
management
Controls
Auditing
Monitoring
Intrusion detection,
prevention and response
Physical Security
Facility requirements
Technical controls
Environmental
safeties
Threats