Certified Information Systems Security Professional

Course Description

The Certified Information Systems Security Professional (CISSP) CertPrep Course is designed to prepare professionals for one of the most sought-after security certifications in the IT industry. This comprehensive course covers essential domains such as asset security, risk management, communications, and network security, ensuring that you gain the knowledge needed to safeguard complex information systems. Through detailed lessons, practice questions, and updated content for the 2024 exam, you’ll learn key concepts like data governance, security architecture, cryptography, and identity management. Whether you’re new to cybersecurity or an experienced professional, this course helps you build a strong foundation in security principles while preparing you for the CISSP certification exam. With a balanced mix of theory and hands-on labs, you’ll be equipped to manage security risks and apply critical security strategies.

Start your journey toward becoming a CISSP-certified professional today! Enroll now and master the skills to secure critical information systems.

N300,000

Course Fee

Course Outline

  • The CISSP Certification Exam (3 Questions)
  • Lesson 1 Introduction
  • Assessing Exam Readiness
  • Lesson 2 Introduction
  • Basic Security Principles
  • Data Management: Determining and Maintaining Ownership
  • Data Governance Policies
  • Roles and Responsibilities
  • Data Ownership
  • Data Custodians
  • Data Documentation and Organization
  • Data Warehousing
  • Data Mining
  • Knowledge Management
  • Data Standards
  • Data Lifecycle Control
  • Data Audits
  • Data Storage and Archiving
  • Data Security, Protection, Sharing, and Dissemination
  • Privacy Impact Assessment
  • Information Handling Requirements
  • Record Retention and Destruction
  • Data Remanence and Decommissioning
  • Classifying Information and Supporting Asset Classification
  • Data Classification
  • Asset Management and Governance
  • Software Licensing
  • The Equipment Lifecycle
  • Determining Data Security Controls
  • Data at Rest
  • Data in Transit
  • Endpoint Security
  • Baselines
  • Lesson 2 Exam Prep Questions (15 Questions)
  • Lesson 2 Need to Know More?
  • Lesson 2 2024 Exam Refresh Updates
  • Lesson 3 Introduction
  • Security Governance
  • U.S. Legal System and Laws
  • Relevant U.S. Laws and Regulations
  • International Legal Systems and Laws
  • International Laws to Protect Intellectual Property
  • Global Legal and Regulatory Issues
  • Computer Crime and Hackers
  • Sexual Harassment
  • U.S. Governance
  • International Governance
  • Risk Management Concepts
  • Risk Management Frameworks
  • Risk Assessment
  • Risk Management Team
  • Selecting Countermeasures
  • Threat Modeling Concepts and Methodologies
  • Threat Modeling Steps
  • Threat Modeling Tools and Methodologies
  • Managing Risk with the Supply Chain and Third Parties
  • Reducing Risk in Organization Processes
  • Identifying and Prioritizing Business Continuity Requirements Based on Risk
  • Project Management and Initiation
  • Business Impact Analysis
  • Developing and Implementing Security Policy
  • Security Policy
  • Standards
  • Baselines
  • Guidelines
  • Procedures
  • Types of Controls
  • Administrative Controls
  • Technical Controls
  • Physical Controls
  • Access Control Categories
  • Implementing Personnel Security
  • New-Hire Agreements and Policies
  • Separation of Duties
  • Job Rotation
  • Least Privilege
  • Mandatory Vacations
  • Termination
  • Security Education, Training, and Awareness
  • Security Awareness
  • Social Engineering
  • Professional Ethics Training and Awareness
  • (ISC)² Code of Ethics
  • Computer Ethics Institute
  • Internet Architecture Board
  • NIST SP 800-14
  • Common Computer Ethics Fallacies
  • Regulatory Requirements for Ethics Programs
  • Lesson 3 Exam Prep Questions (20 Questions)
  • Lesson 3 Need to Know More?
  • Lesson 3 2024 Exam Refresh Updates
  • Lesson 4 Introduction
  • Secure Design Guidelines and Governance Principles
  • Enterprise Architecture
  • Regulatory Compliance and Process Control
  • Fundamental Concepts of Security Models
  • Central Processing Unit
  • Storage Media
  • I/O Bus Standards
  • Virtual Memory and Virtual Machines
  • Computer Configurations
  • Security Architecture
  • Protection Rings
  • Trusted Computing Base
  • Open and Closed Systems
  • Security Modes of Operation
  • Operating States
  • Recovery Procedures
  • Process Isolation
  • Common Formal Security Models
  • State Machine Model
  • Information Flow Model
  • Noninterference Model
  • Confidentiality
  • Integrity
  • Other Models
  • Product Security Evaluation Models
  • The Rainbow Series
  • Information Technology Security Evaluation Criteria (ITSEC)
  • Common Criteria
  • System Validation
  • Certification and Accreditation
  • Vulnerabilities of Security Architectures
  • Buffer Overflows
  • Backdoors
  • State Attacks
  • Covert Channels
  • Incremental Attacks
  • Emanations
  • Web-Based Vulnerabilities
  • Mobile System Vulnerabilities
  • Cryptography
  • Algorithms
  • Cipher Types and Methods
  • Symmetric Encryption
  • Data Encryption Standard (DES)
  • Triple DES (3DES)
  • Advanced Encryption Standard (AES)
  • International Data Encryption Algorithm (IDEA)
  • Rivest Cipher Algorithms
  • Asymmetric Encryption
  • Diffie-Hellman
  • RSA
  • El Gamal
  • Elliptical Curve Cryptosystem (ECC)
  • Merkle-Hellman Knapsack
  • Review of Symmetric and Asymmetric Cryptographic Systems
  • Hybrid Encryption
  • Public Key Infrastructure and Key Management
  • Certificate Authorities
  • Registration Authorities
  • Certificate Revocation Lists
  • Digital Certificates
  • The Client’s Role in PKI
  • Integrity and Authentication
  • Hashing and Message Digests
  • Digital Signatures
  • Cryptographic System Review
  • Cryptographic Attacks
  • Site and Facility Security Controls
  • Lesson 4 Exam Prep Questions (20 Questions)
  • Lesson 4 Need to Know More?
  • Lesson 4 2024 Exam Refresh Updates
  • Lesson 5 Introduction
  • Secure Network Design
  • Network Models and Standards
  • OSI Model
  • Encapsulation/De-encapsulation
  • TCP/IP
  • Network Access Layer
  • Internet Layer
  • Host-to-Host (Transport) Layer
  • Application Layer
  • LANs and Their Components
  • LAN Communication Protocols
  • Network Topologies
  • LAN Cabling
  • Network Types
  • Network Storage
  • Communication Standards
  • Network Equipment
  • Repeaters
  • Hubs
  • Bridges
  • Switches
  • Mirrored Ports and Network Taps
  • VLANs
  • Routers
  • Gateways
  • Routing
  • WANs and Their Components
  • Packet Switching
  • Circuit Switching
  • Cloud Computing
  • Software-Defined WAN (SD-WAN)
  • Securing Email Communications
  • Pretty Good Privacy (PGP)
  • Other Email Security Applications
  • Securing Voice and Wireless Communications
  • Secure Communications History
  • Voice over IP (VoIP)
  • Cell Phones
  • 802.11 Wireless Networks and Standards
  • Securing TCP/IP with Cryptographic Solutions
  • Application/Process Layer Controls
  • Host-to-Host Layer Controls
  • Internet Layer Controls
  • Network Access Layer Controls
  • Link and End-to-End Encryption
  • Network Access Control Devices
  • Firewalls
  • Demilitarized Zone (DMZ)
  • Remote Access
  • Point-to-Point Protocol (PPP)
  • Remote Authentication Dial-in User Service (RADIUS)
  • Terminal Access Controller Access Control System (TACACS)
  • Internet Protocol Security (IPsec)
  • Message Privacy and Multimedia Collaboration
  • Lesson 5 Exam Prep Questions (15 Questions)
  • Lesson 5 Need to Know More?
  •  
  • Lesson 6 Introduction
  • Perimeter Physical Control Systems
    • Fences
    • Gates
    • Bollards
  • Additional Physical Security Controls
    • CCTV Cameras
    • Lighting
    • Guards and Dogs
    • Locks
  • Employee Access Control
    • Badges, Tokens, and Cards
    • Biometric Access Controls
  • Identification, Authentication, and Authorization
  • Authentication Techniques
  • Identity Management Implementation
  • Single Sign-On (SSO)
    • Kerberos
    • SESAME
  • Authorization and Access Control Techniques
    • Discretionary Access Control (DAC)
    • Mandatory Access Control (MAC)
    • Role-Based Access Control (RBAC)
    • Attribute-Based Access Control
    • Rule-Based Access Control
  • Other Types of Access Control
  • Centralized and Decentralized Access Control Models
  • Centralized Access Control
  • Decentralized Access Control
  • Audits and Monitoring
  • Monitoring Access and Usage
  • Intrusion Detection Systems (IDSs)
  • Intrusion Prevention Systems (IPSs)
  • Network Access Control (NAC)
  • Keystroke Monitoring
  • Lesson 6 Exam Prep Questions (20 Questions)
  • Suggested Reading and Resources
  • Lesson 6 2024 Exam Refresh Updates

  • Lesson 7 Introduction
  • Security Assessments and Penetration Test Strategies
  • Audits
  • Root Cause Analyses
  • Log Reviews
  • Network Scanning
  • Vulnerability Scans and Assessments
  • Penetration Testing
  • Test Techniques and Methods
  • Security Threats and Vulnerabilities
  • Threat Actors
  • Attack Methodologies
  • Network Security Threats and Attack Techniques
    • Session Hijacking
    • Sniffing
    • Wiretapping
    • DoS and DDoS Attacks
    • Botnets
    • Other Network Attack Techniques
  • Access Control Threats and Attack Techniques
    • Unauthorized Access
    • Access Aggregation
    • Password Attacks
    • Spoofing
    • Eavesdropping and Shoulder Surfing
    • Identity Theft
  • Social-Based Threats and Attack Techniques
  • Malicious Software Threats and Attack Techniques
    • Viruses
    • Worms
    • Logic Bombs
    • Backdoors and Trojans
    • Rootkits
    • Exploit Kits
    • Advanced Persistent Threats (APTs)
    • Ransomware
  • Investigating Computer Crime
  • Computer Crime Jurisdiction
  • Incident Response
  • Disaster Recovery and Business Continuity
  • Investigations
  • Search, Seizure, and Surveillance
  • Interviews and Interrogations
  • Lesson 7 Exam Prep Questions (15 Questions)
  • Lesson 7 Need to Know More?
  • Lesson 7 2024 Exam Refresh Updates

  • Lesson 8 Introduction
  • Foundational Security Operations Concepts
  • Managing Users and Accounts
  • Privileged Entities
  • Controlling Access
  • Clipping Levels
  • Resource Protection
  • Due Care and Due Diligence
  • Asset Management
  • System Hardening
  • Change and Configuration Management
  • Trusted Recovery
  • Remote Access
  • Media Management, Retention, and Destruction
  • Telecommunication Controls
  • Cloud Computing
  • Email
  • Whitelisting, Blacklisting, and Graylisting
  • Firewalls
  • Phone, Fax, and PBX
  • Anti-malware
  • Honeypots and Honeynets
  • Patch Management
  • System Resilience, Fault Tolerance, and Recovery Controls
  • Recovery Controls
  • Monitoring and Auditing Controls
  • Auditing User Activity
  • Monitoring Application Transactions
  • Security Information and Event Management (SIEM)
  • Network Access Control
  • Keystroke Monitoring
  • Emanation Security
  • Perimeter Security Controls and Risks
  • Natural Disasters
  • Human-Caused Threats
  • Technical Problems
  • Facility Concerns and Requirements
  • CPTED (Crime Prevention Through Environmental Design)
  • Area Concerns (Location, Construction, Doors, Walls, Windows, and Ceilings)
  • Environmental Controls
  • Heating, Ventilating, and Air Conditioning (HVAC)
  • Electrical Power
  • Uninterruptible Power Supplies (UPSs)
  • Fire Prevention, Detection, and Suppression
  • Fire-Detection Equipment
  • Fire Suppression
  • Alarm Systems
  • Intrusion Detection Systems (IDSs)
  • Monitoring and Detection
  • Intrusion Detection and Prevention Systems
  • Investigations and Incidents
  • Incident Response
  • Digital Forensics, Tools, Tactics, and Procedures
  • Standardization of Forensic Procedures
  • Digital Forensics
  • The Disaster Recovery Lifecycle
  • Teams and Responsibilities
  • Recovery Strategy
  • Fault Tolerance
  • Backups
  • Plan Design and Development
  • Implementation
  • Testing
  • Monitoring and Maintenance
  • Lesson 8 Exam Prep Questions (26 Questions)
  • Lesson 8 Need to Know More?
  • Lesson 8 2024 Exam Refresh Updates

  • Lesson 9 Introduction
  • Integrating Security into the Development Lifecycle
  • Avoiding System Failure
  • The Software Development Lifecycle
  • Development Methodologies
  • The Waterfall Model
  • The Spiral Model
  • Joint Application Development (JAD)
  • Rapid Application Development (RAD)
  • Incremental Development
  •  Prototyping
  • Modified Prototype Model (MPM)
  • Computer-Aided Software Engineering (CASE)
  • Agile Development Methods
  • Maturity Models
  • Scheduling
  • Change Management
  • Database Management
  • Database Terms
  •  Integrity
  • Transaction Processing
  • Database Vulnerabilities and Threats
  • Artificial Intelligence and Expert Systems
  • Programming Languages, Secure Coding Guidelines, and Standards
  • Object-Oriented Programming (OOP)
  • CORBA
  • Security of the Software Environment
  • Mobile Code
  • Buffer Overflow
  • Financial Attacks
  • Change Detection
  • Viruses and Worms
  • Lesson 9 Exam Prep Questions (15 Questions)
  • Lesson 9 Need to Know More?
  • Lesson 9 2024 Exam Refresh Updates

  • CISSP MeasureUP Practice Exam
  • Get Certified!
  • Lesson 1 Videos
  • Lesson 2 Videos
  • Lesson 3 Videos
  • Lesson 4 Videos
  • Lesson 5 Videos
  • Lesson 6 Videos
  • Lesson 7 Videos
  • Lesson 8 Videos
  • Lesson 9 Videos
  • Bonus Videos

Course Delivery

Choose your path to success:
  • Self-Paced Virtual Study: Learn at your own pace with 24/7 access to course materials, videos, and labs, giving you complete control over your learning schedule.

  • Tutor-Led Physical/Hybrid Classes: Combine in-person and online learning with expert-led sessions, offering real-time guidance and hands-on labs in a flexible, hybrid format.

  • Tutor-Led Virtual Sessions: Participate in fully virtual, interactive classes led by certified instructors, designed to provide live feedback, support, and collaboration.

Explore other Training Courses