More Related Content More from International Institute for Learning (20) Too Many Security Incidents. Too Few Security Professionals. - Benefits of CISSP Certification1. ©2015 International Institute for Learning, Inc., All rights reserved. 1
Too Many Security Incidents. Too Few
Security Professionals.
Benefits of CISSP® Certification
2. ©2015 International Institute for Learning, Inc., All rights reserved. 2
Global IIL Companies
IIL US
IIL Asia (Singapore)
IIL Australia
IIL Brasil
IIL Canada
IIL China
IIL Europe (United Kingdom)
IIL Finland
IIL France
IIL Germany
IIL Hong Kong
IIL Hungary
IIL India
IIL Japan
IIL Korea (Seoul)
IIL México
IIL Middle East (Dubai)
IIL Spain
3. ©2015 International Institute for Learning, Inc., All rights reserved. 3
Sneak Preview
Radical, futuristic
presentation –
No death by PPT!
Snazzy high-
resolution graphics
Fully immersive
experience
Conceptually laid
out to suit the
nature of the CISSP
coursework
Module-wise
assessments
2 - Full-length
sample exams
11. ©2015 International Institute for Learning, Inc., All rights reserved. 11
• The “Gold” standard in Information security certification
• Complies with DoD 8750 mandate
• Administered by ISC2 (International Information Systems Security
Certification Consortium)
• 250 Questions – Multiple Choice
• 6-hour exam !!
About the CISSP®
12. ©2015 International Institute for Learning, Inc., All rights reserved. 12
Commit to Code of Ethics
Have required work experience (as of 1 Oct)
• Five years of relevant security work -- OR --
• Four years of work + college degree
Pass the Examination & Endorsement from a CISSP®
• 250 multiple-choice questions; six hours
Continuing Professional Education
• 120 credits per three year certification period
Pay yearly maintenance fee
How to Become a CISSP®
13. ©2015 International Institute for Learning, Inc., All rights reserved. 13
• (ISC)²® is the global, not-for-profit leader in educating and certifying
cyber, information, software, and infrastructure security
professionals.
• Provides vendor-neutral education products.
• Headquartered in the United States and with offices in London, Hong
Kong, Tokyo, Mumbai, and an authorized China agency in Beijing
About the ISC2
14. ©2015 International Institute for Learning, Inc., All rights reserved. 14
Security, Risk, Compliance, Law,
Regulations, and Business Continuity
• Confidentiality, integrity, and
availability concepts
• Security governance principles
• Compliance
• Legal and regulatory issues
• Professional ethic
• Security policies, standards,
procedures, and guidelines
Domain 1 – Security and Risk
Management
15. ©2015 International Institute for Learning, Inc., All rights reserved. 15
Protecting Security of Assets
• Information and asset classification
• Ownership (e.g., data owners, system
owners)
• Protect privacy
• Appropriate retention
• Data security controls
• Handling requirements (e.g.,
markings, labels, storage)
Domain 2 – Asset Security
16. ©2015 International Institute for Learning, Inc., All rights reserved. 16
Engineering and Management of Security
• Engineering processes using secure
design principles
• Security models fundamental
concepts
• Security evaluation models
• Security capabilities of information
systems
• Security architectures, designs, and
solution elements vulnerabilities
• Web-based systems vulnerabilities
• Mobile systems vulnerabilities
Domain 3 – Security Engineering
17. ©2015 International Institute for Learning, Inc., All rights reserved. 17
Security Engineering – Part 2
• Embedded devices and cyber-
physical systems vulnerabilities
• Cryptography
• Site and facility design secure
principles
• Physical security
Domain 3
18. ©2015 International Institute for Learning, Inc., All rights reserved. 18
Designing and Protecting Network Security
• Secure network architecture design (e.g., IP & non-IP
protocols, segmentation)
• Secure network components
• Secure communication channels
• Network attacks
Domain 4 – Communication and
Network Security
19. ©2015 International Institute for Learning, Inc., All rights reserved. 19
Controlling Access and Managing Identity
• Physical and logical assets control
• Identification and authentication of people and devices
• Identity as a service (e.g., cloud identity)
• Third-party identity services (e.g., on-premise)
• Access control attacks
• Identity and access provisioning lifecycle (e.g., provisioning
review)
Domain 5 – Identity and Access
Management
20. ©2015 International Institute for Learning, Inc., All rights reserved. 20
Designing, Performing, and Analysing
Security Testing
• Assessment and test strategies
• Security process data (e.g.,
management and operational
controls)
• Security control testing
• Test outputs (e.g., automated,
manual)
• Security architectures
vulnerabilities
Domain 6 – Security Assessment and
Testing
21. ©2015 International Institute for Learning, Inc., All rights reserved. 21
Foundational Concepts, Investigations, Incident
• Management and Disaster Recovery
• Investigations support and requirements
• Logging and monitoring activities
• Provisioning of resources
• Foundational security operations
concepts
• Resource protection techniques
• Incident management
• Preventative measures
Domain 7 – Security Operations
22. ©2015 International Institute for Learning, Inc., All rights reserved. 22
Security Operations – Part 2
• Business continuity planning
and exercises
• Physical security
• Personnel safety concerns
Domain 7 – Security Operations
23. ©2015 International Institute for Learning, Inc., All rights reserved. 23
Understanding, Applying, and
Enforcing Software Security
• Security in the software
development lifecycle
• Development of environment
security controls
• Software security effectiveness
• Acquired software security
impact
Domain 8 – Software Development
Security
26. ©2015 International Institute for Learning, Inc., All rights reserved. 26
• CISSP® CBK – 4th Edition
• https://www.cccure.org/
• Exam application assistance
• Endorsement assistance
• Laptops in class (Exam Registration & Site
Registration)
Pre-reading and Other Things…
27. ©2015 International Institute for Learning, Inc., All rights reserved. 27
After a failed attempt at conquering Mt. Everest,
Sir Edmund Hilary said,
"I will come again and conquer you. Because as a
mountain, you cannot grow. But as a human, I
can!!"
Thank you
28. ©2015 International Institute for Learning, Inc., All rights reserved. 28
We invite you to get a closer look at what IIL can do for you and your
organization, by visiting www.iil.com or email learning@iil.com and let us
know how we can meet your learning needs.
Please connect with IIL Socially:
Like us on: facebook.com/IIL.inc
Follow us: twitter.com/IILGLOBAL
Join our Discussions on LinkedIn
At IIL, Our Greatest Accomplishments are
Yours