Meetings Stub Page [mx-stub]
Certified Information System Security Professional (CISSP)
Course Outline
1 - Security and Risk Management
- Security Governance Principles
- Compliance
- Professional Ethics
- Security Documentation
- Risk Management
- Threat Modeling
- Business Continuity Plan Fundamentals
- Acquisition Strategy and Practice
- Personnel Security Policies
- Security Awareness and Training
2 - Asset Security
- Asset Classification
- Privacy Protection
- Asset Retention
- Data Security Controls
- Secure Data Handling
3 - Security Engineering
- Security in the Engineering Lifecycle
- System Component Security
- Security Models
- Controls and Countermeasures in Enterprise Security
- Information System Security Capabilities
- Design and Architecture Vulnerability Mitigation
- Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
- Cryptography Concepts
- Cryptography Techniques
- Site and Facility Design for Physical Security
- Physical Security Implementation in Sites and Facilities
4 - Information Security Management Goals
- Organizational Security
- The Application of Security Concepts
5 - Information Security Classification and Program Development
- Information Classification
- Security Program Development
6 - Risk Management and Ethics
- Risk Management
- Ethics
7 - Software Development Security
- Software Configuration Management
- Software Controls
- Database System Security
8 - Cryptography
- Ciphers and Cryptography
- Symmetric-Key Cryptography
- Asymmetric-Key Cryptography
- Hashing and Message Digests
- Email, Internet, and Wireless Security
- Cryptographic Weaknesses
9 - Physical Security
- Physical Access Control
- Physical Access Monitoring
- Physical Security Methods
- Facilities Security