{"id":15079,"date":"2022-12-01T19:34:20","date_gmt":"2022-12-01T16:34:20","guid":{"rendered":"https:\/\/esi.edu.sa\/?post_type=courses&#038;p=15079"},"modified":"2024-03-04T16:02:45","modified_gmt":"2024-03-04T13:02:45","slug":"isc2-cissp","status":"publish","type":"courses","link":"https:\/\/esi.edu.sa\/en\/courses\/isc2-cissp\/","title":{"rendered":"ISC2 Certified Information Systems Security Professional (CISSP) Course"},"content":{"rendered":"<p><img decoding=\"async\" class=\"alignnone wp-image-20027\" src=\"https:\/\/esi.edu.sa\/wp-content\/uploads\/2024\/02\/\u062a\u0627\u0628\u064a2-300x64-copy.png\" alt=\"\" width=\"188\" height=\"40\" srcset=\"https:\/\/esi.edu.sa\/wp-content\/uploads\/2024\/02\/\u062a\u0627\u0628\u064a2-300x64-copy.png 300w, https:\/\/esi.edu.sa\/wp-content\/uploads\/2024\/02\/\u062a\u0627\u0628\u064a2-300x64-copy-50x11.png 50w\" sizes=\"(max-width: 188px) 100vw, 188px\" \/><\/p>\n<p><strong>Overview<\/strong><\/p>\n<ul>\n<li>CISSP validates an information security professional&#8217;s profound technical and managerial knowledge and experience to design, engineer, and manage the overall security posture of an organization.<\/li>\n<li>Certified Information Systems Security Professional (CISSP) is one of the world&#8217;s premier cybersecurity certifications offered for professionals worldwide. This CISSP certification course is ideal for professionals who are looking to demonstrate their knowledge across different security practices and principles. This 5-day Certified Information Systems Security Professional (CISSP) certification is governed by the not-for-profit International Information Systems Security Certification Consortium (ISC)2.<\/li>\n<\/ul>\n<p><strong>Targeted Audience<\/strong><\/p>\n<ul>\n<li>This course is suitable for<\/li>\n<li>Network Architects<\/li>\n<li>Security Consultants<\/li>\n<li>Security Architects<\/li>\n<li>Security Auditors<\/li>\n<li>Security Managers<\/li>\n<li>CIOs<\/li>\n<li>Directory of Security<\/li>\n<li>Security Analysts<\/li>\n<li>Security Systems Engineers<\/li>\n<li>Anybody who wants to gain knowledge of globally-recognized CISSP information security standards<\/li>\n<li>Anybody who is looking to clear their CISSP Certification Exam<\/li>\n<\/ul>\n<p><strong>Benefits<\/strong><\/p>\n<ul>\n<li>\u00a0A holistic understanding of information security aspects in an organization<\/li>\n<li>Defining the architecture, design, and management of IT security<\/li>\n<li>Necessary skills required to become a CISSP certified professional<\/li>\n<li>Gain a thorough understanding of all the 8 domains prescribed in the ISC2 CISSP Common Body of Knowledge (CBK)<\/li>\n<li>Optimizing security operations in an enterprise<\/li>\n<li>Access control systems and various methodologies that complement IT Security and governance for an enterprise<\/li>\n<\/ul>\n<p><strong>The Main Topic of the Course<\/strong><\/p>\n<ul>\n<li>Module 1: Security and Risk Management<\/li>\n<li>Module 2: Asset Security<\/li>\n<li>Module 3: Security Architecture and Engineering<\/li>\n<li>Module 4: Communication and Network Security<\/li>\n<li>Module 5: Identity and Access Management (IAM)<\/li>\n<li>Module 6: Security Assessment and Testing<\/li>\n<li>Module 7: Security Operations<\/li>\n<li>Module 8: Software Development Security<\/li>\n<\/ul>\n<p><strong>Course Requirements <\/strong><\/p>\n<ul>\n<li>Candidates who wish to take up the Certified Information Systems Security Professional (CISSP) training have a minimum 5 years of work experience in two or more of the 8 domains prescribed by ISC2 in their CISSP Common Body of Knowledge (CBK)<\/li>\n<li>There can be a waiver of 1 year from the required 5-year experience if the candidate has a 4-year college degree or any additional certification credential from ISC2 approved course list.<\/li>\n<\/ul>\n<p><strong>Course Outlines and Training Plan<\/strong><\/p>\n<p>Module 1 :<\/p>\n<ul>\n<li>Understand, adhere to, and promote professional ethics<\/li>\n<li>Understand and apply security concepts<\/li>\n<li>Evaluate and apply security governance principles<\/li>\n<li>Determine compliance and other requirements<\/li>\n<li>Understand legal and regulatory issues that pertain to information security in a holistic context<\/li>\n<li>Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)<\/li>\n<li>Develop, document, and implement security policy, standards, procedures, and guidelines<\/li>\n<li>Identify, analyze, and prioritize Business Continuity (BC) requirements<\/li>\n<li>Contribute to and enforce personnel security policies and procedures<\/li>\n<li>Understand and apply risk management concepts<\/li>\n<li>Understand and apply threat modelling concepts and methodologies<\/li>\n<li>Apply Supply Chain Risk Management (SCRM) concepts<\/li>\n<li>Establish and maintain a security awareness, education, and training program<\/li>\n<\/ul>\n<p>Module 2 :<\/p>\n<ul>\n<li>Identify and classify information and assets<\/li>\n<li>Establish information and asset handling requirements<\/li>\n<li>Provision resources securely<\/li>\n<li>Manage data lifecycle<\/li>\n<li>Ensure appropriate asset retention (e.g., End-of-Life (EOL), End-of-Support (EOS))<\/li>\n<li>Determine data security controls and compliance requirements<\/li>\n<\/ul>\n<p>Module 3 :<\/p>\n<ul>\n<li>Research, implement and manage engineering processes using secure design principles<\/li>\n<li>Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)<\/li>\n<li>Select controls based upon systems security requirements<\/li>\n<li>Understand security capabilities of Information Systems (IS) (e.g., memory protection, Trusted Platform Module (TPM), encryption\/decryption)<\/li>\n<li>Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements<\/li>\n<li>Select and determine cryptographic solutions<\/li>\n<li>Understand methods of cryptanalytic attacks<\/li>\n<li>Apply security principles to site and facility design<\/li>\n<li>Design site and facility security controls<\/li>\n<\/ul>\n<p>Module 4 :<\/p>\n<ul>\n<li>Assess and implement secure design principles in network architectures<\/li>\n<li>Secure network components<\/li>\n<li>Implement secure communication channels according to design<\/li>\n<\/ul>\n<p>Module 5 :<\/p>\n<ul>\n<li>Control physical and logical access to assets<\/li>\n<li>Manage identification and authentication of people, devices, and services<\/li>\n<li>Federated identity with a third-party service<\/li>\n<li>Implement and manage authorization mechanisms<\/li>\n<li>Manage the identity and access provisioning lifecycle<\/li>\n<\/ul>\n<p>Module6 :<\/p>\n<ul>\n<li>Design and validate assessment, test, and audit strategies<\/li>\n<li>Conduct security control testing<\/li>\n<li>Collect security process data (e.g., technical and administrative)<\/li>\n<li>Analyze test output and generate report<\/li>\n<li>Conduct or facilitate security audits<\/li>\n<\/ul>\n<p>Module 7 :<\/p>\n<ul>\n<li>Understand and comply with investigations<\/li>\n<li>Conduct logging and monitoring activities<\/li>\n<li>Perform Configuration Management (CM) (e.g., provisioning, baselining, automation)<\/li>\n<li>Apply foundational security operations concepts<\/li>\n<li>Apply resource protection<\/li>\n<li>Conduct incident management<\/li>\n<li>Operate and maintain detective and preventative measures<\/li>\n<li>Implement and support patch and vulnerability management<\/li>\n<li>Understand and participate in change management processes<\/li>\n<li>Implement recovery strategies<\/li>\n<li>Implement Disaster Recovery (DR) processes<\/li>\n<li>Test Disaster Recovery Plans (DRP)<\/li>\n<li>Participate in Business Continuity (BC) planning and exercises<\/li>\n<li>Implement and manage physical security<\/li>\n<li>Address personnel safety and security concerns<\/li>\n<\/ul>\n<p>Module 8 :<\/p>\n<ul>\n<li>\u00a0\u00a0Understand and integrate security in the Software Development Life Cycle (SDLC)<\/li>\n<li>Identify and apply security controls in software development ecosystems<\/li>\n<li>Assess the effectiveness of software security<\/li>\n<li>Assess security impact of acquired software<\/li>\n<li>Define and apply secure coding guidelines and standards<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n","protected":false},"author":6,"featured_media":15083,"template":"","course_category":[38],"class_list":["post-15079","courses","type-courses","status-publish","has-post-thumbnail","hentry","course_category-it-en","infinite-scroll-item","no-featured-image-padding"],"acf":[],"_links":{"self":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses\/15079","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses"}],"about":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/types\/courses"}],"author":[{"embeddable":true,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/users\/6"}],"version-history":[{"count":3,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses\/15079\/revisions"}],"predecessor-version":[{"id":20792,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/courses\/15079\/revisions\/20792"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/media\/15083"}],"wp:attachment":[{"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/media?parent=15079"}],"wp:term":[{"taxonomy":"course_category","embeddable":true,"href":"https:\/\/esi.edu.sa\/en\/wp-json\/wp\/v2\/course_category?post=15079"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}