CISSP Training Course (5 days) 

Why Learn CISSP?

Certified Information Systems Security Professional certification is recognised as a key qualification for developing a senior career in information security, audit and IT governance management. Held by over 30,000 qualified professionals worldwide, the Certified Information Systems Security Professional qualification shows proven knowledge and is the key to a higher earning potential in roles that include CISO, CSO and senior security manager.


Course details

You will learn to:

  • Use the knowledge gained in a practical manner beneficial to your organisation

  • Protect your organisational assets using access control techniques and strengthen confidentiality and integrity controls from the world of cryptography

  • Secure your network architecture and design (implement Cyber security)

  • Achieve your organisational objectives such as legal & compliance, Information assurance, security and data governance

  • Enhance IT services secure delivery via Security operations, architecture and design principles

  • Implement business resiliency via Business Continuity Plan

  • You will gain a thorough understanding of the 8 domains as prescribed by (ISC)2®.



This training is intended for individuals preparing for the CISSP certification exam.


Course Outline


Module 1: Principles and Policies


Security Governance Through Principles and Policies


  • Understand and Apply Concepts of Confidentiality, Integrity, and Availability

  • Apply Security Governance Principles

  • Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines

  • Understand and Apply Threat Modeling

  • Integrate Security Risk Considerations into Acquisition


Module 2: Security and Risk Management


Personnel Security and Risk Management Concepts


  • Contribute to Personnel Security Policies 

  • Security Governance 

  • Understand and Apply Risk Management Concepts 

  • Establish and Manage Information Security Education, Training, and Awareness 

  • Manage the Security Functions


Module 3: Business Continuity Planning


Business Continuity Planning


  • Planning for Business Continuity

  • Project Scope and Planning

  • Business Impact Assessment

  • Continuity Planning

  • BCP Documentation


Module 4: Laws and Regulation


Laws, Regulations, and Compliance


  • Categories of Laws

  • Laws

  • Compliance

  • Contracting and Procurement


Module 5: Security and Assets


Protecting Security of Assets


  • Classifying and Labeling Assets

  • ID Data Roles

  • Protecting Privacy


Module 6: Cryptography


Cryptography and Symmetric Key Algorithms


  • Historical Milestones in Cryptography

  • Cryptographic Basics

  • Modern Cryptography

  • Symmetric Cryptography

  • Cryptographic Life Cycle


PKI and Cryptographic Application


  • Asymmetric Cryptography

  • Hash Functions

  • Digital Signatures

  • Public Key Infrastructure

  • Asymmetric Key Management

  • Applied Cryptography

  • Cryptography Attacks


Module 7: Principles of Security Models


Principles of Security Models, Design, and Capabilities 


  • Implement and Manage Engineering Processes Using Secure Design Principles 

  • Understand the Fundamental Concepts of Security Models  

  • Select Controls and Countermeasures Based on Systems Security Evaluation Models 

  • Understand Security Capabilities of Information Systems


Module 8: Security Vulnerabilities


Security Vulnerabilities, Threats, and Countermeasures


  • Assess and Mitigate Security Vulnerabilities

  • Client Based

  • Server Based

  • Database Security

  • Distributed Systems

  • Industrial Control Systems

  • Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems

  • Essential Security Protection Mechanisms

  • Common Architecture Flaws and Security Issues


Module 9: Physical Security


Physical Security Requirements


  • Apply Secure Principles to Site and Facility Design

  • Design and Implement Physical Security

  • Implement and Manage Physical Security


Module 10: Network Architecture and Components


Secure Network Architecture and Securing Network Components


  • OSI Model

  • TCP/IP Model

  • Converged Protocols

  • Wireless Networks

  • General Wi-Fi Security Procedure

  • Cabling, Wireless, Topology, and Communications Technology


Module 11: Communications and Attacks


Secure Communications and Network Attacks


  • Network and Protocol Security Mechanisms

  • Secure Voice Communications

  • Multimedia Collaboration

  • Manage Email Security Remote Access Security Management

  • Virtual Private Network

  • Virtualization

  • Network Address Translation

  • Switching Technologies

  • WAN Technologies

  • Miscellaneous Security Control Characteristics

  • Security Boundaries

  • Prevent or Mitigate Network Attacks


Module 12: Identity and Authentication


Managing Identity and Authentication


  • Controlling Access to Assets 

  • Comparing Identification and Authentication 

  • Implementing Identity Management 

  • Managing the Identity and Access Provisioning Life Cycle

Module 13: Access


Controlling and Monitoring Access


  • Comparing Access Control Models 

  • Understanding Access Control Attacks


Module 14: Security Assessment


Security Assessment and Testing


  • Building a Security Assessment and Testing Program  

  • Performing Vulnerability Assessments 

  • Testing Your Software 

  • Implementing Security Management Processes


Module 15: Security Operations


Managing Security Operations


  • Applying Security Operations Concepts

  • Provisioning and Managing Resources

  • Managing Configuration

  • Managing Change

  • Managing Patches and reducing Vulnerabilities


Module 16: Incidents


Preventing and Responding to Incidents


  • Managing Incident Response

  • Implementing Preventative Measures

  • Logging, Monitoring, and Auditing


Module 17: Disaster Recovery Planning


Disaster Recovery Planning


  • The Nature of Disaster

  • Understand System Resiliencies and Fault tolerance

  • Recovery Strategy

  • Recovery Plan Development

  • Training, Awareness, and Documentation

  • Testing and Maintenance


Module 18: Incidents and Ethics


Incidents and Ethics


  • Investigations

  • Major Categories of Computer Crime

  • Incident Handling

  • Ethics


Module 19: Software Development Security


Software Development Security


  • Introducing Systems Development Controls

  • Establishing Databases and Data Warehouses

  • Storing Data and Information

  • Understanding Knowledge Based Systems


Module 20: Security and Attacks


Malicious Code and Application Attacks


  • Malicious Code Password Attacks

  • Application Attacks

  • Web Application Security

  • Reconnaissance Attacks

  • Masquerade Attacks