What you’ll learn
The Certified Information Systems Security Professional (CISSP) is the most globally recognised certification in the information security market. This CISSP course will help you prepare for the certified information systems security (CISSP) certification. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organisation. Delve into the essential aspects of security and risk management, and elevate your skills in security assessment and security architecture.
The broad spectrum of topics included in the CISSP body of knowledge ensures its relevancy across all disciplines in the field of information security.
Successful candidates are competent in the following eight domains:
Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management (IAM)
Security Assessment and Testing
Security Operations
Software Development Security
ISC2 at Lumify Work
ISC2: The world’s leading cyber security and IT security professional organisation. Lumify Work is one of only a few select training providers in Australia with campuses in New Zealand and the Philippines. We offer official ISC2 courses and training materials.
Who is the course for?
This CISSP training course in NZ is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:
Chief Information Security Officer
Chief Information Officer
Director of Security
IT Director/Manager
Security Systems Engineer
Security Analyst
Security Manager
Security Auditor
Security Architect
Security Consultant
Network Architect
Course subjects
This ISC2 CISSP certification training course provides in-depth coverage of the eight domains required to prepare for the CISSP exam. Refer to the CISSP Exam Outline for a deeper dive into the CISSP domains.
1. Security and Risk Management
Understand, adhere to, and promote professional ethics
Understand and apply security concepts
Evaluate and apply security governance principles
Understand legal and regulatory issues that pertain to information security in a holistic context
Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
Develop, document, and implement security policy, standards, procedures, and guidelines
Identify, analyse, and prioritise Business Continuity (BC) requirements
Contribute to and enforce personnel security policies and procedures
Understand and apply risk management concepts
Understand and apply threat modeling concepts and methodologies
Apply Supply Chain Risk Management (SCRM) concepts
Establish and maintain a security awareness, education, and training program
2. Asset Security
Identify and classify information and assets
Establish information and asset handling requirements
Provision resources securely
Manage data lifecycle
Ensure appropriate asset retention (e.g., Eng-of-Life (EOL), End-of-Support (EOS))
Determine data security controls and compliance requirements
3. Security Architecture and Engineering
Research, implement and manage engineering processes using secure design principles
Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)
Select controls based upon systems security requirements
Understand security capabilities of Information Systems (IS) (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
Select and determine cryptographic solutions
Understand methods of cryptanalytic attacks
Apply security principles to site and facility design
Design site and facility security controls
Manage the information system lifecycle
4. Communication and Network Security
Apply secure design principles in network architectures
Secure network components
Implement secure communication channels according to design
5. Identity and Access Management (IAM)
Control physical and logical access to assets
Manage identification and authentication of people, devices, and services
Federated identity with a third-party service
Implement and manage authorisation mechanisms
Manage the identity and access provisioning lifecycle
Implement authentication systems
6. Security Assessment and Testing
Design and validate assessment, test, and audit strategies
Conduct security control testing
Collect security process data (e.g., technical and administrative)
Analyse test output and generate report
Conduct or facilitate security audits
7. Security Operations
Understand and comply with investigations
Conduct logging and monitoring activities
Perform Configuration Management (CM) (e.g., provisioning, baselining, automation)
Apply foundational security operations concepts
Apply resource protection
Conduct incident management
Operate and maintain detective and preventative measures
Implement and support patch and vulnerability management
Understand and participate in change management processes
Implement recovery strategies
Implement Disaster Recovery (DR) processes
Test Disaster Recovery Plans (DRP)
Participate in Business Continuity (BC) planning and exercises
Implement and manage physical security
Address personnel safety and security concerns
8. Software Development Security
Understand and integrate security in the Software Development Life Cycle (SDLC)
Identify and apply security controls in development environments
Assess the effectiveness of software security
Assess security impact of acquired software
Define and apply secure coding guidelines and standards
Prerequisites
For CISSP training, you should have a minimum of five years of experience working in IT Infrastructure, Cybersecurity and the security audits domain.
CISSP certification requirements: Candidates for the CISSP certification exam must have a minimum of five years cumulative, paid work experience in two or more of the eight domains of the CISSP CBK network security identity and testing security operations.
A candidate who doesn’t have the required experience to become a CISSP may become an Associate of ISC2 by successfully passing the CISSP exam and showcasing their understanding of asset security and security models, among other topics. An Associate of ISC2 can then accumulate the necessary work experience to achieve full certification.
FREE E-BOOK: Meeting the Cyber Security Challenge
What are the top challenges in cyber security? Gain insight into how organisations can address challenges through cyber security training programs that build a skilled and diverse cyber workforce.
Terms & Conditions
The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.