• Home
uCertify Logo
  • 0
    • Your cart is empty
    • Continue Shopping
    • View Cart
  • Login or Signup
    • Help & Support
    • Accessibility
    • Testimonials
  • Powered by uCertify
  • Request Demo
  • Cart 0
    • Your cart is empty
    • Continue Shopping
    • View Cart
  • Hello GuestLogin or Signup
  • Feedback & Support
    • Support
    • Keyboard Shortcuts
    • Send Feedback
Scroll to top button

Certified Information Systems Security Professional (CISSP)

(CISSP-2018) / ISBN: 9781616910808
This course includes
Lessons
TestPrep
LiveLab
CISSP-2018 : Certified Information Systems Security Professional (CISSP)
Share
$279.99
Try This Course
4.2 Rating 19 Reviews
Are you an instructor?
Request a free evaluation copy

Certified Information Systems Security Professional (CISSP)

Kick start your prep for the (ISC)² CISSP certification exam with the Certified Information Systems Security Professional (CISSP) study guide. The CISSP training course has labs that are versatile and deliver a hands-on experience, replacing expensive physical labs. The CISSP course and labs offer coverage of the CISSP exam objectives and provide an understanding in areas such as security and risk management, asset security, security architecture, and engineering, identity and access management (IAM), and software development security.
Here's what you will get

The vendor-neutral (ISC)² CISSP certification is ideal for those with the technical and managerial competence to design, engineer, implement, and manage overall information security programs to protect organizations. This CISSP exam validates a candidate's working knowledge of information technology security. The exam covers ten domains of knowledge, including access control, business continuity, and security architecture.

Lessons
  • 22+ Lessons
  • 420+ Quizzes
  • 743+ Flashcards
  • 1222+ Glossary of terms
TestPrep
  • 116+ Pre Assessment Questions
  • 3+ Full Length Tests
  • 115+ Post Assessment Questions
  • 345+ Practice Test Questions
Lab
  • 109+ Performance lab
Here's what you will learn
Download Course Outline
Lesson 1: Introduction
  • Overview of the CISSP Exam
  • Notes on This Course's Organization
Lesson 2: Security Governance Through Principles and Policies
  • Understand and Apply Concepts of Confidentiality, Integrity, and Availability
  • Evaluate and Apply Security Governance Principles
  • Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
  • Understand and Apply Threat Modeling Concepts and Methodologies
  • Apply Risk-Based Management Concepts to the Supply Chain
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 3: Personnel Security and Risk Management Concepts
  • Personnel Security Policies and Procedures
  • Security Governance
  • Understand and Apply Risk Management Concepts
  • Establish and Maintain a Security Awareness, Education, and Training Program
  • Manage the Security Function
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 4: Business Continuity Planning
  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Assessment
  • Continuity Planning
  • Plan Approval and Implementation
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 5: Laws, Regulations, and Compliance
  • Categories of Laws
  • Laws
  • Compliance
  • Contracting and Procurement
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 6: Protecting Security of Assets
  • Identify and Classify Assets
  • Determining Ownership
  • Using Security Baselines
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 7: Cryptography and Symmetric Key Algorithms
  • Historical Milestones in Cryptography
  • Cryptographic Basics
  • Modern Cryptography
  • Symmetric Cryptography
  • Cryptographic Lifecycle
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 8: PKI and Cryptographic Applications
  • Asymmetric Cryptography
  • Hash Functions
  • Digital Signatures
  • Public Key Infrastructure
  • Asymmetric Key Management
  • Applied Cryptography
  • Cryptographic Attacks
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 9: Principles of Security Models, Design, and Capabilities
  • Implement and Manage Engineering Processes Using Secure Design Principles
  • Understand the Fundamental Concepts of Security Models
  • Select Controls Based On Systems Security Requirements
  • Understand Security Capabilities of Information Systems
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 10: Security Vulnerabilities, Threats, and Countermeasures
  • Assess and Mitigate Security Vulnerabilities
  • Client-Based Systems
  • Server-Based Systems
  • Database Systems Security
  • Distributed Systems and Endpoint Security
  • Internet of Things
  • Industrial Control Systems
  • Assess and Mitigate Vulnerabilities in Web-Based Systems
  • Assess and Mitigate Vulnerabilities in Mobile Systems
  • Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
  • Essential Security Protection Mechanisms
  • Common Architecture Flaws and Security Issues
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 11: Physical Security Requirements
  • Apply Security Principles to Site and Facility Design
  • Implement Site and Facility Security Controls
  • Implement and Manage Physical Security
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 12: Secure Network Architecture and Securing Network Components
  • OSI Model
  • TCP/IP Model
  • Converged Protocols
  • Wireless Networks
  • Secure Network Components
  • Cabling, Wireless, Topology, Communications, and Transmission Media Technology
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 13: Secure Communications and Network Attacks
  • Network and Protocol Security Mechanisms
  • Secure Voice Communications
  • Multimedia Collaboration
  • Manage Email Security
  • Remote Access Security Management
  • Virtual Private Network
  • Virtualization
  • Network Address Translation
  • Switching Technologies
  • WAN Technologies
  • Miscellaneous Security Control Characteristics
  • Security Boundaries
  • Prevent or Mitigate Network Attacks
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 14: Managing Identity and Authentication
  • Controlling Access to Assets
  • Comparing Identification and Authentication
  • Implementing Identity Management
  • Managing the Identity and Access Provisioning Lifecycle
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 15: Controlling and Monitoring Access
  • Comparing Access Control Models
  • Understanding Access Control Attacks
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 16: Security Assessment and Testing
  • Building a Security Assessment and Testing Program
  • Performing Vulnerability Assessments
  • Testing Your Software
  • Implementing Security Management Processes
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 17: Managing Security Operations
  • Applying Security Operations Concepts
  • Securely Provisioning Resources
  • Managing Configuration
  • Managing Change
  • Managing Patches and Reducing Vulnerabilities
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 18: Preventing and Responding to Incidents
  • Managing Incident Response
  • Implementing Detective and Preventive Measures
  • Logging, Monitoring, and Auditing
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 19: Disaster Recovery Planning
  • The Nature of Disaster
  • Understand System Resilience and Fault Tolerance
  • Recovery Strategy
  • Recovery Plan Development
  • Training, Awareness, and Documentation
  • Testing and Maintenance
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 20: Investigations and Ethics
  • Investigations
  • Major Categories of Computer Crime
  • Ethics
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 21: Software Development Security
  • Introducing Systems Development Controls
  • Establishing Databases and Data Warehousing
  • Storing Data and Information
  • Understanding Knowledge-Based Systems
  • Summary
  • Exam Essentials
  • Written Lab
Lesson 22: Malicious Code and Application Attacks
  • Malicious Code
  • Password Attacks
  • Application Attacks
  • Web Application Security
  • Reconnaissance Attacks
  • Masquerading Attacks
  • Summary
  • Exam Essentials
  • Written Lab

Hands on Activities (Performance Labs)

Security Governance Through Principles and Policies

  • Encrypting the Disk
  • Encrypting a File or Folder
  • Configuring Audit Group Policy 
  • Completing the Chain of Custody
  • Assigning Permissions to Folders

Personnel Security and Risk Management Concepts

  • Identifying risk actions
  • Understanding elements of risk
  • Identifying steps in quantitative risk analysis
  • Configuring Standard Access Control List
  • Configuring Extended Access Control List

Business Continuity Planning

  • Identifying phases in BCP process

Laws, Regulations, and Compliance

  • Identifying CFAA provisions

Cryptography and Symmetric Key Algorithms

  • Checking the integrity of messages through MAC values
  • Identifying asymmetric algorithms
  • Identifying cryptographic attacks

PKI and Cryptographic Applications

  • Using OpenSSL to Create a Public/Private Key Pair
  • Observe an SHA-Generated Hash Value
  • Observing an MD5-Generated Hash Value
  • Identifying sequence of sender's process in digital signature system
  • Understanding PKCS standards

Principles of Security Models, Design, and Capabilities

  • Identifying Information models

Security Vulnerabilities, Threats, and Countermeasures

  • Identifying protection mechanisms

Secure Network Architecture and Securing Network Components

  • Identifying OSI layer functions
  • Identifying OSI layers
  • Identifying steps in the encapsulation/decapsulation process
  • Identifying connectionless communication
  • Identifying abbreviations for various Internet layer protocols
  • Identifying TCP/IP protocol layers
  • Identifying TCP/IP layers
  • Identifying flag bit designator
  • Using Windows Firewall
  • Configuring Linux Firewall Using Iptable 
  • Identifying gateway firewalls
  • Identifying hardware devices
  • Connecting systems to the Internet through a router
  • Identifying firewall techniques
  • Identifying types of cable
  • Identifying components of a coaxial cable
  • Identifying network topologies
  • Identifying UTP categories
  • Identifying steps in CSMA technology
  • Identifying LAN sub technologies
  • Configuring IPSec
  • Configuring VLAN

Secure Communications and Network Attacks

  • Identifying secure communication protocols
  • Identifying authentication protocols
  • Identifying phreaker tools
  • Identifying security solutions
  • Configuring a VPN
  • Identifying VPN protocols
  • Configuring Static NAT
  • Configuring Dynamic NAT
  • Understanding NAT
  • Identifying switching technology properties
  • Identifying specialized protocols
  • Understanding transparency
  • Understanding security boundaries
  • Using Ettercap for ARP Spoofing
  • Identifying types of Denial of Service attacks

Managing Identity and Authentication

  • Identifying access control types
  • Identifying authorization mechanisms
  • Restricting Local Accounts
  • Identifying drawbacks of Kerberos authentication
  • Identifying components of the Kerberos authentication protocol
  • Identifying authentication services
  • Identifying responsibilities
  • Reviewing an Authorization Letter for Penetration Testing

Controlling and Monitoring Access

  • Identifying attacks
  • Identifying social engineering attacks

Security Assessment and Testing

  • Configuring User Access Control Setting
  • Scanning Ports Using Metasploit
  • Exploiting Windows 7 Using Metasploit
  • Enabling a Keylogger in a Target Machine
  • Conducting Vulnerability Scanning Using Nessus
  • Using nmap for Scanning

Managing Security Operations

  • Identifying terms associated with data destruction
  • Identifying steps within an effective patch management program

Preventing and Responding to Incidents

  • Identifying steps in incident response management
  • Enabling Intrusion Prevention and Detection
  • Configuring Snort
  • Identifying malicious attacks
  • Working with a host-based IDS
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Performing DoS Attack with SYN Flood

Disaster Recovery Planning

  • Identifying RAID level characteristics
  • Identifying processing sites in disaster recovery plan
  • Identifying disaster recovery plan tests
  • Taking a Full Backup
  • Taking Incremental Backup
  • Configuring RAID 5

Investigations and Ethics

  • Identifying computer crime types

Software Development Security

  • Identifying stages in a waterfall lifecycle model
  • Understanding object-oriented programming terms
  • Identifying levels in Software Capability Maturity Model
  • Identifying testing methods
  • Identifying primary phases of SDLC
  • Identifying keys in a database
  • Identifying storage types

Malicious Code and Application Attacks

  • Causing a DarkComet Trojan Infection
  • Identifying types of viruses
  • Identifying types of viruses
  • Using the John the Ripper Tool
  • Using Social Engineering Techniques to Plan an Attack
  • Attacking a Website Using XSS Injection
  • Conducting a Cross-Site Request Forgery Attack
  • Exploiting a Website Using SQL Injection
  • Understanding application attacks
  • Defending against IP Spoofing
  • Using Burp Suite
Exam FAQs
What are the prerequisites for this exam? To qualify for this cybersecurity certification, you must pass the exam and have at least five years of cumulative, paid work experience in two or more of the eight domains of the (ISC)² CISSP Common Body of Knowledge (CBK).
What is the exam registration fee? USD 699
Where do I take the exam? Pearson VUE
What is the format of the exam? Multiple choice questions and advanced innovative questions
How many questions are asked in the exam? The exam contains 100-150 questions.
What is the duration of the exam? 240 minutes
What is the passing score? 700
What is the exam's retake policy?
  • A candidate may sit for CISSP exam up to three times within a 12-month period.
  • If a candidate does not pass the exam the first time, he/she may retest after 30 test-free days.
  • If a candidate does not pass the exam the second time, he/she may retest after an additional 90 test-free days.
  • If a candidate does not pass the exam the third time, he/she may retest after 180 test-free days from their most recent exam attempt.
What is the validity of the certification? Three years
Where can I find more information about this exam? To know more about the CISSP, click here.
What are the career opportunities after passing this exam?
  • Security Auditor
  • Director of Security
  • Security Consultant
  • IT Director/Manager
  • Security Systems Engineer
  • Chief Information Security Officer
Customer Testimonials
Aldwin Baranda
uCertify is a one-stop destination to get all desired IT certification courses. I had a lovely experience doing their CISSP course and labs here & also completing it successfully.
Tan Lieu
The uCertify platform interface itself is clean and neat but tends to be cluttered with text on some screens. The Learn & Practice tab gives you a mostly text-based main menu with various Test options. The Study Helper had various options, mainly exam topics, that weren't selectable in the demo version. Overall I found the course to be best among all.
Hasanuzzaman Kazi
The uCertify has presented the course in such a manner that it has covered the each and every single objective of the course and the labs will really going to make your study fun learning if you go for uCertify. Apart from all above, there is the lot of best thing that I come across that is their readiness score of the course that will help you to know how well are you prepared, the percentage of completion of the course, etc. I would really suggest you all to fo for uCertify courses if you are planning to be CISSP certified in future.

Show more

×
uc logo for app downloadDownload our uCertify App [lms_setting_placeholder: This filed is used to set the LMS settings.

Share with your friends and colleagues

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. More information
Accept