CISSP, IS security, preparation for certification

  • Know the Common Body of Knowledge of IT security
  • Develop a global vision of IT security issues
  • Deepen knowledge of the eight CISSP domains
  • Prepare for the CISSP certification exam

security manager or any other person playing a role in IS security policy.

Basic knowledge of networks and operating systems as well as information security. Basic knowledge of auditing and business continuity standards.

4 Days.

Practical exercises and demonstrations will allow you to put into practice the theoretical concepts presented.

For “distance” training, they are carried out with a Teams or Zoom type videoconferencing tool, depending on the case, allowing the trainer to adapt his teaching methods.
Find all the details on distance sessions or virtual classes on our website.

  • IS security and the (ISC) ²’s CBK
  • The security of information systems.
  • The reason for CISSP certification.
  • Presentation of the scope covered by the CBK.
  • Safety management and operational safety
  • Safety management practices. The drafting of security policies, directives, procedures and standards.
  • The security awareness program, management practices, risk management, etc.
  • Safety of operations: preventive, detection and corrective measures, roles and responsibilities of actors.
  • Best practices, security when hiring staff, etc.
  • Architecture, security models and access control
  • Architecture and security models: system architecture, theoretical models of information security.
  • Systems evaluation methods, operational security modes, etc.
  • Access control systems and methodologies. The categories and types of access controls.
  • Access to data and systems, intrusion prevention (IPS) and intrusion detection (IDS) systems.
  • Audit logs, threats and attacks related to access control, etc.

 

  • Cryptography and development security
  • The concepts, symmetric and asymmetric cryptography.
  • Hash functions, public key infrastructure, etc.
  • Security of application and system development. Databases, data warehouses.
  • The development cycle, object-oriented programming, expert systems, artificial intelligence, etc.
  • Telecom and network security
  • Network and telecom security. Basic concepts, TCP / IP model, network and security equipment.
  • Security protocols, attacks on networks, data backups, wireless technologies, VPN …
  • Business continuity, law, ethics and physical security
  • Business continuity and disaster recovery plan.
  • The business continuity plan, the disaster recovery plan.
  • Emergency measures, training and awareness program, crisis communication, exercises and tests, etc.
  • Law, investigations and ethics: civil, criminal and administrative law, intellectual property.
  • The legal framework for investigation, rules for admissibility of evidence, etc.
  • Physical security. Threats and vulnerabilities related to the environment of a place, security perimeter.
  • Layout requirements, site surveillance, personnel protection, etc.