get app

    CISSP – Certified Information Systems Security Professional (ISC) ²

    BY
    Infosec Train

    Become a certified information security professional by enrolling in Infosec Train’s Certified Information Systems Security Professional programme.

    Brochure Enquire
    Mode

    Online

    Important Dates

    19 Oct, 2024 - 01 Dec, 2024

    Course Commencement Date

    28 Oct, 2024 - 29 Nov, 2024

    Course Commencement Date

    23 Nov, 2024 - 29 Nov, 2024

    Course Commencement Date

    02 Dec, 2024 - 07 Dec, 2024

    Course Commencement Date

    14 Dec, 2024 - 19 Dec, 2024

    Course Commencement Date

    Quick Facts

    particular details
    Medium of instructions English
    Mode of learning Self study, Virtual Classroom
    Mode of Delivery Video and Text Based

    Course overview

    CISSP is one of the most esteemed certifications in the information security domain. Infosec Train’s CISSP (ISC) ² certification programme aims to equip you with in-demand administrative and technical competence to architect, manage, and design an organisation’s security structure through internationally approved information security standards. 

    The Certified Information Systems Security Professional training offers in-depth knowledge of eight domains included in the CISSP common body knowledge (CBK) and helps you prepare for the CISSP exam held by the (ISC) ². Obtaining this certification will enhance your career opportunities by leaps and bounds, as it’s a highly reputed standard of achievement and an objective measure of excellence worldwide.

    With the Certified Information Systems Security Professional online programme, you’ll receive 48 hours of training by accredited instructors, along with online test simulations. You’ll also get access to recorded sessions for convenient learning. Prashant M, Ajit, and Prabh Nair will be your course educators.

    Also Read:
    The CISSP Certification Training Course

    The highlights

    • 48 hours of instructor-led training
    • Accredited and experienced instructors
    • Online test simulations
    • 3 learning options
    • Full 8-domain exam practice
    • Extensive curriculum
    • Access to recorded sessions
    • Globally-recognised certification
    • One-to-one training
    • Online curriculum
    • Completion certificate

    Program offerings

    • Full 8-domain exam practice
    • Online test simulations
    • Comprehensive training
    • Extensive curriculum
    • Online training
    • One-to-one training
    • Access to recorded sessions
    • 48 hours of instructor-led training

    Course and certificate fees

    certificate availability

    Yes

    certificate providing authority

    Infosec Train

    Who it is for

    System security analyst

    The Certified Information Systems Security Professional training is best-suited for:

    • Security Architect
    • IT Director/Manager
    • Security Manager
    • Security Auditor
    • Network Architect
    • Security Systems Engineer
    • Security Consultant
    • Chief Information Officer
    • Security Analyst
    • Director of Security
    • Chief Information Security Officer

    Eligibility criteria

    To enrol in the Certified Information Systems Security Professional training programme, you must have a minimum of 5 years of work experience in at least 2 out of 8 domains listed under the (ISC) ² CISSP Common Body of Knowledge (CBK). One year of work experience required can be waived if you have a 4-year college degree or additional credit from the list approved by (ISC) ².

    Certification qualifying details

    To receive the certification, you must procure at least 700 marks out of 1000 in the CISSP certification exam. 

    What you will learn

    Communication skills Risk management

    Upon completing the Certified Information Systems Security Professional course syllabus, you will be able to:

    • Implement and understand fundamental concepts related to IT security
    • Identify potential risks and assess specific vulnerabilities, threats, and controls
    • Apply logical and physical access controls
    • Interpret and protect SLC (system lifecycle) and SDLC (software development lifecycle)
    • Deploy appropriate security countermeasures to optimise an organisation’s operational capacity
    • Understand network security and communication
    • Align organisational goals with security implementations and functions
    • Understand the principles, concepts, standards, and structure to design, implement, secure, and monitor operating systems, applications, networks, and other controls required to maintain CIA triad
    • Design, test, and audit strategies that facilitate a secure business environment
    • Understand the concept of network security and communication
    • Determine cryptography’s importance in providing modern-day security services
    • Understand various physical security elements and apply proper physical security protection measures
    • Protect valuable assets of an organisation
    • Interpret various access controls models essential for business security

    The syllabus

    Domain 1: Security and Risk Management

    1.1 Understand and apply concepts of confidentiality, integrity and availability
    1.2 Evaluate and apply security governance principles
    • Alignment of security function to business strategy, goals, mission, and objectives
    • Organizational processes (e.g., acquisitions, divestitures, governance committees)
    • Organizational roles and responsibilities
    • Security control frameworks
    • Due care/due diligence
    1.3 Determine compliance requirements
    • Privacy requirements
    • Contractual, legal, industry standards, and regulatory requirements
    1.4 Understand legal and regulatory issues that pertain to information security in a global context
    • Licensing and intellectual property requirements
    • Cybercrimes and data breaches
    • Import/export controls
    • Privacy
    • Trans-border data flow
    1.5 Understand, adhere to and promote professional ethics
    • (ISC)² Code of Professional Ethics
    • Organizational code of ethics
    1.6 Develop, document, and implement security policy, standards, procedures, and guidelines
    1.7 Identify, analyse and prioritise Business Continuity (BC) requirements
    • Develop and document scope and plan
    • Business Impact Analysis (BIA)
    1.8 Contribute to and enforce personnel security policies and procedures
    • Employment agreements and policies
    • Candidate screening and hiring
    • Vendor, consultant, and contractor agreements and controls
    • Onboarding and termination processes
    • Compliance policy requirements
    • Privacy policy requirements
    1.9 Understand and apply risk management concepts
    • Risk assessment/analysis
    • Identify threats and vulnerabilities
    • Countermeasure selection and implementation
    • Risk response
    • Applicable types of controls (e.g., preventive, detective, corrective)
    • Monitoring and measurement
    • Security Control Assessment (SCA)
    • Reporting
    • Asset valuation
    • Risk frameworks
    • Continuous improvement
    1.10 Understand and apply threat modelling concepts and methodologies
    • Threat modelling concepts
    • Threat modelling methodologies
    1.11 Apply risk-based management concepts to the supply chain
    • Risks associated with hardware, software, and services
    • Third-party assessment and monitoring
    • Minimum security requirements
    • Service-level requirements
    1.12 Establish and maintain a security awareness, education, and training program
    • Program effectiveness evaluation
    • Periodic content reviews
    • Methods and techniques to present awareness and training

    Domain 2: Asset Security

    2.1 Identify and classify information and assets
    • Asset Classification
    • Data classification
    2.2 Determine and maintain information and asset ownership
    2.3 Protect privacy
    • Data processors
    • Data owners
    • Collection limitation
    • Data remanence
    2.4 Ensure appropriate asset retention
    2.5 Determine data security controls
    • Scoping and tailoring
    • Understand data states
    • Data protection methods
    • Standards selection
    2.6 Establish information and asset handling requirements

    Domain 3: Security Architecture and Engineering

    3.1 Implement and manage engineering processes using secure design principles
    3.2 Understand the fundamental concepts of security models
    3.3 Select controls based upon systems security requirements
    3.4 Understand security capabilities of information systems (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
    3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
    • Server-based systems
    • Client-based systems
    • Cryptographic systems
    • Database systems
    • Cloud-based systems
    • Industrial Control Systems (ICS)
    • Internet of Things (IoT)
    • Distributed systems
    3.6 Assess and mitigate vulnerabilities in web-based systems
    3.7 Assess and mitigate vulnerabilities in mobile systems
    3.8 Assess and mitigate vulnerabilities in embedded devices
    3.9 Apply cryptography
    • Cryptographic methods (e.g., symmetric, asymmetric, elliptic curves)
    • Cryptographic life cycle (e.g., key management, algorithm selection)
    • Key management practices
    • Public Key Infrastructure (PKI)
    • Non-repudiation
    • Digital signatures
    • Understand methods of cryptanalytic attacks
    • Integrity (e.g., hashing)
    • Digital Rights Management (DRM)
    3.10 Apply security principles to site and facility design
    3.11 Implement site and facility security controls
    • Server rooms/data centers
    • Wiring closets/intermediate distribution facilities
    • Evidence storage
    • Media storage facilities
    • Utilities and Heating, Ventilation, and Air Conditioning (HVAC)
    • Restricted and work area security
    • Fire prevention, detection, and suppression
    • Environmental issues

    Domain 4: Communications and Network Security

    4.1 Implement secure design principles in network architectures
    • Implications of multilayer protocols
    • Internet Protocol (IP) networking
    • Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models
    • Wireless networks
    • Software-defined networks
    • Converged protocols
    4.2 Secure network components
    • Network Access Control (NAC) devices
    • Transmission media
    • Operation of hardware
    • Content-distribution networks
    • Endpoint security
    4.3 Implement secure communication channels according to design
    • Multimedia collaboration
    • Voice
    • Remote access
    • Virtualised networks
    • Data communications

    Domain 5: Identity and Access Management (IAM)

    5.1 Control physical and logical access to assets
    • Systems
    • Information
    • Facilities
    • Devices
    5.2 Manage identification and authentication of people, devices, and services
    • Single/multi-factor authentication
    • Identity management implementation
    • Session management
    • Accountability
    • Credential management systems
    • Federated Identity Management (FIM)
    • Registration and proofing of identity
    5.3 Integrate identity as a third-party service
    • Cloud
    • Federated
    • On-premise
    5.4 Implement and manage authorisation mechanisms
    • Mandatory Access Control (MAC)
    • Rule-based access control
    • Role-Based Access Control (RBAC)
    • Attribute-Based Access Control (ABAC)
    • Discretionary Access Control (DAC)
    5.5 Manage the identity and access provisioning lifecycle
    • System account access review
    • Provisioning and de-provisioning
    • User access review

    Domain 6: Security Assessment and Testing

    6.1 Design and validate assessment, test, and audit strategies
    • External
    • Third-party
    • Internal
    6.2 Conduct security control testing
    • Penetration testing
    • Vulnerability assessment
    • Synthetic transactions
    • Log reviews
    • Interface testing
    • Misuse case testing
    • Test coverage analysis
    • Code review and testing
    6.3 Collect security process data (e.g., technical and administrative)
    • Management review and approval
    • Account management
    • Backup verification data
    • Key performance and risk indicators
    • Disaster Recovery (DR) and Business Continuity (BC)
    • Training and awareness
    6.4 Analyse test output and generate report
    6.5 Conduct or facilitate security audits
    • External
    • Third-party
    • Internal

    Domain 7: Security Operations

    7.1 Understand and support investigations
    • Reporting and documentation
    • Evidence collection and handling
    • Digital forensics tools, tactics, and procedures
    • Investigative techniques
    7.2 Understand requirements for investigation types
    • Criminal
    • Civil
    • Administrative
    • Industry standards
    • Regulatory
    7.3 Conduct logging and monitoring activities
    • Security Information and Event Management (SIEM)
    • Intrusion detection and prevention
    • Egress monitoring
    • Continuous monitoring
    7.4 Securely provisioning resources
    • Configuration management
    • Asset management
    • Asset inventory
    7.5 Understand and apply foundational security operations concepts
    • Separation of duties and responsibilities
    • Privileged account management
    • Need-to-know/least privileges
    • Service Level Agreements (SLA)
    • Information lifecycle
    • Job rotation
    7.6 Apply resource protection techniques
    • Hardware and software asset management
    • Media management
    7.7 Conduct incident management
    • Detection
    • Response
    • Mitigation
    • Reporting
    • Recovery
    • Remediation
    • Lessons learne
    7.8 Operate and maintain detective and preventive measures
    • Intrusion detection and prevention systems
    • Firewalls
    • Third-party provided security services
    • Whitelisting/blacklisting
    • Honeypots/honeynets
    • Anti-malware
    • Sandboxing
    7.9 Implement and support patch and vulnerability management
    7.10 Understand and participate in change management processes
    7.11 Implement recovery strategies
    • Multiple processing sites
    • Recovery site strategies
    • Backup storage strategies
    • System resilience, high availability, Quality of Service (QoS), and fault tolerance
    7.12 Implement Disaster Recovery (DR) processes
    • Personnel 
    • Communications
    • Response 
    • Restoration
    • Training and awareness
    • Assessment
    7.13 Test Disaster Recovery Plans (DRP)
    • Walkthrough
    • Read-through/tabletop
    • Simulation
    7.14 Participate in Business Continuity (BC) planning and exercises
    7.15 Implement and manage physical security
    • Internal security controls
    • Perimeter security controls
    7.16 Address personnel safety and security concerns
    • Security training and awareness
    • Travel
    • Duress
    • Emergency management

    Domain 8: Software Development Security

    8.1 Understand and integrate security in the Software Development Life Cycle (SDLC)
    • Maturity models
    • Development methodologies
    • Change management
    • Integrated product team
    • Operation and maintenance
    8.2 Identify and apply security controls in development environments
    • Security of code repositories
    • Configuration management as an aspect of secure coding
    • Security of the software environments
    8.3 Assess the effectiveness of software security
    • Risk analysis and mitigation
    • Auditing and logging of changes
    8.4 Assess security impact of acquired software
    8.5 Define and apply secure coding guidelines and standards
    • Secure coding practices
    • Security of application programming interfaces
    • Security weaknesses and vulnerabilities at the source-code level

    Admission details

    • https://www.infosectrain.com/courses/cissp-certification-training/ Here’s the link for the Certified Information Systems Security Professional course website.
    • Go through the course details carefully upon landing on the page. Once you’re satisfied with the curriculum outcomes, scroll down to the “Choose Your Preferred Learning Mode” section, choose one that suits you, and select “Enroll Now.”
    • An admission form will pop up on your screen. Fill in the required details and hit ‘Submit Now.’
    • You will receive an email or phone call from the programme counsellors shortly.

    Filling the form

    While enrolling for the Certified Information Systems Security Professional online course, you will have to fill a short form. Here, you must provide details like your name, phone number, email address, and country name. If you’re applying for corporate training, you’ll also have to declare your organisation's employee strength and your company’s name.

    Evaluation process

    The CISSP (ISC) ² certification test is a 3-hour exam consisting of 150 MCQ-type questions. It is delivered in CAT (computerised adaptive testing) method and is available in many languages. 

    How it helps

    Undertaking the Certified Information Systems Security Professional online programme, you get access to expert-curated training material, and online test simulations mapped to every domain of the CISSP syllabus. Also, certified instructors deliver the course, ensuring that you receive only the most relevant content. 

    Recorded sessions and one free session redo are also available to help you get back on track if you miss a lecture. With all these benefits, you’re sure to ace the CISSP certification exam.

    Instructors

    Mr Prabh Nair
    Instructor
    Freelancer

    Mr Chandresh

    Mr Chandresh
    Instructor
    Freelancer

    Mr Jeevan 1

    Mr Jeevan 1
    Instructor
    Freelancer

    FAQs

    Who conducts the CISSP certification exam?

    The International Information Systems Security Certification Consortium (ISC) 2 conducts the CISSP certification exam.

    How many hours of learning content do I get access to after enrolling?

    The course provides 48 hours of instructor-led coaching.

    What if I miss a live session?

    If, for some reason, you miss a session, don’t worry. You will be able to access the recordings of all live sessions.

    Do I mandatorily need 5 years of work experience to appear for the CISSP exam?

    Yes, 5 years of work experience is a necessary eligibility criterion that one must fulfil to sit for the CISSP exam. However, you can get a waiver of one year if you have a 4-year college degree or additional credentials from the (ISC) ² approved lists.

    How long is the CISSP certification exam?

    The exam is 3 hours long.

    Trending Courses

    Digital Marketing Courses Fashion Design Courses Data Science Courses Interior Design Courses Graphic Designing Courses Cyber Security Courses Nursing Courses Tally Courses Data Analysis Courses Web Designing Courses Artificial Intelligence Courses Ethical Hacking Courses Free Digital Marketing Courses And certifications Free Artificial Intelligence Courses And Certifications Free Data Analysis Courses And Certifications Free Cyber Security Courses And Certifications Free Data Science Courses And Certifications Free Cloud Computing Courses And Certifications Free Python Courses And Certifications Free Fashion And Textiles Courses And Certifications Free Graphic Designing Courses And Certifications Free Web Designing Courses And Certifications

    Popular Courses

    General Management Courses Public Health Courses Teaching and Education Courses Financial Management Courses Web Development Courses Mathematics Courses Data Science Courses Cyber Security Courses Programming Courses Digital Marketing Courses Law Courses Leadership Courses Explore all courses

    Popular Platforms

    upGrad Courses Udemy Courses Edx Courses Swayam Courses Coursera Courses Futurelearn Courses Mindmajix Technologies Courses Vskills Courses IIT Kharagpur Courses Emeritus Courses IIT Kanpur Courses NPTEL Courses Explore all platforms

    Learn more about the Courses

    10 Reasons to Enrol Yourself in a Digital Marketing Course 8 Must-Have Skills for AWS Cloud Architects Planning to Upskill Yourself? Enrol for a Program in Data Science 25+ Tips for Improving Your Graphic Design Skills Top Universities in India Offering Cyber Security Courses 15+ Courses for Learning Data Mining How to Make a Career in the Field of Artificial Intelligence Top 10 Benefits Of Holding A Certification In Business Intelligence Which are the best certification courses for Photography in India A Beginner's Guide to Pursue Python Programming Want to Pursue a Career in Blockchain Technology? Here is all that you need to Know How Entrepreneurs Can Use Machine Learning to Make their Business Successful? The Scope of Artificial Intelligence in India Top 10 Online Courses for Travel Lovers 10 Best Certification Courses After Hospital and Healthcare Management
    Providers
    Close

    Download the Careers360 App on your Android phone

    Regular exam updates, QnA, Predictors, College Applications & E-books now on your Mobile

    Careers360 App
    150M+ Students
    30,000+ Colleges
    500+ Exams
    1500+ E-books