Diploma in Certified Information Systems Security Professional (CISSP 2019)

Security and Risk Management

Description: In this module, Security and Risk Management, students will learn about Confidentiality, Integrity, and Availability. It will also go into detail on Security Governance, and Compliance Requirements. Students will learn Professional Ethics, as well as Security Policy, Standards, Procedures.The module will also cover Threat Modeling.

• Topic A: Confidentiality, Integrity, and Availability
• Topic B: Security Governance
• Topic C: Compliance Requirements
• Topic D: Legal and Regulatory - Global
• Topic E: Professional Ethics
• Topic F: Security Policy, Standards, Procedures
• Topic G: Business Continuity
• Topic H: Personal Security Policies
• Topic I: Apply Risk Management
• Topic J: Threat Modeling
• Topic K: Risk Management - Supply Chain
• Topic L: Security Awareness and Training
• Assessment: Security and Risk Management - Assessment

Asset Management

Description: In this module, Asset Management, students will learn about protecting assets. The module will cover asset ownership and asset retention. Students will also learn about protecting privacy. It will also go over data security controls. It also covers safe information handling as well as asset handling.

• Topic A: Identify and Classify
• Topic B: Asset Ownership
• Topic C: Protect Privacy
• Topic D: Asset Retention
• Topic E: Data Security Controls
• Topic F: Information / Asset Handling
• Assessment: Asset Management - Assessment

Security Architecture and Engineering

Description: In this module, Security Architecture and Engineering, students will learn about Engineering Processes and Secure Design. They will also learn about Concepts of Security Models. The module will cover Security Capabilities of Information Systems. Students will also learn about Assessing and Mitigating Vulnerabilities.

• Topic A: Engineering Processes and Secure Design
• Topic B: Concepts of Security Models
• Topic C: Controls Based on Security Requirements
• Topic D: Security Capabilities of Information Systems
• Topic E: Assess / Mitigate Vulnerabilities
• Topic F: Assess / Mitigate Vulnerabilities (Web)
• Topic G: Assess / Mitigate Vulnerabilities (Mobile)
• Topic H: Assess / Mitigate Vulnerabilities (Embedded)
• Topic I: Apply Cryptography
• Topic J: Site / Facility Security Principles
• Topic K: Site / Facility Security Controls
• Assessment: Security Architecture and Engineering - Assessment

Communication and Network Security

Description: In this module, Communication and Network Security, students will learn about Secure Design and Network Architecture. Students will also learn all about Secure Network Components. The module will go over Encapsulation as well as Decapsulation. The module will also cover Secure Communication Design.

• Topic A: Secure Design and Network Architecture
• Topic B: Secure Network Components
• Topic C: Secure Communication Design
• Assessment: Communication and Network Security - Assessment

Identity and Access Management

Description: In this module, Identity and Access Management, students will learn about managing access to important services. The module will cover Physical and Logical Access. Students will also learn about Managing Identification and Authentication. They will also learn about Managing Identity and the Access Lifecycle.

• Topic A: Physical and Logical Access
• Topic B: Manage Identification / Authentication
• Topic C: Integrate Identity as a Third-Party Service
• Topic D: Implement and Manage Authorization
• Topic E: Manage Identity / Access Lifecycle
• Assessment: Identity and Access Management - Assessment

Security Assessment and Testing

Description: In this module, Security Assessment and Testing students will learn about assessing and testing security. It will go into depth on Security Control Testing and preforming internal and external security audits. Students will also learn about audit standards when preforming these audits. The module will also cover how to Analyze Test Outputs and Generate Reports.

• Topic A: Assessment, Test, and Audit Strategies
• Topic B: Security Control Testing
• Topic C: Security Process Data
• Topic D: Analyze Test Output / Generate Reports
• Topic E: Conduct / Facilitate Security Audit
• Assessment: Security Assessment and Testing - Assessment

Security Operations

Description: In this module, Security Operations, students will learn about investigating security activity, preventing breaches and responding to breaches. Students will learn about Logging and Monitoring Activities. The module will cover Protection Techniques and Preventative Measures. It will also go over Implementing Disaster Recovery.

• Topic A: Investigations
• Topic B: Investigation Team
• Topic C: Logging and Monitoring Activities
• Topic D: Provisioning Resources
• Topic E: Security Operations Concepts
• Topic F: Protection Techniques
• Topic G: Incident Management
• Topic H: Detective / Preventative Measures
• Topic I: Patch and Vulnerability Management
• Topic J: Change Management Processes
• Topic K: Implement Recovery Strategies
• Topic L: Implement Disaster Recovery
• Topic M: Test Disaster Recovery
• Topic N: Implement / Manage Physical Security
• Topic O: Personnel Safety / Security
• Assessment: Security Operations - Assessment

Software Development Security

Description: In this module, Software Development Security, students will learn about the Software Development Life Cycle. The module will also cover Security Controls in Development. Students will also learn about the Security Impact of Acquired Software. The module also goes over Secure Coding Guidelines and Standards.

• Topic A: Software Development Life Cycle
• Topic B: Security Controls in Development
• Topic C: Assess Software Security Effectiveness
• Topic D: Security Impact of Acquired Software
• Topic E: Secure Coding Guidelines and Standards
• Assessment: Software Development Security - Assessment

Course assessment

• Assessment: Certified Information Systems Security Professional (CISSP 2019) - Final Assessment