COM2115 - CISSP Domains 1 - 3

Course Description

“CISSP is the most globally recognized certification in the information security market”, per (ISC)2. Most industry professionals and hiring managers agree. PCATT is pleased to offer a thorough approach to preparing for the CISSP certification exam. This training is appropriate for people working in all areas of security as well as IT managers and network architects. More information about the CISSP is available at: https://www.isc2.org/cissp

This first course introduces you to the areas covered by the CISSP exam and the expectations of the knowledge you must have to prepare for certification. You will understand the scope of the CISSP and how the knowledge areas interrelate and build on each other.

This session starts the domain of Security and Risk Management covering confidentiality, integrity, and availability concepts, security governance principles, compliance, legal and regulatory issues, professional ethic, security policies, standards, procedures and guidelines.

The course continues with Asset Security from CBK Domain 2 and Security Engineering from CBK Domain 3. Topics include but are not limited to information and asset classification, ownership, protect privacy, appropriate retention, data security controls, and handling requirements. We continue with engineering processes using secure design principles, security models fundamental concepts, security evaluation models, security capabilities of information systems, security architectures, designs, and solution elements vulnerabilities.

CBK Domain 3, Security Engineering, includes web-based systems vulnerabilities, mobile systems vulnerabilities, embedded devices and cyber-physical systems vulnerabilities. Site and facility design secure principles, physical security, and cryptography are also discussed.