Certified Information Systems Security Professional CISSP Training - OEM Certkit

The Certified Information Systems Security Professional (CISSP) is the most globally recognised certification in information security. CISSP validates the in-depth technical and managerial knowledge and experience of an information security professional to effectively design, develop and manage an organisation's overall security

Prerequisites:
Candidates must have a minimum of five years cumulative, full-time experience in two or more of the eight domains of the current CISSP Exam Outline. Earning a post-secondary degree (bachelors or masters) in computer science, information technology (IT) or related fields may satisfy up to one year of the required experience or an additional credential from the ISC2 approved list may satisfy up to one year of the required experience. Part-time work and internships may also count towards the experience requirement.

Course areas:

• Security and Risk Management:
• Asset Security:
• Security Architecture and Engineering:
• Communication and Network Security:
• Identity and Access Management (IAM):
• Security Assessment and Testing:
• Security Operations:
• Software Development Security

Who should attend:
The CISSP is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles.

CertKit content:

CertKit content:

E-learning courses:

CISSP 2024: Professional Ethics & Security Concepts

Course: 18 Minutes

• Course Overview
• ISC2 Code of Professional Ethics
• Organizational Code of Ethics
• Confidentiality
• Integrity
• Availability
• Authenticity
• Non-repudiation
• Course Summary

CISSP 2024: Security Governance & Compliance Issues

Course: 42 Minutes

• Course Overview
• Aligning Security with Strategy, Goals, Mission, and Objectives
• Organizational Processes
• Organizational Roles and Responsibilities
• Security Control Frameworks
• Due Diligence and Due Care
• Cybercrimes and Data Breaches
• Licensing and Intellectual Property Requirements
• Import and Export Controls and Transborder Data Flow
• Issues Related to Privacy
• Contractual, Legal, and Industry Standards and Regulatory Requirements
• Course Summary

CISSP 2024: Investigations & Policies

Course: 32 Minutes

• Course Overview
• Requirements for Investigation Types
• Develop, Document, and Implement Security Policy Elements
• Candidate Screening and Hiring
• Employment Agreements and Policy-driven Requirements
• Onboarding, Transfers, and Termination Processes
• Course Summary

CISSP 2024: Risk Management Concepts

Course: 45 Minutes

• Course Overview
• Threat and Vulnerability Identification
• Risk Analysis, Assessment, and Scope
• Risk Response and Treatment
• Control Categories and Types
• Control Assessments
• Continuous Monitoring and Measurement
• Risk Management Reporting
• Continuous Improvement
• Comparing Risk Frameworks
• Course Summary

CISSP 2024: Threat Modeling, SCRM, & Security Awareness

Course: 30 Minutes

• Course Overview
• Threat Modeling Concepts and Methodologies
• Supply Chain Risks
• Mitigating Supply Chain Risks
• Increasing Awareness and Training
• Periodic Content Reviews
• Evaluating Program Effectiveness
• Course Summary

CISSP 2024: Asset Classification, Handling, & Provisioning

Course: 23 Minutes

• Course Overview
• Asset Classification
• Data Classification
• Information and Asset Handling Requirements
• Secure Provisioning of Information and Assets
• Information and Asset Ownership
• Asset Inventory
• Asset Management
• Course Summary

CISSP 2024: Data Lifecycle, Controls, & Compliance

Course: 34 Minutes

• Course Overview
• Data Roles
• Data States
• Data Collection
• Data Location
• Data Maintenance
• Data Retention and Remanence
• Data Destruction
• Data Scoping and Tailoring
• Selecting Data Standards
• Data Protection Methods
• Course Summary

CISSP 2024: Secure Design Principles & Models

Course: 41 Minutes

• Course Overview
• Least Privilege and Defense in Depth
• Secure Defaults and Fail Securely
• Segregation of Duties (SOD)
• Keep it Simple and Small
• Privacy by Default and Design
• Shared Responsibility
• Threat Modeling
• Zero Trust vs. Trust but Verify
• Exploring Secure Access Service Edge (SASE)
• Fundamental Concepts of Security Models
• Course Summary

CISSP 2024: Vulnerabilities of Architectures, Designs, & Solution Elements

Course: 56 Minutes

• Course Overview
• Client-based vs. Server-based Systems
• Database Systems
• Cryptographic Systems
• Industrial Control Systems (ICS) and Embedded Systems
• Virtualized and Cloud-based Systems
• Distributed Systems
• Assessing Internet of Things (IoT) Vulnerabilities
• Containerization and Microservices
• Serverless Technologies
• High-performance Computing
• Edge Computing
• Trusted Execution Environments
• Course Summary

CISSP 2024: Cryptographic Solutions & Cryptanalytic Attacks

Course: 48 Minutes

• Course Overview
• Cryptographic Methods
• Cryptographic Life Cycle
• Key Management Practices
• Digital Signatures and Certificates
• Public Key Infrastructure
• Exploring Brute Force Attacks
• Implementation and Side-channel Attacks
• On-path Attacks
• Kerberos Exploitation
• Ransomware Attacks
• Course Summary

CISSP 2024: Site & Facility Security

Course: 46 Minutes

• Course Overview
• Site and Facility Security Design Principles
• Perimeter Security Controls
• Internal Security Controls
• Secure Wiring Closets and Intermediate Distribution Frames
• Server Room and Data Center Security
• Media Storage Facilities and Evidence Storage Security
• Secure Restricted and Work Areas
• Utilities and HVAC Security
• Environmental Issues and Security
• Power Issues and Security
• Personnel Safety and Security
• Course Summary

CISSP 2024: Secure Design Principles in Network Architectures (Part 1)

Course: 47 Minutes

• Course Overview
• OSI and TCP/IP Protocols
• IPv4 and IPv
• Secure Protocols
• Multilayer Protocol Implications
• Converged Protocols
• Transport Architectures
• Performance Metrics
• Traffic Flows
• Course Summary

CISSP 2024: Secure Design Principles in Network Architectures (Part 2)

Course: 48 Minutes

• Course Overview
• Physical Segmentation
• Logical Segmentation
• Microsegmentation
• Edge Networks
• Wireless Networks
• Cellular and Mobile Networks
• Content Distribution Networks (CDNs)
• Software-defined Networks (SDNs)
• Exploring a Virtual Private Cloud (VPC)
• Monitoring and Management
• Course Summary

CISSP 2024: Securing Network Components & Communication Channels

Course: 35 Minutes

• Course Overview
• Operation of Infrastructure
• Transmission Media
• Network Access Control (NAC) Systems
• Endpoint Security
• Voice, Video, and Collaboration
• Remote Access
• Data Communications
• Third-party Connectivity
• Course Summary

CISSP 2024: Controlling Asset Access, Device Identification, and Authentication

Course: 46 Minutes

• Course Overview
• Controlling Physical and Logical Access to Assets
• Working with Groups and Roles
• Authentication, Authorization, and Accounting (AAA)
• Session Management
• Registration, Proofing, and Identity
• Federated Identity Management (FIM)
• Credential Management Systems
• Single Sign-on (SSO)
• Just-In-Time (JIT)
• Authentication System Implementation
• Federated Identity with Third-party Services
• Course Summary

CISSP 2024: Authorization Mechanisms & Identity Management

Course: 36 Minutes

• Course Overview
• Rule-based Access Control
• Role-based Access Control (RBAC)
• Working with Discretionary Access Controls (DAC)
• Mandatory Access Control (MAC)
• Attribute-based vs. Risk-based Access Control
• Access Policy Enforcement
• Account Access Review
• Provisioning and Deprovisioning
• Role Definitions and Transitions
• Privilege Escalation
• Service Accounts Management
• Course Summary

CISSP 2024: Security Audit & Controls Testing

Course: 34 Minutes

• Course Overview
• Internal, External, and Third-party Audits
• Locations for Auditing and Controls Testing
• Vulnerability Assessment
• Penetration Testing
• Log Reviews
• Code Review and Testing Techniques
• Synthetic Transactions, Benchmark, and Misuse Case Testing
• Coverage Analysis
• Interface Testing
• Compliance Checks
• Course Summary

CISSP 2024: Collecting & Analyzing Security Process Data

Course: 23 Minutes

• Course Overview
• Account Management Process Data Collection
• Management Review and Approval Data Collection
• Key Performance and Risk Indicators
• Data Backup Verification
• Training and Awareness Process Data
• Disaster Recovery (DR) and Business Continuity (BC) Process Data
• Analyze Test Output and Generate Reports
• Security Audit Reporting
• Course Summary

CISSP 2024: Logging, Monitoring, & Investigations

Course: 33 Minutes

• Course Overview
• Log Management
• Intrusion Detection and Prevention Systems (IDPS)
• Security Information and Event Management (SIEM)
• Security Orchestration, Automation, and Response (SOAR)
• Continuous Monitoring and Tuning
• Threat Intelligence
• User and Entity Behavior Analytics
• Cyber Forensics Collection and Handling
• Forensic Analysis
• Forensic Reporting and Documentation
• Course Summary

CISSP 2024: Foundational Security Operations & Resource Protection

Course: 36 Minutes

• Course Overview
• Configuration Management Operations
• The Change Management Practice
• Need to Know vs. Least Privilege
• Segregation of Duties (SoD) and Responsibilities
• Privileged Account Management (PAM)
• Job Rotation
• Service-level Agreements (SLA)
• Resource Protection
• Incident Management Preparation, Detection, and Response
• Incident Management Mitigation and Reporting
• Incident Management Recovery and Remediation
• Incident Management Lessons Learned
• Course Summary

CISSP 2024: Operating Detection & Preventative Measures

Course: 36 Minutes

• Course Overview
• Firewalls
• Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
• Whitelisting and Blacklisting
• Using Third-party Security Services
• Sandboxing
• Honeypots and Honeynets
• Antimalware
• Machine Learning (ML) and AI-based Tools
• Patch and Vulnerability Management
• Course Summary

CISSP 2024: Business Continuity Planning & Exercises

Course: 36 Minutes

• Course Overview
• Business Continuity Requirements
• Business Impact Analysis (BIA)
• Backup Storage Strategies
• Recovery Site Strategies
• Multiple Paths and Design Resilience
• Resilience, Redundancy, and High Availability
• Quality of Service (QoS) and Fault Tolerance
• Course Summary

CISSP 2024: Implement Disaster Recovery

Course: 22 Minutes

• Course Overview
• Disaster Recovery Response
• Personnel in the Disaster Recovery Plan
• Communications Methods
• Disaster Recovery Plan Assessments
• Restoration from Disasters
• Disaster Recovery Plan Tests
• Lessons Learned
• Communicating Test Results
• Disaster Recovery Plan Training and Awareness
• Course Summary

CISSP 2024: Securing the SDLC & Software Development Ecosystems

Course: 43 Minutes

• Course Overview
• Development Methodologies
• Maturity Models
• DevOps Operations, Maintenance, and Change Management
• Integrated Product Teams (IPTs)
• Secure Languages, Libraries, and Runtime Environments
• Working with Integrated Development Environments (IDEs) and Toolsets
• Continuous Integration and Continuous Delivery (CI/CD)
• Software Configuration Management (SCM)
• Code Repository Security
• Application Security Testing
• Course Summary

MeasureUp Exam simulation

• 388 questions

Online Mentor

The online mentor can answer all your specific technical questions via chat or email related to your studies.
Online Mentor is active for 90 days or 365 days - after activation!

Tips, Tricks & Links

Take advantage of our comprehensive collection of tips, tricks and links designed specifically to support your preparation for certification exams. These resources offer valuable insights and proven strategies to make your studies more effective. Enhance your learning experience and approach your exams with confidence!

Practice Labs - Virtual Labs (option)

The CISSP Practice Lab will provide you with the necessary platform to gain hands-on skills in security. By completing the lab tasks you will improve your practical skills in Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations and Software Development Security. These same tasks will help you understand the objectives and competencies required by the ISC2 CISSP certification exam.