| IS-101 CISSP Security Boot Camp |
|
Click on a date to register
|
 |
Live@DL |
IS-101 -
6 days -
Instructor-led (classroom)
Vigilar's Intense School CISSP Boot Camp
Price: 2,795
Table of Contents
Introduction
Course Description
Audience
At Course Completion
Prerequisites
Certified Professional Exams
Student Materials
Course Outline
Introduction
SQLSoft+ has partnered with Vigilar's industry leading Intense School to bring
this security certification prep course to the Puget Sound area. Many organizations,
including healthcare, government, and financial industries are required to have
CISSP certified professionals on staff. Vigilar's Intense School custom curriculum
has a proven track record and is a recognized leader in intense CISSP certification
training programs.
The CISSP Boot Camp is an intensive 6-day format that is scheduled to run Sunday
through Friday, and is usually followed by a day for the actual CISSP exam.
Registration for this class will close one month prior to the class as pre-class
prep materials are shipped out 30 days before class starts. We cannot emphasize
the point enough: to be successful, you must have adequate security-related
experience and do a lot of studying before you attend the boot camp.
Return to Top
Course Description
The CISSP course is aimed at preparing security professionals for the challenging
CISSP exam, covering the objectives of the exam as defined in the (ISC)2™
common body of knowledge. CISSP candidates are expected to have a broad
range of skills across security policy development and management, as well as
technical understanding of a wide range of security controls across all disciplines
within Information Security. Our program will provide you with a quick
and proven method for mastering this huge range of knowledge.
The CISSP® program provides intensive training on the following ten domains:
- Access Control Systems & Methodology
- Applications & Systems Development
- Business Continuity & Disaster Recovery Planning
- Cryptography
- Law, Investigation & Ethics
- Operations Security (Computer)
- Physical Security
- Security Architecture & Models
- Security Management Practices
- Telecommunications & Network Security
Return to Top
Audience
The CISSP Program is targeted to professionals with at least 3 years of experience
in the Information Security field.
Return to Top
At Course Completion
At the end of this course, the student will have covered everything required
to pass the CISSP certification exam, and will be able to:
- Competently handle security threats.
- Gain credentials as a leading security professional for current and future
employment.
- Proficiently understand the 10 essential core domains of the common body
of knowledge.
Return to Top
Prerequisites
Prior to enrolling in Vigilar's Intense School CISSP Boot Camp, students should
have roughly three years of experience in security.
Return to Top
Certified Professional Exams
This course will help students prepare for the CISSP Certification examination,
which consists of 250 multiple-choice questions. Candidates have up to 6 hours
to complete the examination. Visit the isc2.org
Web site for more information.
Return to Top
Student Materials
The student kit includes the following:
- Six (6) full days of the best CISSP preparation training in the world.
- Opportunity to re-sit a classroom-based or Live Online course for up to
one year.
- Access to the Vigilar's Intense School IT Professional Reference Library
Online including:
- The CISSP Prep Guide by Wiley Press.
- The CISSP Study Guide by Sybex Publishing.
- 4,000 other indexed, fast-searchable and printable industry books.
- In-person access to the top security experts in the industry.
- 1,300-page courseware books.
- Vigilar's Intense School practice questions.
Return to Top
Course Outline
Day One
CISSP Exam Specifications
Module1: Security Management Practices
- Evolution of Security Management
- Security Through Obscurity
- Control Types
- Due Care and Due Diligence
- CIA Triad
- Possible Treats
- Security Controls
- Security Models
- Risk Management
- Steps of a Risk Analysis
- Security Policies
- Approach to Security Management
- Data Classification
- Commercial Versus Military Classifications
- Employee Management
Question & Answer Drill
Module 2: Access Control Systems and Methodology
- Steps of Access Control
- Access Control Mechanisms
- Authentication
- Biometrics
- Password Practices
- Synchronous One-Time Password Generator
- Asynchronous One-Time Password Generator
- Token Devices
- Passphrase
- Authentication Mechanisms
- Single Sign-On Technologies
- Kerberos Components
- Access Control Models
- Discretionary Access Control
- Mandatory Access Control
- Security Lables
- Role-based Access Control
- Rose-based Access Model
- Lattice based Access Control
- Rule-based Access Control
- Centralized Access Control Administration
- Decentralized Access Control Administration
- RADIUS Steps
- TACACS Steps
- Technical Controls
- Physical Controls
- Accountability
- Log Protection
- Social Engineering
- IDS
- Penetration Testing
- Attack Strategies
Question & Answer Drill
Evening Study Sessions: Group Study, Mentoring, Self-study
Day Two
Module 3: Security Architecture and Models
- Computer Architecture Components
- Central Processing Unit (CPU)
- Storage Types
- Memory Mapping
- Hardware Segmentation
- Process Versus Thread
- OSI Model
- Data Encapsulation
- Application Layer
- Presentation Layer
- Session Layer
- Transport Layer
- Network Layer
- Data Link and Physical Layers
- Protocols at Each Layer
- Systems Self Protection
- Resource Access
- Process Isolation
- Layered Approach
- Protection Rings
- Trusted Computing Base
- Security Perimeter
- Reference Monitor
- Security Kernel
- Operating States
- Security Models
- State Machine Models
- Bell-LaPadula Model
- Biba Model
- Clark Wilson Model
- Non-Interference Model
- Information Flow Model
- Berwer and Nash Model
- Chinese Wall Security Policy
- Trusted Computer System Evaluation Criteria (TCSEC)
- Information Technology Security Evaluation Criteria (ITSEC)
- Common Criteria
- Timing Attacks
Question & Answer Drill
Module 4: Business Continuity and Disaster Recovery Planning
- Disaster Recovery Issues
- Impacting Business
- Possible Threats
- Categories of Disruptions
- Results from the BIA
- Disaster Recovery Plan
- Developing a Recovery Team
- Backup Alternatives
- Facility Backups
- Electronic Vaulting
- Off-Site Storage
- Testing and Drills
- Maintenance
- Phases of Plan
- Preventions
Question & Answer drill
Evening Study Sessions: Groups Study, Mentoring, Self-Study
Day Three
Module 5: Cryptography
- History of Cryptography
- Scytale Cipher
- Cryptography in War
- Protection of Encryption
- Keys and Text
- Breaking Encryption Systems
- Attack on Cipher Types
- Government and Cryptography
- Clipper Chip
- Escrowing Keys
- Cipher Types
- S-boxes in Block Ciphers
- Stream Cipher
- Symmetric Versus Asymmetric
- Key Distribution
- Public Key Cryptography
- Key Management
- Data Encryption
- Creation of a Session Key with Diffie-Hellman
- Key Recovery
- Secured and Signed Message
- Types of Symmetric Algorithms
- DES Conceptually
- Advanced Encryption Standard
- Message Integrity
- Hashing Algorithms
- Digital Signature
- Message Integrity
- Public Key Infrastructure
- Certificate Details
- CA Hierarchy
- Cross-certification
- CA Communication
- One-Time Pad
- E-mail Security
- Secure Protocols
- SET
- IPSec
- Attach types
Question & Answer drill
Module 6: Physical Security
- Physical Security Components
- Threats
- Facility Location
- Facility Contruction
- Facility Attributes
- Physical Security Controls
- Hardware Backups
- Electrical Power
- Environmental Consideration
- Fire Prevention
- Entrance Protection
- Audit Trails
- Exterior Boundary Protection
- Perimeter Issues
- Perimeter Protection
- Security Guards
- Monitoring
- Intrusion Detection Systems
Question & Answer Drill
Evening Study Sessions: Group Study, Mentoring, Self-study
Day Four
Module 7: Network and Telecommunications Security
- TCP\IP
- IP
- UDP Versus TCP
- Networks
- Intranet and Extranet
- Network Wiring
- Netowrk Topologies
- LAN Media Access Technologies
- Protocols
- Networking Devices
- Firewalls
- Bastion Host
- Demilitarized Zone
- Virtual Private Network
- Tunneling Protocols
- Wide Area Network
- Remote Access
- Dial-up and RAS
- PB Protection
- Physical and Data Link Layer
- Wireless Application Protocol
- Wired Equivalent Privacy (WEP)
- Possible WLAN Attacks
- War Driving
- Countermeasure
Question & Answer Drill
Module 8: Computer Law, Investigations and Ethics
- Law, Investigation and Ethics Objectives
- Ethics Computer Crime Issues
- Attack Types
- Phone Fraud
- Legal Liability
- Risk Assessment
- Privacy Issues
- International Issues
- Types of Common Laws
- Criminal Law
- Civil law
- New Federal Policies
- Intellectual Property Laws
- Responding to a Computer Crime
- Incident Handling
- Incident Response
- Forensics
- Evidence
Question & Answer Drill
Evening Study Sessions: Group Study, Mentoring, Self-Study
Day Five
Module 9: Applications and Systems Development
- Applications and Systems Development Objectives
- Project Development
- Verfication Versus Validation
- Administrative Control
- Change Control
- Configuration Management Issues
- Software Development
- Application Development Methodology
- Object-Oriented Programming
- Module Interaction
- Cohesive and Coupling
- Distributed Computing
- Java Security
- Database Systems
- Database Security Mechanisms
- Data Mining
- Artificial Intelligence
- Artificial Neural Networks
- Malicious Code
- Attack Types
- Smurf Attack
- SYN Attack
- Timing Attacks
Question & Answer Drill
Module 10: Security Operations Security
- Operations Security Objectives
- Operational Controls
- Control Types
- Audit Data
- Configuration Management
- Trusted Recovery
- Facsimile Security
- Operational Duties
- Network Availability
- RAID Levels
- Redundancy Mechanism
- Backups
- Threats and Attacks
Question & Answer Drill
Evening Study Sessions: Group Study, Mentoring, Self-study
Day Six
Ten Domains of the CBK Review
Practice Exam
Return to Top
|