O'Reilly logo
live online training icon Live Online training

CISSP Crash Course

Acing the CISSP Certification Exam

Topic: Security
Sari Greene

CISSP is the premier information security certification. The certification examination requires an in-depth understanding of eight security domains as defined by the ISC2 Common Body of Knowledge (CBK).

This course is based upon the May 2021 exam outline and covers every exam objective with a focus on understanding key concepts. The training will incorporate real life scenarios, case studies, and assessment questions. We’ll cover “must know” concepts from each of the eight examination domains as well as proven study and test-taking strategies to successfully pass CISSP certification exam.

What you'll learn-and how you can apply it

  • If you have just begun studying, this course is an immersion into the eight examination security domains.
  • If you are in the midst of studying, this course will help you assess your strengths and weaknesses
  • If you are almost ready to take your exam, this course will reinforce your knowledge and give you the confidence to succeed.

This training course is for you because...

  • This training prepares certification candidates for the CISSP Certification Exam.
  • This training equips cybersecurity professionals with tools for career success.

Prerequisites

  • Experience in IT networking, network storage, or data center administration

Recommended Preparation

Recommended Follow-up

About your instructor

  • Sari Greene (CISSP-ISSMP, CRISC, CISM, CISA, SEC+, NSA/IAM) is an information security practitioner, author, educator, entrepreneur and sailor. In 2003, Sari founded one of the first dedicated cybersecurity consultancies. She is a recognized leader in the field of cybersecurity and has amassed thousands of hours in the field working with a spectrum of technical, operational, compliance and management personnel as well as boards of directors, regulators, service providers, and law enforcement agencies.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Day 1

Segment 1: Domain 1 Security and Risk Management (85 minutes)

  • Instructor will discuss introduce and discuss all thirteen Domain 1 exam objectives including professional ethics, governance, compliance, regulatory issues, policy, business continuity, threat modeling, risk management, and security education concepts
  • Attendees will participate in an interactive domain assessment.

Segment 2: Domain 2 Asset Security (30 minutes)

  • Instructor will discuss introduce and discuss all six Domain 2 exam objectives including asset management and resource handling, asset lifecycle topics, and data security controls and complaince requirements.
  • Attendees will participate in an interactive domain assessment.

Segment 3: Domain 3 Security Architecture and Engineering (85 minutes)

  • Instructor will discuss introduce and discuss all six Domain 3 exam objectives including secure design principles, security architectures, design and solution elements, cryptography, and site and facility design and security controls
  • Attendees will participate in an interactive domain assessment.

Segment 4: Study Strategies

  • Instructor will discuss test taking strategies and study plans.

Day 2

Segment 1: Domain 4 Communications and Network Security (45 minutes)

  • Instructor will discuss introduce and discuss all four Domain 4 exam objectives including discuss securing network and communications infrastructure, preventing and mitigating network attacks.
  • Attendees will participate in an interactive domain assessment.

Segment 2: Domain 5 Identity and Access Management (30 minutes)

  • Instructor will discuss introduce and discuss all six Domain 5 exam objectives including identify management, authentication, federation, access control models, techniques and the provisioning lifecycle.
  • Attendees will participate in an interactive domain assessment.

Segment 3: Domain 6 Security Assessment and Testing (30 minutes)

  • Instructor will discuss introduce and discuss all five Domain 6 exam objectives including planning, conducting, and managing security assessments, collecting process data, metric, and facilitating audits.
  • Attendees will participate in an interactive domain assessment.

Segment 4: Domain 7 Security Operations (60 minutes)

  • Instructor will discuss introduce and discuss all fifteen Domain 7 exam objectives including the role of security operations, configuration and change control, logging and monitoring, vulnerability and patch management, evidence collection and forensics, incident management, disaster recovery and business continuity planning and preparation.
  • Attendees will participate in an interactive domain assessment.

Segment 5: Domain 8 Software Development Security (45 minutes)

  • Instructor will discuss introduce and discuss all five Domain 8 exam objectives including secure software development, source code assessment, the impact of acquired software, and securing coding guidelines and standards.
  • Attendees will participate in an interactive domain assessment.

Segment 6: Preparing for Test Day (10 minutes)

  • Instructor will share strategies for getting ready for test day, what to expect at the testing center, tried and true test taking strategies, and how to maintain your CISSP certification.