O'Reilly logo
live online training icon Live Online training

CISSP exam preparation

Deploying a security engineering practice for the 8 domains

Topic: Web Platform
Dean Bushmiller

CISSP is the gold standard of vendor-neutral cybersecurity certifications. If your organization is subject to PCI, GDPR, HIPAA, SOX, ISO 27001, or similar regulations, you need the CISSP certification to understand cybersecurity from a management viewpoint.

Many people try to brute-force the exam but fail because it requires finesse, a CISSP management way of thinking, and a clear study plan. Systems security engineering is a multidisciplinary approach in the engineering of trustworthy security systems. Join expert Dean Bushmiller to explore each of the eight CISSP domains and learn how to find the business security flaws and failures of your organization’s system development lifecycle and project management.

This is the third in a series of four courses on CISSP exam preparation, preceded by Practicing the CISO Skill Set Using Case-based Learning and followed by Applying Cybersecurity Best Practices in Every Domain.

What you'll learn-and how you can apply it

By the end of this live online course, you’ll understand:

  • How to process articles via case-based best practices and how to process 15%–20% of all cybersecurity business questions
  • How to recognize what a CISSP exam question is asking
  • How to manage your organization’s cybersecurity

And you’ll be able to: - Avoid cybersecurity technical brute-force traps - Build a plan for growing your managerial decision-making process - Write CISSP case solutions

This training course is for you because...

This course is for you because…

  • You need to prepare for CISSP certification.
  • You’re moving from a security support role to a management position.
  • You’re a security designer, administrator, or engineer.
  • You need to maintain your continuing professional education (CPE) or continuing education unit (CEU).
  • You’re a security consultant, analyst, manager, or auditor.

Prerequisites

Prerequisites: - A basic understanding of (ISC)2’s CISSP requirements of certification 4–6 years in information system security and 1–2 years in each domain of the CISSP (per CISSP exam requirements)

Recommended preparation: - Download worksheets, cases, and mind maps - Explore CISSP Security Engineering View (expert playlist from Dean Bushmiller) - Take CISSP Exam Preparation: Building a Practice of Mapping Threats to Controls (live online training course with Dean Bushmiller) - Take CISSP Exam Preparation: Practicing the CISO Skill Set Using Case-Based Learning (live online training course with Dean Bushmiller)

Recommended follow-up: - Take CISSP Exam Preparation: Applying Cybersecurity Best Practices in Every Domain (live online training course with Dean Bushmiller)

About your instructor

  • Dean Bushmiller has taught the CISSP for 15 years, with a lifetime instructor approval rating of over 90%. He’s a leader of cybersecurity subject-matter experts and has over 1,000 hours of recorded training. He built the CISSP Mind Map workbooks and hosts a free weekly discussion on cybersecurity at Expandingsecurity.com. Dean has held the following certifications: CISSP, CFR, CVLP, CEH, ISSMP, CRISC, ISSAP, CCSK, CCSP, Exin Cloud, CHFI, CASP, GSEC, CCNA, MCSE 2K Charter, MCDBA, MCSA, MCP, MCT, CISM, PLCOP, PLA, PLCT, AWR-138-W, Cloud+, CEI, LPIC-1, and Security+. Though Dean is nonmilitary, he’s had the honor to train the US military since 1999; in recognition for outstanding service in the information assurance field, he’s received eight mission coins.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Day 1

Lifecycle process (30 minutes)

  • Lecture: Why you should listen; systems security engineering lifecycle process
  • Hands-on exercise: Navigate shared content on O’Reilly online learning
  • Q&A

Break (5 minutes)

Systems development lifecycle (SDLC) (30 minutes) - Lecture: Layers of traditional SDLC - Layers of security engineering

Break (5 minutes)

Organizational project-enabling processes (OPEP) (50 minutes) - Lecture: OPEP - Hands-on exercise: Identify the OPEP

Break (5 minutes)

Technical management processes (TMP) (50 minutes) - Lecture: TMP - Hands-on exercise: Identify the TMP

Break (5 minutes)

Technical processes (TP) (30 minutes) - Lecture: TP

Break (5 minutes)

Preparation (25 minutes) - Lecture: Domains and subtopics - Q&A

Day 2

TMP and TM (15 minutes)

  • Lecture: Review; focus on TMP and TM

Activity 1 (25 minutes) - Hands-on exercise: Determine layers and processes, what must change, and how to fix an organization and a project

Break (5 minutes)

Activity 2 (25 minutes) - Hands-on exercise: Determine layers and processes, what must change, and how to fix an organization and a project

Break (5 minutes)

Activity 3 (25 minutes) - Hands-on exercise: Determine layers and processes, what must change, and how to fix an organization and a project

Break (5 minutes)

Activity 4 (25 minutes) - Hands-on exercise: Determine layers and processes, what must change, and how to fix an organization and a project

Break (5 minutes)

Activity 5 (25 minutes) - Hands-on exercise: Determine layers and processes, what must change, and how to fix an organization and a project

Break (5 minutes)

Activity 6 (25 minutes) - Hands-on exercise: Determine layers and processes, what must change, and how to fix an organization and a project

The Phoenix project (30 minutes) - Lecture: The Phoenix project solution

Wrap-up and Q&A (20 minutes)