||: 3 Day - Face-To-Face Intructor
||: Available upon request (Write
to us at
||: TLC (Karachi), Customer Onsite,
||: Online workshop are delivered
in six days, two units each day between 11 am to 1 pm and 3 pm to 5 pm
||: Comprehensive Student Guide and
Customer onsite workshop can also
be conducted for customers in Lahore, and Islamabad
training course provides delegates with a theory-based approach to learning
the security process. The course is centered around teaching the fundamental
domains of Information Security. These eight domains provide delegates
with all the information they require to obtain a comprehensive understanding
of Information Security and pass the CISSP exam. Despite being a theory-based
course, the CISSP certification trains individuals to practically apply
what they have learnt. This CISSP course gives delegates skills which are
desirable in any company, and so this qualification can help individuals
stand out in a competitive market.
is designed for this purpose, as well as to provide the insight into the
importance of cybersecurity risk management framework covering 8 comprehensive
a CISSP certified, you must have a minimum of five-year cumulative paid
work experience in two or more of the eight domains of the CISSP.
Business, application, audit, risk,
compliance, infoSec and CyberSec Professionals, project managers, IT operations,
Enterprise Architectures, and legal professionals with a familiarity of
basic IT/IS concepts.
Within any organization, system security
is crucial, and it is becoming clear that organizations require better
means to combat malicious cyber-attacks, as they increasingly become more
and more advanced and difficult to manage. As such, businesses require
trained staff who have an up-to-date understanding of the latest threats
to information system security.
CISSP Certification Benefits
A CISSP certification is exceedingly
credible and an enviable addition to your CV. This is because this highly
regarded credential is exactly what organizations look for when searching
for an Information Security Professional. Therefore, CISSP certification
holders can benefit from:
Great job prospects - CISSP is the most
prestigious Information Systems Security certification and will help you
stand out in a competitive market of IT Security Professionals. CISSP Professionals
have deep technical knowledge and skill.
A CISSP certification is often asked
for in job descriptions - it is considered a basic requirement because
CISSP training covers all that is required to prepare security professionals
to address any security threat.
Demonstrate that you are committed to
All organizations have IT systems and
so Information System Security Professionals are constantly in demand and
there are a number of job opportunities available.
Enter into a career that is considered
to be one of the most stable in the IT industry.
The training course flow will be
a mix of lectures & classroom discussions and videos so that participants
can have a detailed understanding of various components and technologies
discussed in 8 domains.
ABOUT THE INSTRUCTOR
This workshop shall be delivered
by TOGAF 9 Certified/IBM Certfied Infrastructure System Architect and an
experienced trainer with 25+ years of career experience imparting education
and training services both locally and internationally and have worked
for international enterprise technology vendors including IBM, Fujitsu,
and ICL. Our instructor holds various industry professional certifications
in the space of enterprise servers and storage technologies, Information
Security, Enterprise Architecture, ITIL, Cloud, Virtualization, Green IT,
and a co-author of 10 IBM Redbooks.
|Domain 1 – Security and Risk
Domain 2 – Asset Security
1.1: Understand and apply concepts of
confidentiality, integrity and availability.
1.2: Evaluate and apply security governance
1.3: Determine compliance requirements.
1.4: Understand legal and regulatory
issues that pertain to information security in a global context.
1.5: Understand, adhere to, and promote
1.6: Develop, document, and implement
security policy, standards, procedures and guidelines.
1.7: Identify, analyze, and prioritize
Business Continuity requirements
1.8: Contribute to and enforce personnel
security policies and procedures.
1.9: Understand and apply risk management
1.10: Understand and apply threat modeling
concepts and methodologies.
1.11: Apply risk-based management concepts
to the supply chain.
1.12: Establish and maintain a security
awareness, education, and training program.
Domain 3 – Security Architecture
2.1: Identify and classify information
2.2: Determine and maintain information
& asset ownership.
2.3: Protect privacy.
2.4: Ensure appropriate asset retention.
2.5: Determine data security controls.
2.6: Establish information and asset
Domain 4 - Communication and Network
3.1: Implement and manage engineering
processes using secure design principles.
3.2: Understand the fundamental concepts
of security models.
3.3: Select control based upon systems
3.4: Understand the security capabilities
of information systems.
3.5: Assess and mitigate the vulnerabilities
of security architectures, design and solution elements.
3.6: Access and mitigate vulnerabilities
in web-based systems.
3.6: Access and mitigate vulnerabilities
in web-based systems.
3.7: Assess and mitigate vulnerabilities
in mobile systems.
3.8: Assess and mitigate vulnerabilities
in embedded devices.
3.9: Apply cryptography.
3.10: Apply security principles to site
and facility design.
3.11: Implement site and facility security
4.1: Implement secure design principles
in network architecture.
4.2: Secure network components.
4.3: Implement secure communication
channels according to design.
|Domain 5 - Identity and Access
Domain 6 - Security Assessment and
5.1: Control physical and logical access
5.2: Manage identification and authentication
of people, devices and services.
5.3: Integrate identity as a third-party
5.4: Implement and manage authorization
5.5: Manage the identity and access
Domain 7 – Security Operations
6.1: Design and validate assessment,
test and audit strategies.
6.2: Conduct security control testing.
6.3: Collect security process data.
6.4: Analyze test output and generate
6.5: Conduct and facilitate security
Domain 8 - Software Development Security
7.1: Understand and support investigations.
7.2: Understand the requirements for
different types of investigations.
7.3: Conduct logging and monitoring
7.4: Securely provision resources.
7.5: Understand and apply foundational
security operations concepts.
7.6: Apply resource protection techniques.
7.7: Conduct incident management.
7.8: Operate and maintain detective
and preventative measure.
7.9: Implement and support patch and
7.10: Understand and participate in
change management processes.
7.11: Implement recovery strategies.
7.12: Implement disaster recovery processes.
7.13: Test disaster recovery plans –
7.14: Participate in business continuity
planning and exercises.
7.15: Implement and manage physical
7.16: Address personal safety and security
8.1: Understand and apply security in
the software development lifecycle.
8.2: Enforce security controls in development
8.3: Assess the effectiveness of software
8.4: Assess security impact of acquired
8.5: Define and apply secure coding
guidelines and standards.