Explore our course

Key features

MONEY BACK GUARANTEE

How this works :

At Simplilearn, we greatly value the trust of our patrons. Our courses were designed to deliver an effective learning experience, and have helped over half a million find their professional calling. But if you feel your course is not to your liking, we offer a 7-day money-back guarantee. Just send us a refund request within 7 days of purchase, and we will refund 100% of your payment, no questions asked!

For Instructor Led Training :

Raise refund request within 7 days of commencement of the first batch you are eligible to attend. Money back guarantee is void if the participant has accessed more than 25% content of an e-learning course or has attended Online Classrooms for more than 1 day.
  • 32 hours of instructor-led training
  • 32 hours of self-paced videos
  • 5 simulation exams (250 questions each) for practice
  • Offers the requisite 30 CPEs for taking the CISSP examination
  • 8 domain-specific test papers (10 questions each) to prepare you for CISSP certification

Course description

  • What’s the focus of this course?

    Simplilearn’s CISSP certification training is aligned to the (ISC) ² CBK 2015 and trains you in the industry’s latest best practices, which will help you ace the exam in the first attempt. The certification helps you develop the expertise in defining the architecture, in designing, building, and maintaining a secure business environment for your organization using globally approved Information Security standards.

  • What are the course objectives?

    By the end of this training, you will:
    • Be able to define the architecture, and design and manage the security of your organization.
    • Acquire the relevant knowledge and skills required to clear the CISSP certification exam.
    • Earn the requisite 30 CPEs required to take up the CISSP certification exam.
    • Develop working knowledge in the 8 domains areas prescribed by the CISSP Common Book of Knowledge, 2015.

  • Who should take this course?

    The CISSP certification is a globally recognized professional requirement in the IT Security domain. This certification is best-suited for:
    • Security Consultants/Managers
    • IT Directors/Managers
    • Security Auditors/Architects
    • Security Systems Engineers
    • Chief Information Security Officers
    • Network Architects

Course preview

  • CISSP® - Certified Information Systems Security Professional
    • Domain 00 - Introduction 14:53
      • 1 CISSP®—Introduction01:06
      • 2 Objectives00:20
      • 3 CISSP®01:19
      • 4 (ISC)²®00:58
      • 5 CISSP® Domains02:47
      • 6 Benefits of CISSP® for Professionals01:01
      • 7 Benefits of CISSP® for Employers01:06
      • 8 CISSP® Certification Requirements00:42
      • 9 CISSP® Certification Requirements (contd.)00:21
      • 10 CISSP® Certification Requirements (contd.)00:57
      • 11 CISSP® Certification Requirements (contd.)01:05
      • 12 CISSP® Examination02:36
      • 13 CISSP® Examination (contd.)00:30
      • 14 Conclusion00:05
    • Domain 01 - Security and Risk Management 2:12:33
      • 1 Domain 01—Security and Risk Management00:10
      • 2 Objectives00:32
      • 3 Importance of Information Security and Risk Management01:03
      • 4 Role and Importance of CIA in ISM01:07
      • 5 Confidentiality01:51
      • 6 Integrity01:32
      • 7 Availability00:57
      • 8 Information Security00:33
      • 9 Information Security Management00:26
      • 10 Information Security Governance01:06
      • 11 IT Security and Organizational Goals, Mission, and Objectives00:29
      • 12 Goals, Mission, and Objectives01:55
      • 13 Aligning Security with Goals, Mission, and Objectives00:41
      • 14 Business Scenario01:14
      • 15 Organizational Processes01:28
      • 16 Auditing00:21
      • 17 Control Framework00:40
      • 18 Due Care00:31
      • 19 Due Diligence00:28
      • 20 Security Controls00:49
      • 21 Service Level Agreements00:58
      • 22 Managing Third - Party Governance02:23
      • 23 Offshoring Privacy Requirements and Compliance01:07
      • 24 Business Scenario00:52
      • 25 Layers of Responsibility01:03
      • 26 Security Policies01:31
      • 27 Types of Security Policies01:35
      • 28 Security Policy Implementation02:07
      • 29 Policy Chart01:08
      • 30 Standards, Guidelines, Procedures, and Baselines02:07
      • 31 Business Scenario00:30
      • 32 Compliance—Need for Compliance01:23
      • 33 Regulatory Compliance00:45
      • 34 Compliance00:39
      • 35 Compliance (contd.)00:57
      • 36 Compliance (contd.)00:48
      • 37 Standards/Manuals/Guidelines for Compliance01:09
      • 38 Computer Crimes00:27
      • 39 Introduction to Computer Crimes00:54
      • 40 Categories of Computer Crimes02:28
      • 41 Business Scenario00:51
      • 42 Major Legal Systems00:45
      • 43 Common Law and Civil Law01:42
      • 44 Customary Law and Religious Law01:44
      • 45 Mixed Law00:28
      • 46 Business Scenario00:36
      • 47 Introduction to Intellectual Property (IP) Law01:01
      • 48 Types of Intellectual Property (IP) Law01:51
      • 49 Types of Intellectual Property (IP) Law (contd.)01:44
      • 50 Types of Intellectual Property (IP) Law (contd.)01:00
      • 51 Business Scenario00:39
      • 52 Import or Export Controls and Trans - Border Data Flow01:10
      • 53 Introduction to Privacy01:59
      • 54 U.S. Privacy Laws01:14
      • 55 U.S. Privacy Laws (contd.)01:21
      • 56 U.S. Guidelines for Managing Privacy01:41
      • 57 EU Council Directive (Law) on Data Protection01:18
      • 58 The U.S.-European Union Safe Harbor05:44
      • 59 Security Definitions02:40
      • 60 Information Risk Management01:09
      • 61 Business Scenario00:54
      • 62 Introduction to Risk Analysis01:06
      • 63 Goals of Risk Analysis00:26
      • 64 Risk Analysis Team00:54
      • 65 Steps for Risk Analysis00:50
      • 66 Information and Assets Valuation01:16
      • 67 Risk Analysis Types00:41
      • 68 Quantitative Risk Analysis—Steps01:47
      • 69 Quantitative Risk Analysis—Problem00:39
      • 70 Qualitative Risk Analysis01:10
      • 71 Delphi Technique01:04
      • 72 Quantitative vs.Qualitative00:29
      • 73 Hybrid Analysis00:45
      • 74 Countermeasure Selection—Problem00:56
      • 75 Countermeasure Selection—Other Factors00:57
      • 76 Handling Risk01:39
      • 77 Business Scenario00:51
      • 78 Threat Modeling00:59
      • 79 Need for Business Continuity Planning00:55
      • 80 Basic Concepts—Disruptive Events02:26
      • 81 Basic Concepts—Business Continuity Planning00:47
      • 82 Importance of Business Continuity Planning00:31
      • 83 Business Continuity Planning Phases00:53
      • 84 BCP/DRP Phase 1—Project Initiation and Scoping02:54
      • 85 BCP/DRP Phase 2—Business Impact Analysis (BIA)01:11
      • 86 BIA—Goals01:20
      • 87 BIA—Steps03:32
      • 88 BIA Steps—Business Unit Level01:07
      • 89 Maximum Tolerable Downtime (MTD)01:46
      • 90 Failure and Recovery Metrics02:52
      • 91 Failure and Recovery Metrics (contd.)01:46
      • 92 Stages of Failure and Recovery00:52
      • 93 BCP/DRP Phase 3—Identify Preventive Controls01:19
      • 94 Importance of Managing Personnel Security00:51
      • 95 Managing Personnel Security—Hiring Practices00:54
      • 96 Managing Personnel Security—Employee Termination00:47
      • 97 Vendor, Contractors, and Consultant Controls00:47
      • 98 Best Work Practices01:44
      • 99 Business Scenario00:48
      • 100 Importance of Security Awareness Training00:54
      • 101 Security Awareness Training: Awareness, Training, and Education01:28
      • 102 Implementation of Security Awareness Training Program00:38
      • 103 Importance of Content Updates00:23
      • 104 Importance of Managing Security Function00:53
      • 105 Best Practices—Budget and Establish Security Metrics01:28
      • 106 Best Practices—Resources and Develop and Implement Strategies01:23
      • 107 Best Practices—Completeness and Effectiveness of the Program00:25
      • 108 Business Scenario00:44
      • 109 (ISC)² Code of Ethics02:31
      • 110 Quiz
      • 111 Summary00:54
      • 112 Conclusion00:06
    • Domain 02 - Asset Security 58:26
      • 1 Domain 02 Asset Security00:13
      • 2 Objectives00:28
      • 3 Importance of Asset Security00:39
      • 4 Need for Information Classification01:12
      • 5 Information Classification Objectives00:56
      • 6 Government or Military Sector Classification01:33
      • 7 Commercial or Private Sector Classification01:50
      • 8 Information Classification Criteria01:52
      • 9 Data Classification Considerations00:47
      • 10 Role Responsible for Data Classification00:51
      • 11 Business Scenario00:37
      • 12 Data Management00:53
      • 13 Best Practices for Data Management00:54
      • 14 Data Policy01:14
      • 15 Data Ownership00:54
      • 16 Data Ownership Best Practices00:45
      • 17 Data Custodians01:15
      • 18 Data Custodians (contd.)00:33
      • 19 Data Quality01:09
      • 20 Data Quality—Aspects00:32
      • 21 Data Quality Assurance and Quality Control00:49
      • 22 Data Documentation00:44
      • 23 Data Documentation Practices01:28
      • 24 Data Standards00:58
      • 25 Data Control Lifecycle00:33
      • 26 Data Specification and Modeling00:37
      • 27 Database Maintenance00:38
      • 28 Data Audit00:41
      • 29 Data Storage and Archiving00:59
      • 30 Data Security00:58
      • 31 Data Access, Sharing, and Dissemination00:56
      • 32 Data Publishing00:32
      • 33 Data Handling Requirements01:25
      • 34 Media Resource Protection03:32
      • 35 Data Remanence01:51
      • 36 Business Scenario00:45
      • 37 Asset Management01:17
      • 38 Software Licensing00:45
      • 39 Equipment Lifecycle01:00
      • 40 Protecting Privacy02:06
      • 41 Ensuring Appropriate Retention01:06
      • 42 Data Security Controls01:36
      • 43 Data in Transit—Best Practices01:11
      • 44 Scoping and Tailoring00:52
      • 45 Scoping and Tailoring (contd.)01:02
      • 46 Standards Selection—US DoD02:10
      • 47 Standards Selection—International Standards01:45
      • 48 Standards Selection National Cyber Security Framework Manual00:48
      • 49 Standards Selection Center for Strategic and International Studies01:00
      • 50 Standards Selection Critical Security Controls01:23
      • 51 Standards Selection Security Content Automation Protocol01:19
      • 52 Framework for Improving Critical Infrastructure Cybersecurity01:04
      • 53 Business Scenario00:38
      • 54 Quiz
      • 55 Summary00:44
      • 56 Conclusion00:07
    • Domain 03 - Security Engineering 2:48:47
      • 1 Domain 03 Security Engineering00:14
      • 2 Objectives00:23
      • 3 Security Architecture and Design - Case Study00:42
      • 4 Security Engineering00:31
      • 5 Architecture Framework01:29
      • 6 Zachman Framework01:11
      • 7 TOGAF00:45
      • 8 ITIL01:32
      • 9 Creating a Security Architecture03:00
      • 10 Enterprise Security Architecture02:06
      • 11 Common Security Services in ESA01:29
      • 12 SABSA Framework00:58
      • 13 SABSA Matrix04:01
      • 14 Business Scenario00:41
      • 15 ISO/IEC 27001:2013 Security Standards01:08
      • 16 ISO/IEC 27002 Code of Practice for Information Security Management01:37
      • 17 Security Models01:06
      • 18 State Machine Model00:24
      • 19 Multilevel Security Models01:07
      • 20 Matrix-Based Model00:48
      • 21 Non-Interference Model00:57
      • 22 Information flow model00:40
      • 23 Examples of Security Models: Bell–LaPadula Confidentiality Model02:13
      • 24 Examples of Security Models: Biba Integrity Model01:26
      • 25 Examples of Security Models: Clark–Wilson integrity model01:13
      • 26 Brewer Nash, Graham Denning, and Harrison Ruzzo Ullman models01:15
      • 27 Business Scenario00:34
      • 28 Evaluation Criteria01:04
      • 29 CSEC02:20
      • 30 Information Technology Security Evaluation Criteria01:20
      • 31 Common Criteria01:15
      • 32 Common Criteria Evaluation Process00:50
      • 33 Common Criteria Levels01:23
      • 34 Payment Card Industry Data Security Standard00:51
      • 35 Certification and Accreditation00:36
      • 36 Certification and Accreditation Standards01:33
      • 37 SEI—CMMI01:49
      • 38 SEI—CMMI Levels00:46
      • 39 Business Scenario01:11
      • 40 System Security Architecture01:19
      • 41 Mainframes and Other Thin Client Systems01:40
      • 42 Middleware and Embedded Systems00:23
      • 43 Pervasive Computing and Mobile Computing Devices00:15
      • 44 System Components Processors01:08
      • 45 System Components Memory00:51
      • 46 System Components Storage00:17
      • 47 System Components Trusted Computing Base (TCB)00:23
      • 48 System Components Reference Monitor00:29
      • 49 System Components—Trusted Platform Module (TPM)00:38
      • 50 System Components Peripherals and Other Input/Output Devices00:42
      • 51 System Components Operating System00:40
      • 52 System Components Ring Model00:34
      • 53 System Components System Kernel00:54
      • 54 Distributed Systems00:34
      • 55 Virtualization00:28
      • 56 Hypervisor00:45
      • 57 Cloud Computing00:10
      • 58 Service models01:15
      • 59 Grid Computing00:12
      • 60 Peer to Peer Networking (P2P)00:20
      • 61 Business Scenario00:56
      • 62 Security Threats and Countermeasures00:22
      • 63 Assessing and Mitigating Vulnerabilities and Threats01:30
      • 64 Assessing and Mitigating Vulnerabilities and Threats (contd.)00:54
      • 65 Assessing and Mitigating Vulnerabilities and Threats (contd.)01:05
      • 66 Best Practices00:45
      • 67 Best Practices (contd.)00:30
      • 68 Best Practices Techniques and Technologies00:59
      • 69 Best Practices Techniques and Technologies (contd.)00:30
      • 70 Best Practices Techniques and Technologies (contd.)00:24
      • 71 Best Practices Techniques and Technologies (contd.)00:37
      • 72 Best Practices Techniques and Technologies (contd.)00:42
      • 73 Introduction to Cryptography02:40
      • 74 Cryptographic Lifecycle00:56
      • 75 Algorithm or Protocol Governance00:52
      • 76 Cryptography Terms02:45
      • 77 Strength of a Cryptosystem01:29
      • 78 Cryptography Methods Substitution Cipher01:31
      • 79 Cryptography Methods Transposition Cipher00:24
      • 80 Cryptography Methods Book or Running Key Cipher01:09
      • 81 Cryptography Methods Concealment Cipher00:43
      • 82 Cryptography Methods Steganography and DRM01:19
      • 83 Business Scenario00:36
      • 84 Introduction to Symmetric Cryptography02:01
      • 85 Symmetric Key Ciphers01:16
      • 86 Block Cipher00:47
      • 87 Stream Cipher02:02
      • 88 Block Cipher Designs00:41
      • 89 Data Encryption Standard (DES)01:33
      • 90 DES Algorithm01:35
      • 91 DES Operation Modes Electronic Code Book01:01
      • 92 DES Operation Modes Cipher Block Chaining01:07
      • 93 DES Operation Modes Cipher Feed Back01:22
      • 94 DES Operation Modes Output Feed Back00:44
      • 95 DES Operation Modes—Counter01:01
      • 96 Triple DES01:46
      • 97 Advanced Encryption Standard (AES)01:17
      • 98 AES Algorithm00:14
      • 99 AES Algorithm Key Expansion and Initial Round00:15
      • 100 Advanced Encryption Standard (AES) Algorithm—Rounds02:01
      • 101 AES Algorithm Final Round00:08
      • 102 Other Symmetric Systems01:54
      • 103 Other Symmetric Systems (contd.)01:11
      • 104 Business Scenario00:43
      • 105 Introduction to Asymmetric Cryptography02:07
      • 106 Introduction to Asymmetric Cryptography Diagram00:09
      • 107 Introduction to RSA Algorithm00:54
      • 108 RSA Algorithm Process01:20
      • 109 Other Types of Asymmetric Cryptography Elliptic Curve Cryptosystems01:02
      • 110 Other Types of Asymmetric Cryptography Diffie-Hellman Key Exchange00:35
      • 111 Public Key Cryptography01:25
      • 112 Symmetric vs. Asymmetric Cryptography02:45
      • 113 Advantages and Disadvantages00:54
      • 114 Introduction to Public Key Infrastructure02:15
      • 115 PKI Certification01:48
      • 116 PKI Certification (contd.)00:33
      • 117 PKI Steps—Part 100:44
      • 118 PKI Steps—Part 200:58
      • 119 One-Way Hash01:13
      • 120 Hashing Algorithms02:09
      • 121 Hashing Algorithms (contd.)01:41
      • 122 Salting00:34
      • 123 Message Authentication Code (MAC)01:50
      • 124 Digital Signatures01:15
      • 125 Key Management01:30
      • 126 Key Management Principles01:50
      • 127 Escrowed Encryption02:44
      • 128 Business Scenario00:58
      • 129 Need for Physical and Environmental Security01:50
      • 130 Business Scenario01:02
      • 131 Site and Facility Design Criteria02:27
      • 132 Information Protection Environment00:53
      • 133 Crime Prevention Through Environmental Design (CPTED)01:02
      • 134 Site Location01:38
      • 135 Construction01:08
      • 136 Support Facilities01:46
      • 137 Business Scenario00:51
      • 138 Secure Operational Areas03:15
      • 139 Business Scenario00:49
      • 140 Environmental Controls00:21
      • 141 Environmental Controls (Contd.)01:05
      • 142 Fire Detection and Suppression00:44
      • 143 Power Supply02:03
      • 144 Power Supply (contd.)00:57
      • 145 HVAC00:43
      • 146 Training and Awareness00:23
      • 147 Business Scenario01:00
      • 148 Quiz
      • 149 Summary00:48
      • 150 Conclusion00:07
    • Domain 04 - Communications and Network Security 2:07:22
      • 1 Domain 04—Communications and Network Security00:15
      • 2 Objectives00:27
      • 3 Importance of Communications and Network Security—Case Study00:39
      • 4 Introduction to Secure Network Architecture and Design00:26
      • 5 Open Systems Interconnection03:43
      • 6 OSI Model Layers01:15
      • 7 Physical Layer01:09
      • 8 Data Link Layer01:18
      • 9 Network Layer00:49
      • 10 Transport Layer01:01
      • 11 Session Layer00:52
      • 12 Presentation Layer01:16
      • 13 Application Layer00:47
      • 14 Transmission Control Protocol/Internet Protocol (TCP/IP) Model01:08
      • 15 Network Access Layer and Internet Layer01:08
      • 16 Host-to-Host Layer and Application Layer01:10
      • 17 Comparison of OSI and TCP/IP Models01:17
      • 18 Introduction to IP Addressing00:48
      • 19 IPv4 and IPv602:35
      • 20 Classful IP Addressing00:38
      • 21 Class A00:31
      • 22 Class B00:30
      • 23 Class C00:27
      • 24 Class D and Class E00:30
      • 25 Classless Inter-Domain Routing02:41
      • 26 Private Networks and Loopback Address01:42
      • 27 Types of IP Addressing01:15
      • 28 Routed and Routing Protocols01:56
      • 29 Types of Network Protocols00:15
      • 30 Transmission Control Protocol (TCP)01:06
      • 31 User Datagram Protocol (UDP)00:46
      • 32 Internet Protocol00:20
      • 33 Address Resolution Protocol01:37
      • 34 Internet Control Message Protocol (ICMP)00:29
      • 35 Hypertext Transfer Protocol (HTTP)01:56
      • 36 Implications of Multi-Layer Protocols00:53
      • 37 Distributed Network Protocol01:07
      • 38 LAN/Network Technologies04:14
      • 39 Transmission Media00:26
      • 40 Twisted Pair02:00
      • 41 Coaxial Cable Box01:45
      • 42 Fiber-Optic Cable Box01:42
      • 43 Network Topologies01:52
      • 44 Media Access Technologies00:46
      • 45 Carrier-Sense Multiple Access with Collision Detection01:20
      • 46 Carrier-Sense Multiple Access with Collision Avoidance01:04
      • 47 Flavors of LAN transmission methods00:30
      • 48 List of Networking Devices02:33
      • 49 VLANs02:08
      • 50 Gateways01:03
      • 51 Network Access Control Devices00:38
      • 52 Packet-Filtering and Application-Level02:40
      • 53 Circuit-Level and Stateful-Inspection01:39
      • 54 Firewall Architectures02:37
      • 55 Network Security Terms01:51
      • 56 Business Scenario00:26
      • 57 Networks01:09
      • 58 Types of Networks01:09
      • 59 WAN Technologies01:11
      • 60 WAN Switching and Devices01:55
      • 61 Network Address Translation and Frame Relay01:36
      • 62 Multi-Protocol Label Switching and VoIP00:58
      • 63 Fiber Channel over Ethernet and Internet Small Computer System Interface01:05
      • 64 Virtualized Networks01:02
      • 65 Introduction to Remote Access00:45
      • 66 VPN using PPTP and L2TP01:44
      • 67 Internet Security Protocol (IPsec)01:06
      • 68 Internet Security Protocol (IPsec) Modes of Operation01:47
      • 69 IPsec Security Protocols—Authentication Header (AH)02:44
      • 70 IPsec Security Protocols—Encapsulating Security Payload (ESP)01:26
      • 71 Components of the IPsec Process01:28
      • 72 Components of the IPsec Process (contd.)01:18
      • 73 IPsec Process00:59
      • 74 Secure Access Protocols02:49
      • 75 Secure Access Protocols (contd.)02:10
      • 76 Secure Access Protocols (contd.)01:03
      • 77 Remote Access Security Methods00:32
      • 78 Multimedia Collaboration00:52
      • 79 Wireless Technologies00:29
      • 80 IEEE Wireless Standards and Spread-Spectrum Technologies01:17
      • 81 Direct Sequence Spread Spectrum and Frequency-Hopping Spread Spectrum01:20
      • 82 WLAN Operational Modes01:30
      • 83 Bluetooth01:37
      • 84 Bluetooth Attack00:15
      • 85 Blue Jacking and Blue Snarfing01:09
      • 86 Blue Bugging, Backdoor Attacks, and Denial of Service Attacks01:03
      • 87 Wireless Security06:29
      • 88 Business Scenario00:49
      • 89 Network Attacks02:33
      • 90 Network Attacks (contd.)02:17
      • 91 Network Attacks—Countermeasures03:02
      • 92 Quiz
      • 93 Summary00:40
      • 94 Conclusion00:08
    • Domain 05 - Identity and Access Management 1:32:26
      • 1 Domain 05—Identity and Access Management00:15
      • 2 Objectives00:31
      • 3 Importance of Identity and Access Management in Information Security00:59
      • 4 Controlling Physical and Logical Access to Assets01:23
      • 5 Controlling Physical and Logical Access to Assets (contd.)01:51
      • 6 Access Subject Object and Access controls01:13
      • 7 Identity and Access Management Policy00:47
      • 8 Identification Authentication and Authorization01:21
      • 9 Identity Management00:32
      • 10 Identity and Access Provisioning Lifecycle01:28
      • 11 Identity and Access Provisioning Lifecycle (contd.)00:48
      • 12 Guidelines for User Identification00:53
      • 13 Verifying Identification Information01:41
      • 14 Strong Authentication01:26
      • 15 Biometrics—Characteristics02:11
      • 16 Types of Biometrics01:42
      • 17 FRR FAR CER02:04
      • 18 Passwords01:15
      • 19 Password Types01:43
      • 20 Tokens00:30
      • 21 Token Device—Synchronous00:48
      • 22 Token Device—Asynchronous00:40
      • 23 Memory Cards and Smart Cards01:39
      • 24 Attacks on Smart Cards—Fault Generation and Micro-Probing02:08
      • 25 Access Criteria02:04
      • 26 Authorization Concepts02:22
      • 27 Identity Management Implementation00:31
      • 28 Password Management02:02
      • 29 Directory Management01:05
      • 30 Directory Technologies01:35
      • 31 Accounts Management01:16
      • 32 Profile Management00:49
      • 33 Web Access Management00:30
      • 34 Single Sign-On (SSO)01:49
      • 35 SSO Technologies01:01
      • 36 Kerberos02:41
      • 37 Kerberos Steps01:35
      • 38 Problems with Kerberos00:54
      • 39 Business Scenario01:01
      • 40 Access Control Types—Security Layer01:17
      • 41 Access Control Types—Functionality01:39
      • 42 Business Scenario00:24
      • 43 Access Control Models—DAC01:00
      • 44 Access Control Models—MAC01:00
      • 45 Access Control Models—RBAC00:51
      • 46 Business Scenario00:28
      • 47 Access Control Concepts03:12
      • 48 Types of Access Control Administration02:19
      • 49 Remote Authentication Dial-In User Service (RADIUS)01:50
      • 50 TACACS and TACACS+00:56
      • 51 DIAMETER00:58
      • 52 Accountability01:43
      • 53 Accountability (contd.)00:40
      • 54 Session Management00:56
      • 55 Registration and Proof of Identity00:42
      • 56 Credential Management Systems00:47
      • 57 Credential Management Systems—Risks and benefits00:42
      • 58 Federated Identity Management00:45
      • 59 Federated Identity Management Models00:51
      • 60 Federated Identity Management Models (contd.)01:06
      • 61 Federated Identity Management Models (contd.)00:48
      • 62 Identity as a Service00:44
      • 63 Identity as a Service—Functionality01:53
      • 64 Identity as a Service—Possible Issues01:07
      • 65 Integrate Third-Party Identity Services01:05
      • 66 Integrate Third-Party Identity Services (contd.)00:49
      • 67 Unauthorized Disclosure of Information03:37
      • 68 Threats to Access Control04:27
      • 69 Protection against Access Control Attacks00:39
      • 70 Access Control Best Practices00:53
      • 71 Access Control Best Practices (contd.)00:29
      • 72 Quiz
      • 73 Summary00:39
      • 74 Conclusion00:07
    • Domain 06 - Security Assessment and Testing 46:04
      • 1 Domain 06—Security Assessment and Testing00:14
      • 2 Objectives00:25
      • 3 Security Assessment and Testing—Introduction00:36
      • 4 Assessment and Test Strategies00:48
      • 5 Vulnerability Assessment01:04
      • 6 Penetration Testing01:18
      • 7 Log Management01:14
      • 8 Log Management—Advantages and Challenges00:44
      • 9 Log Management—Best Practices00:48
      • 10 Log Management—Operational Process00:40
      • 11 Logged Events00:27
      • 12 Synthetic Transactions00:59
      • 13 Reasons to Use Synthetic Transactions00:51
      • 14 Code Review and Testing00:49
      • 15 Testing Techniques01:16
      • 16 Security Testing in the SDLC01:55
      • 17 Software Product Testing Levels01:05
      • 18 Misuse Case Testing00:37
      • 19 Misuse Case Testing—Scenarios01:19
      • 20 Test Coverage Analysis00:38
      • 21 Interface Testing00:35
      • 22 API Testing (contd.)00:59
      • 23 Interface Testing (contd.)00:27
      • 24 GUI Testing00:51
      • 25 Common Software Vulnerabilities01:28
      • 26 Business Scenario00:54
      • 27 Information Security Continuous Monitoring01:32
      • 28 Information Security Continuous Monitoring—Strategy and Process01:55
      • 29 Risk Evaluation and Control—Metrics01:00
      • 30 Security Controls Monitoring Frequencies02:24
      • 31 ISCM—Benefits00:50
      • 32 Key Performance and Risk Indicators01:12
      • 33 Internal and Third Party Audits01:33
      • 34 Audit Frequency and Scope00:47
      • 35 Statement on Auditing Standards No. 7001:43
      • 36 Service Organization Controls00:57
      • 37 SOC 1 Report01:23
      • 38 SOC 2 Report01:40
      • 39 SOC 2 Reports (contd.)01:07
      • 40 SOC 3 Report00:41
      • 41 SOC 1, SOC 2, and SOC 3 Comparison00:58
      • 42 Audit Process—Audit Preparation Phase01:03
      • 43 Audit Process—Audit Phase00:43
      • 44 Business Scenario00:36
      • 45 Quiz
      • 46 Summary00:52
      • 47 Conclusion00:07
    • Domain 07 - Security Operations 3:06:24
      • 1 Domain 07—Security Operations00:15
      • 2 Objectives00:24
      • 3 Importance of Security Operations—Case Study00:47
      • 4 Introduction to Investigations00:41
      • 5 Investigation Challenges01:04
      • 6 Investigations—Primary Activities01:51
      • 7 Crime Scene00:52
      • 8 Forensic Investigation Guidelines01:07
      • 9 Incident Response Terminologies01:53
      • 10 Incident Response Goals00:28
      • 11 Incident Response Team01:39
      • 12 Incident Response Procedures02:19
      • 13 Incident Response Procedures (contd.)00:59
      • 14 Incident Response Procedures (contd.)00:27
      • 15 Incident Response Procedures (contd.)00:31
      • 16 Business Scenario00:52
      • 17 Evidence01:21
      • 18 Evidence Lifecycle01:17
      • 19 Chain of Evidence01:04
      • 20 Types of Evidence03:47
      • 21 Computer Forensics Procedure00:50
      • 22 Requirements for Investigation Types01:15
      • 23 Logging and Monitoring Activities00:40
      • 24 Intrusion Detection System02:52
      • 25 Intrusion Prevention System02:30
      • 26 Security Information and Event Management (SIEM)01:12
      • 27 Security Information and Event Management (SIEM)—Characteristics00:45
      • 28 Continuous Monitoring00:53
      • 29 Egress Filtering01:00
      • 30 Data Leak or Loss Prevention (DLP)01:26
      • 31 Steganography and Digital Watermarking00:58
      • 32 Business Scenario00:44
      • 33 Secure Provisioning of Resources through Configuration Management01:08
      • 34 Secure Provisioning of Resources through Configuration Management (contd.)00:52
      • 35 Introduction to Security Operations00:37
      • 36 Security Operations Concepts00:44
      • 37 Security Operations00:51
      • 38 Effects of Operations Controls on C.I.A.00:29
      • 39 Business Scenario01:03
      • 40 Operational Resilience01:08
      • 41 Threats to Operations02:12
      • 42 Threats to Operations (contd.)02:36
      • 43 Vulnerabilities03:30
      • 44 Controls01:49
      • 45 Business Scenario00:44
      • 46 Need for Controlling Privileged Accounts01:18
      • 47 Identity and Access Management01:30
      • 48 Types of Accounts01:29
      • 49 Commonly Used Roles01:01
      • 50 Commonly Used Roles (contd.)01:53
      • 51 Monitoring Special Privileges00:33
      • 52 Service Level Agreements (SLAs)01:15
      • 53 Business Scenario00:45
      • 54 Protect Valuable Assets01:28
      • 55 Protecting Physical Assets00:45
      • 56 Protecting Information Assets01:07
      • 57 Protecting Resources01:33
      • 58 Controls for Protecting Assets—Hardware Controls01:51
      • 59 Controls for Protecting Assets—Software Controls02:02
      • 60 Controls for Protecting Assets—Media Controls02:00
      • 61 Controls for Protecting Assets—Administrative Controls02:51
      • 62 Cloud and Virtual Storage00:53
      • 63 Cloud and Virtual Storage Security Issues00:53
      • 64 Types of Virtualized Storage02:00
      • 65 Hard Copy Records00:46
      • 66 Business Scenario00:34
      • 67 Incident Management01:46
      • 68 Security Measurements, Metrics, and Reporting00:32
      • 69 Managing Security Technologies00:42
      • 70 Incident Management—Detection Phase00:27
      • 71 Intrusion Detection System00:46
      • 72 Security Information Event Management (SIEM)02:38
      • 73 Anti-Malware Systems00:59
      • 74 Monitoring Techniques—Violation Analysis01:12
      • 75 Incident Management—Other Phases00:57
      • 76 Trusted Recovery and System Recovery01:54
      • 77 Problem Management01:29
      • 78 Operating and Maintaining Preventive Measures01:02
      • 79 Patch Management01:15
      • 80 Vulnerability Management01:19
      • 81 Change Management01:39
      • 82 Change Control Process01:23
      • 83 Configuration Management02:24
      • 84 Configuration Management (contd.)00:26
      • 85 Business Scenario00:37
      • 86 Develop a Recovery Strategy01:18
      • 87 Types of Recovery—Business Recovery and Facility and Supply Recovery00:44
      • 88 Types of Recovery—User Recovery00:29
      • 89 Types of Recovery—Operational Recovery00:56
      • 90 Recovery Partners Strategy02:44
      • 91 Backup Sites00:51
      • 92 Backup Sites (contd.)03:06
      • 93 Backup Sites (contd.)01:36
      • 94 Backup Methods01:36
      • 95 Importance of Maintaining Resilient Systems02:35
      • 96 Redundancy and Fault Tolerance01:54
      • 97 Redundancy and Fault Tolerance Methods01:13
      • 98 Redundancy and Fault Tolerance Methods (contd.)04:21
      • 99 Best Practices for Backup and Recovery00:55
      • 100 Business Scenario00:43
      • 101 Disaster Recovery—Planning Design and Development00:37
      • 102 Planning Design and Development—Step 1 and Step 201:38
      • 103 Planning Design and Development—Step 3 and Step 402:19
      • 104 Disaster Recovery Phases—Implementation, Testing, and Training00:44
      • 105 Importance of Testing00:19
      • 106 Types of Testing01:04
      • 107 Types of Testing (contd.)01:30
      • 108 Types of Testing (contd.)01:54
      • 109 Training02:57
      • 110 Disaster Recovery Phases—Maintenance02:49
      • 111 Disaster Recovery Phases—Maintenance (contd.)00:26
      • 112 Business Scenario01:04
      • 113 Perimeter Security01:32
      • 114 Barriers00:37
      • 115 Fences01:14
      • 116 Gates01:40
      • 117 Walls and Bollards01:13
      • 118 Perimeter Intrusion Detection04:26
      • 119 Business Scenario00:42
      • 120 Importance of Lighting01:12
      • 121 Types of Lighting Systems01:20
      • 122 Types of Lights01:21
      • 123 Access Control01:41
      • 124 Types of Access Control Systems06:33
      • 125 Business Scenario00:42
      • 126 Building and Inside Security08:05
      • 127 Personnel Security01:28
      • 128 Business Scenario00:50
      • 129 Quiz
      • 130 Summary01:00
      • 131 Conclusion00:06
    • Domain 08 - Software Development Security 1:50:55
      • 1 Domain 08 - Software Development Security00:15
      • 2 Objectives00:25
      • 3 Importance of Software Development Security00:51
      • 4 System Environments01:09
      • 5 Distributed Environment00:11
      • 6 Client/Server Systems and Local Environment00:35
      • 7 Distributed Data Processing and Agents00:45
      • 8 Applets00:42
      • 9 Programming Concepts01:22
      • 8.010 Complier Vs Interpreter01:39
      • 11 Programming and Software01:40
      • 12 Threats in the Software Environment01:15
      • 13 Threats in the Software Environment (contd.)02:11
      • 14 Threats in the Software Environment (contd.)01:07
      • 15 Threats in the Software Environment (contd.)01:03
      • 16 Threats in the Software Environment (contd.)00:49
      • 17 Threats in the Software Environment (contd.)00:46
      • 18 Business Scenario01:12
      • 19 System Life Cycle and Systems Development02:35
      • 20 Systems Development Life Cycle02:31
      • 21 SDLC—Operation and Maintenance00:42
      • 22 Integrated Product Team (IPT)00:42
      • 23 DevOps00:39
      • 24 Software Testing Methods03:18
      • 25 Software Testing Levels00:43
      • 26 Application Controls00:35
      • 27 Software Development Methods01:09
      • 28 Software Development Methods (contd.)01:09
      • 29 Software Development Methods (contd.)00:53
      • 30 Software Development Methods (contd.)00:54
      • 31 Software Development Methods (contd.)01:32
      • 32 Java Security00:57
      • 33 Secure Software Development Best Practices00:47
      • 34 Business Scenario01:05
      • 35 Object - Oriented Programming Terms01:01
      • 36 Object - Oriented Programming Terms (contd.)00:34
      • 37 Object-Oriented Programming—Definition01:23
      • 38 Distributed Object-Oriented Systems01:47
      • 39 Object Request Brokers00:49
      • 40 COM—Component Object Model00:28
      • 41 DCOM—Distributed Component Object Model00:38
      • 42 CORBA—Common Object Request Broker Architecture00:58
      • 43 Software Security and Assurance01:18
      • 44 Software Security and Assurance (contd.)00:43
      • 45 Software Security and Assurance (contd.)00:53
      • 46 Software Security and Assurance (contd.)00:42
      • 47 Software Security and Assurance (contd.)00:41
      • 48 Software Security and Assurance (contd.)00:50
      • 49 Software Security and Assurance (contd.)00:40
      • 50 Software Security and Assurance (contd.)00:55
      • 51 Software Security and Assurance (contd.)00:40
      • 52 Software Security and Assurance (contd.)00:36
      • 53 Software Security and Assurance (contd.)00:56
      • 54 Software Security and Assurance (contd.)00:54
      • 55 Software Security and Assurance (contd.)00:35
      • 56 Software Security : XML and Security Assertion Markup Language01:23
      • 57 Software Security: SOA02:15
      • 58 Audit and Assurance Mechanisms02:24
      • 59 Assessing the Effectiveness of Software Security00:51
      • 60 Assessing the Effectiveness of Software Security (contd.)00:51
      • 61 Assessing the Security Impact of Acquired Software01:15
      • 62 Code Repositories and Application Programming Interfaces01:04
      • 63 Business Scenario00:47
      • 64 Database and Data Warehousing Environments01:25
      • 65 Database Terms01:09
      • 66 Types of Databases00:27
      • 67 Types of Databases (contd.)00:27
      • 68 Types of Databases (contd.)00:41
      • 69 Types of Databases (contd.)00:29
      • 70 Types of Databases (contd.)00:43
      • 71 Database—Threats and Vulnerabilities04:40
      • 72 Introduction to Data Warehousing01:04
      • 73 Data Warehousing Concepts01:57
      • 74 Database Normalization01:17
      • 75 DBMS Controls04:26
      • 76 Business Scenario00:39
      • 77 Malwares—Types04:56
      • 78 Malware Protection01:31
      • 79 Business Scenario00:35
      • 80 Importance and Role of Knowledge Management01:03
      • 81 Knowledge-Based System/Artificial Intelligence00:33
      • 82 Knowledge-Based System—Expert System01:22
      • 83 Knowledge-Based System—Neural Network01:33
      • 84 Web Application Environment—Threats and Vulnerabilities01:35
      • 85 Web Application Environment Security01:03
      • 86 Web Application Environment Security (contd.)01:14
      • 87 Web Application Environment Security (contd.)00:34
      • 88 Web Application Environment Security (contd.)00:45
      • 89 The Ten Best Practices for Secure Software Development—(ISC)206:28
      • 90 Quiz
      • 91 Summary01:07
      • 92 Conclusion00:13
  • Free Course
    • {{childObj.title}}
      • {{childObj.childSection.chapter_name}}
        • {{lesson.title}}
      • {{lesson.title}}

    View More

    View Less

Exam & certification FREE PRACTICE TEST

  • How do you become a CISSP certified professional?

    The CISSP exam is a computer-based test (CBT) administered at Pearson VUE Testing centers around the world. Please follow these steps to register for the exam:
    1. Go to www.pearsonvue.com/isc2 to register for a test appointment.
    2. Select the most convenient test center.
    3. Book an exam-slot and make the payment.
    You will receive confirmation from Pearson VUE with the appointment details, test center location, and other relevant instructions, if any.
    Please note that your registration information will be transferred to (ISC) ², and all communication about the testing process from (ISC) ² and Pearson VUE will be sent to you via email. Please refer to the exam outline for CISSP by (ISC) ² for more details:
    https://www.isc2.org/uploadedfiles/%28isc%292_public_content/exam_outlines/cissp-cib.pdf

    For US,Canada & Europe students: Exam Pass Guarantee*

    Simplilearn offers “Exam Pass Guarantee” to our students who complete our course training. The current offering has an ISC2 CISSP exam voucher included. We also offer a voucher (free of charge) to the students to retake the exam in case they fail ISC2 CISSP final exam.

    T&C for claiming the retake voucher as a part of exam pass guarantee
    • Attend at least one complete instructor-led class
    • Score over 85% in at least 3 of the 5 test papers provided along with the course
    • Must give final exam within 30 days from the date of course completion
    • Produce exam failure notice received from ISC2
     

  • What are the prerequisites for a CISSP certification?

    This training is intended for professionals who want to acquire the credibility and mobility to advance within their current Information Security careers. To claim the CISSP certificate from ISC2 it is mandatory that you have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP - CBK 2015.You will be awarded an ISC2 associate title incase you do not have the required 5 years expereince which will be replaced with the CISSP certificate post gaining and submitting the experience.

  • What do I need to do to unlock my Simplilearn certificate?

    Online Classroom:
    1. You need to attend one complete batch.
    2. Complete 1 simulation test with a minimum score of 60%.
    Online Self learning:
    1. Complete 85% of the course.
    2. Complete 1 simulation test with a minimum score of 60%.

Reviews

I enjoyed taking the class with so many people from all over the world.

I was searching for CISSP training that met my needs and stayed within my budget. Simplilearn seemed to be the most flexible and also the most reasonably priced. Perfect match! The course was comprehensive… Good content, great instructor… The explanation of the various security/integrity models was really good. We were encouraged to interact and participate in the discussions. Now, I am looking forward to taking the exam, instead of feeling anxious.

Read more Read less

The training is very efficient and accurate...Simple and direct teaching technique was helpful.

The course was well balanced and covered each domain clearly and in good detail. The instructor was very knowledgeable and led a very effective course.

Read more Read less

I would like to thank Simplilearn for providing a knowledgeable trainer. It was a great experience with Simplilearn team.

Simplilearn has been a great learning platform for me. I had enrolled for CISSP and my expectation was met, with the expertise the trainer had on the concepts. I look forward to doing more course with Simplilearn.

Read more Read less

The training is online and interactive. The recordings are also shared for our reference.

Interactive sessions...Example scenarios are good...The overall flow was good…

The precise syllabus, quality of webEx app, the quality of trainers and the ease of use of Simplilearn website... Highly satisfied.

The concepts of the Instructor was mind-blowing...Lots of Industry examples...Very well organized...

One of the interesting and interactive sessions I have ever attended.

Really good training. It helped me to clear a lot of doubts which were present in my mind for a long time.

The course content is very good and satisfactory. The trainer is also good with his teaching abilities.

Training was up to the mark, solved my purpose of joining the course, a kick-starter to exam preparation and getting the basics right.

The training was nice and to the point. The trainer was nice and helpful. He cleared all our course-related doubts.

View More View Less

FAQs

  • Who are the trainers for the live classroom training?

    All Our Trainers are CISSP certified and highly qualified with over 16 years of experience in training and are working in the domain.

  • What certification will I receive after completing the training?

    After successful completion of the training, you will be awarded the course completion certificate along with the 30 hours CPE certificate from Simplilearn.

  • What is Online Classroom training?

    Online Classroom training for CISSP is a live training conducted via online live streaming of a class. This is run by a CISSP certified trainer with over 16 years of work experience in the domain and training. The class attended by the global audience can enrich your learning experience.

  • Are these training classes live or will I watch pre-recorded videos?

    All these trainings are live interactive sessions wherein you can raise concerns and discussions at any point during the class. Additionally, we also provide recordings of the sessions attended by you for your future references.

  • What tools do I need to attend the training sessions?

    The system requirements are quite basic:
    OS: Windows any version above XP SP3 & Mac any version above OS X 10.6
    Internet Speed: Preferably above 512 KBPS
    Headset: Any decent headset and microphone which can be used to talk and hear clearly.

  • What all will I get as part of the training?

    You get access to our e-learning content along with the practice simulation tests, these are complemented by our tips and tricks videos that help you tackle the toughest of the exam questions. You will also get an online participant handbook with cross references to the e-learning for reinforcement of your learning.

  • Is exam fee included in the course fee?

    No. The exam fee is not included. You can directly schedule your exam through www.pearsonvue.com as in the steps mentioned above.

  • How many questions are there in the CISSP certification exam?

    The CISSP Exam has a total of 250 multiple choice questions. The duration of the exam is 6 hours.

  • What is the CISSP certfication cost?

    The CISSP exam cost is $599 for Non-members and $549 for members.

  • Do you provide assistance for the exam application process?

    Yes, we do provide assistance for the exam application process. You can state your queries on community.simplilearn.com and get them answered along with any other query or concern that you might have about the course.

  • How does Simplilearn assure me that the training and course material delivered are effective?

    Our CISSP course is developed to deliver a first attempt pass rate of 100%. With a hands-on learning approach, the training not only gives you the confidence to clear the exam but also helps you retain the knowledge beyond the examination.

  • Can I cancel my enrollment? Will I get a refund?

    Yes, you can cancel your enrollment. We provide you a refund after deducting the administration fee. To know more, please go through our Refund Policy.

  • I’d like to learn more about this training program. Who should I contact?

    Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives will be able to give you more details.

  • Certification Process

    Simplilearn has a well-defined certification process that helps you face the challenges of the IT world.  You need to meet following conditions to unlock the certificate –
    • You need to complete at least 85% of the course or attend one complete batch
    • If your course has simulation exams you will need to complete it with the minimum passing score.
    • You need to submit a project and get it approved by our panel of Subject Matter Experts.
    • In case your project is rejected, our subject matter experts would provide all necessary help to clear the project in your next attempt.

  • Who are our Faculties and how are they selected?

    All our trainers are working professionals and industry experts with at least 10-12 years of relevant teaching experience.

    Each of them have gone through a rigorous selection process which includes profile screening, technical evaluation, and training demo before they are certified to train for us.  

    We also ensure that only those trainers with a high alumni rating continue to train for us.

  • What is Global Teaching Assistance?

    Our teaching assistants are here to help you get certified in your first attempt.

    They are a dedicated team of subject matter experts to help you at every step and enrich your learning experience from class onboarding to project mentoring and job assistance.

    They engage with the students proactively to ensure the course path is followed.

    Teaching Assistance is available during business hours.

  • What is covered under the 24/7 Support promise?

    We offer 24/7 support through email, chat, and calls.  

    We also have a dedicated team that provides on demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.

View More View Less

Contact Us

+1-844-532-7688

(Toll Free)

People Also Bought

CEH (V9)- Certified Ethical Hacker CEH (V9)- Certified Ethical Hacker Course Explore
CISA<sup>®</sup>- Certified Information Systems Auditor CISA®- Certified Information Systems Auditor Course Explore
CISM<sup>®</sup>- Certified Information Security Manager CISM®- Certified Information Security Manager Course Explore
COBIT<sup>®</sup>5- Control Objectives for Information and Related Technologies COBIT®5- Control Objectives for Information and Related Technologies Course Explore
CompTIA Security+ SYO-401 CompTIA Security+ SYO-401 Course Explore

Find this training in other cities

Choose your Location

Let us know your convenient schedule

Name *
Email *
Phone Number
Date (MM/DD/YYYY)
  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.
Help and Support