Key features

MONEY BACK GUARANTEE

How this works :

At Simplilearn, we greatly value the trust of our patrons. Our courses were designed to deliver an effective learning experience, and have helped over half a million find their professional calling. But if you feel your course is not to your liking, we offer a 7-day money-back guarantee. Just send us a refund request within 7 days of purchase, and we will refund 100% of your payment, no questions asked!

For Self Placed Learning :

Raise refund request within 7 days of purchase of course. Money back guarantee is void if the participant has accessed more than 25% content.

For Instructor Led Training :

Raise refund request within 7 days of commencement of the first batch you are eligible to attend. Money back guarantee is void if the participant has accessed more than 25% content of an e-learning course or has attended Online Classrooms for more than 1 day.

  • 32 hours of instructor-led training
  • 32 hours of self-paced videos
  • 5 simulation exams (250 questions each) for practice
  • Offers the requisite 30 CPEs for taking the CISSP examination
  • 8 domain-specific test papers (10 questions each) to prepare you for CISSP certification
  • 98.6% pass rate

Course description

  • What are the course objectives?

    Simplilearn’s CISSP certification training is aligned to the (ISC)² CBK 2015 requirements. The course trains you in the industry’s latest best practices, which will help you pass the exam in the first attempt. The certification helps you develop expertise in defining the architecture and in designing, building, and maintaining a secure business environment for your organization using globally approved Information Security standards.

    With unprecedented security breaches now being reported, the demand for IT security professionals has never been higher. Frost and Sullivan reports that there will be a shortage of 1.5 million security professionals by 2019.

  • What skills will you learn?

    By the end of this CISSP training, you will:
    • Be able to define the architecture, design and management of the security of your organization.
    • Acquire the relevant knowledge and skills required to pass the CISSP certification exam.
    • Earn the requisite 30 CPEs required to take up the CISSP certification exam.
    • Develop working knowledge in the 8 domains prescribed by the CISSP Common Book of Knowledge, 2015.

  • Who should take this course?

    The CISSP certification is the most globally recognized professional requirement in the IT Security domain. This certification is best suited for:
    • Security Consultants/Managers
    • IT Directors/Managers
    • Security Auditors/Architects
    • Security Systems Engineers
    • Chief Information Security Officers
    • Network Architects

Course preview

    • Domain 00 - Introduction 14:53
      • 1 CISSP®—Introduction01:06
      • 2 Objectives00:20
      • 3 CISSP®01:19
      • 4 (ISC)²®00:58
      • 5 CISSP® Domains02:47
      • 6 Benefits of CISSP® for Professionals01:01
      • 7 Benefits of CISSP® for Employers01:06
      • 8 CISSP® Certification Requirements00:42
      • 9 CISSP® Certification Requirements (contd.)00:21
      • 10 CISSP® Certification Requirements (contd.)00:57
      • 11 CISSP® Certification Requirements (contd.)01:05
      • 12 CISSP® Examination02:36
      • 13 CISSP® Examination (contd.)00:30
      • 14 Conclusion00:05
    • Domain 01 - Security and Risk Management 2:12:33
      • 1 Domain 01—Security and Risk Management00:10
      • 2 Objectives00:32
      • 3 Importance of Information Security and Risk Management01:03
      • 4 Role and Importance of CIA in ISM01:07
      • 5 Confidentiality01:51
      • 6 Integrity01:32
      • 7 Availability00:57
      • 8 Information Security00:33
      • 9 Information Security Management00:26
      • 10 Information Security Governance01:06
      • 11 IT Security and Organizational Goals, Mission, and Objectives00:29
      • 12 Goals, Mission, and Objectives01:55
      • 13 Aligning Security with Goals, Mission, and Objectives00:41
      • 14 Business Scenario01:14
      • 15 Organizational Processes01:28
      • 16 Auditing00:21
      • 17 Control Framework00:40
      • 18 Due Care00:31
      • 19 Due Diligence00:28
      • 20 Security Controls00:49
      • 21 Service Level Agreements00:58
      • 22 Managing Third - Party Governance02:23
      • 23 Offshoring Privacy Requirements and Compliance01:07
      • 24 Business Scenario00:52
      • 25 Layers of Responsibility01:03
      • 26 Security Policies01:31
      • 27 Types of Security Policies01:35
      • 28 Security Policy Implementation02:07
      • 29 Policy Chart01:08
      • 30 Standards, Guidelines, Procedures, and Baselines02:07
      • 31 Business Scenario00:30
      • 32 Compliance—Need for Compliance01:23
      • 33 Regulatory Compliance00:45
      • 34 Compliance00:39
      • 35 Compliance (contd.)00:57
      • 36 Compliance (contd.)00:48
      • 37 Standards/Manuals/Guidelines for Compliance01:09
      • 38 Computer Crimes00:27
      • 39 Introduction to Computer Crimes00:54
      • 40 Categories of Computer Crimes02:28
      • 41 Business Scenario00:51
      • 42 Major Legal Systems00:45
      • 43 Common Law and Civil Law01:42
      • 44 Customary Law and Religious Law01:44
      • 45 Mixed Law00:28
      • 46 Business Scenario00:36
      • 47 Introduction to Intellectual Property (IP) Law01:01
      • 48 Types of Intellectual Property (IP) Law01:51
      • 49 Types of Intellectual Property (IP) Law (contd.)01:44
      • 50 Types of Intellectual Property (IP) Law (contd.)01:00
      • 51 Business Scenario00:39
      • 52 Import or Export Controls and Trans - Border Data Flow01:10
      • 53 Introduction to Privacy01:59
      • 54 U.S. Privacy Laws01:14
      • 55 U.S. Privacy Laws (contd.)01:21
      • 56 U.S. Guidelines for Managing Privacy01:41
      • 57 EU Council Directive (Law) on Data Protection01:18
      • 58 The U.S.-European Union Safe Harbor05:44
      • 59 Security Definitions02:40
      • 60 Information Risk Management01:09
      • 61 Business Scenario00:54
      • 62 Introduction to Risk Analysis01:06
      • 63 Goals of Risk Analysis00:26
      • 64 Risk Analysis Team00:54
      • 65 Steps for Risk Analysis00:50
      • 66 Information and Assets Valuation01:16
      • 67 Risk Analysis Types00:41
      • 68 Quantitative Risk Analysis—Steps01:47
      • 69 Quantitative Risk Analysis—Problem00:39
      • 70 Qualitative Risk Analysis01:10
      • 71 Delphi Technique01:04
      • 72 Quantitative vs.Qualitative00:29
      • 73 Hybrid Analysis00:45
      • 74 Countermeasure Selection—Problem00:56
      • 75 Countermeasure Selection—Other Factors00:57
      • 76 Handling Risk01:39
      • 77 Business Scenario00:51
      • 78 Threat Modeling00:59
      • 79 Need for Business Continuity Planning00:55
      • 80 Basic Concepts—Disruptive Events02:26
      • 81 Basic Concepts—Business Continuity Planning00:47
      • 82 Importance of Business Continuity Planning00:31
      • 83 Business Continuity Planning Phases00:53
      • 84 BCP/DRP Phase 1—Project Initiation and Scoping02:54
      • 85 BCP/DRP Phase 2—Business Impact Analysis (BIA)01:11
      • 86 BIA—Goals01:20
      • 87 BIA—Steps03:32
      • 88 BIA Steps—Business Unit Level01:07
      • 89 Maximum Tolerable Downtime (MTD)01:46
      • 90 Failure and Recovery Metrics02:52
      • 91 Failure and Recovery Metrics (contd.)01:46
      • 92 Stages of Failure and Recovery00:52
      • 93 BCP/DRP Phase 3—Identify Preventive Controls01:19
      • 94 Importance of Managing Personnel Security00:51
      • 95 Managing Personnel Security—Hiring Practices00:54
      • 96 Managing Personnel Security—Employee Termination00:47
      • 97 Vendor, Contractors, and Consultant Controls00:47
      • 98 Best Work Practices01:44
      • 99 Business Scenario00:48
      • 100 Importance of Security Awareness Training00:54
      • 101 Security Awareness Training: Awareness, Training, and Education01:28
      • 102 Implementation of Security Awareness Training Program00:38
      • 103 Importance of Content Updates00:23
      • 104 Importance of Managing Security Function00:53
      • 105 Best Practices—Budget and Establish Security Metrics01:28
      • 106 Best Practices—Resources and Develop and Implement Strategies01:23
      • 107 Best Practices—Completeness and Effectiveness of the Program00:25
      • 108 Business Scenario00:44
      • 109 (ISC)² Code of Ethics02:31
      • 110 Quiz
      • 111 Summary00:54
      • 112 Conclusion00:06
    • Domain 02 - Asset Security 58:26
      • 1 Domain 02 Asset Security00:13
      • 2 Objectives00:28
      • 3 Importance of Asset Security00:39
      • 4 Need for Information Classification01:12
      • 5 Information Classification Objectives00:56
      • 6 Government or Military Sector Classification01:33
      • 7 Commercial or Private Sector Classification01:50
      • 8 Information Classification Criteria01:52
      • 9 Data Classification Considerations00:47
      • 10 Role Responsible for Data Classification00:51
      • 11 Business Scenario00:37
      • 12 Data Management00:53
      • 13 Best Practices for Data Management00:54
      • 14 Data Policy01:14
      • 15 Data Ownership00:54
      • 16 Data Ownership Best Practices00:45
      • 17 Data Custodians01:15
      • 18 Data Custodians (contd.)00:33
      • 19 Data Quality01:09
      • 20 Data Quality—Aspects00:32
      • 21 Data Quality Assurance and Quality Control00:49
      • 22 Data Documentation00:44
      • 23 Data Documentation Practices01:28
      • 24 Data Standards00:58
      • 25 Data Control Lifecycle00:33
      • 26 Data Specification and Modeling00:37
      • 27 Database Maintenance00:38
      • 28 Data Audit00:41
      • 29 Data Storage and Archiving00:59
      • 30 Data Security00:58
      • 31 Data Access, Sharing, and Dissemination00:56
      • 32 Data Publishing00:32
      • 33 Data Handling Requirements01:25
      • 34 Media Resource Protection03:32
      • 35 Data Remanence01:51
      • 36 Business Scenario00:45
      • 37 Asset Management01:17
      • 38 Software Licensing00:45
      • 39 Equipment Lifecycle01:00
      • 40 Protecting Privacy02:06
      • 41 Ensuring Appropriate Retention01:06
      • 42 Data Security Controls01:36
      • 43 Data in Transit—Best Practices01:11
      • 44 Scoping and Tailoring00:52
      • 45 Scoping and Tailoring (contd.)01:02
      • 46 Standards Selection—US DoD02:10
      • 47 Standards Selection—International Standards01:45
      • 48 Standards Selection National Cyber Security Framework Manual00:48
      • 49 Standards Selection Center for Strategic and International Studies01:00
      • 50 Standards Selection Critical Security Controls01:23
      • 51 Standards Selection Security Content Automation Protocol01:19
      • 52 Framework for Improving Critical Infrastructure Cybersecurity01:04
      • 53 Business Scenario00:38
      • 54 Quiz
      • 55 Summary00:44
      • 56 Conclusion00:07
    • Domain 03 - Security Engineering 2:48:47
      • 1 Domain 03 Security Engineering00:14
      • 2 Objectives00:23
      • 3 Security Architecture and Design - Case Study00:42
      • 4 Security Engineering00:31
      • 5 Architecture Framework01:29
      • 6 Zachman Framework01:11
      • 7 TOGAF00:45
      • 8 ITIL01:32
      • 9 Creating a Security Architecture03:00
      • 10 Enterprise Security Architecture02:06
      • 11 Common Security Services in ESA01:29
      • 12 SABSA Framework00:58
      • 13 SABSA Matrix04:01
      • 14 Business Scenario00:41
      • 15 ISO/IEC 27001:2013 Security Standards01:08
      • 16 ISO/IEC 27002 Code of Practice for Information Security Management01:37
      • 17 Security Models01:06
      • 18 State Machine Model00:24
      • 19 Multilevel Security Models01:07
      • 20 Matrix-Based Model00:48
      • 21 Non-Interference Model00:57
      • 22 Information flow model00:40
      • 23 Examples of Security Models: Bell–LaPadula Confidentiality Model02:13
      • 24 Examples of Security Models: Biba Integrity Model01:26
      • 25 Examples of Security Models: Clark–Wilson integrity model01:13
      • 26 Brewer Nash, Graham Denning, and Harrison Ruzzo Ullman models01:15
      • 27 Business Scenario00:34
      • 28 Evaluation Criteria01:04
      • 29 CSEC02:20
      • 30 Information Technology Security Evaluation Criteria01:20
      • 31 Common Criteria01:15
      • 32 Common Criteria Evaluation Process00:50
      • 33 Common Criteria Levels01:23
      • 34 Payment Card Industry Data Security Standard00:51
      • 35 Certification and Accreditation00:36
      • 36 Certification and Accreditation Standards01:33
      • 37 SEI—CMMI01:49
      • 38 SEI—CMMI Levels00:46
      • 39 Business Scenario01:11
      • 40 System Security Architecture01:19
      • 41 Mainframes and Other Thin Client Systems01:40
      • 42 Middleware and Embedded Systems00:23
      • 43 Pervasive Computing and Mobile Computing Devices00:15
      • 44 System Components Processors01:08
      • 45 System Components Memory00:51
      • 46 System Components Storage00:17
      • 47 System Components Trusted Computing Base (TCB)00:23
      • 48 System Components Reference Monitor00:29
      • 49 System Components—Trusted Platform Module (TPM)00:38
      • 50 System Components Peripherals and Other Input/Output Devices00:42
      • 51 System Components Operating System00:40
      • 52 System Components Ring Model00:34
      • 53 System Components System Kernel00:54
      • 54 Distributed Systems00:34
      • 55 Virtualization00:28
      • 56 Hypervisor00:45
      • 57 Cloud Computing00:10
      • 58 Service models01:15
      • 59 Grid Computing00:12
      • 60 Peer to Peer Networking (P2P)00:20
      • 61 Business Scenario00:56
      • 62 Security Threats and Countermeasures00:22
      • 63 Assessing and Mitigating Vulnerabilities and Threats01:30
      • 64 Assessing and Mitigating Vulnerabilities and Threats (contd.)00:54
      • 65 Assessing and Mitigating Vulnerabilities and Threats (contd.)01:05
      • 66 Best Practices00:45
      • 67 Best Practices (contd.)00:30
      • 68 Best Practices Techniques and Technologies00:59
      • 69 Best Practices Techniques and Technologies (contd.)00:30
      • 70 Best Practices Techniques and Technologies (contd.)00:24
      • 71 Best Practices Techniques and Technologies (contd.)00:37
      • 72 Best Practices Techniques and Technologies (contd.)00:42
      • 73 Introduction to Cryptography02:40
      • 74 Cryptographic Lifecycle00:56
      • 75 Algorithm or Protocol Governance00:52
      • 76 Cryptography Terms02:45
      • 77 Strength of a Cryptosystem01:29
      • 78 Cryptography Methods Substitution Cipher01:31
      • 79 Cryptography Methods Transposition Cipher00:24
      • 80 Cryptography Methods Book or Running Key Cipher01:09
      • 81 Cryptography Methods Concealment Cipher00:43
      • 82 Cryptography Methods Steganography and DRM01:19
      • 83 Business Scenario00:36
      • 84 Introduction to Symmetric Cryptography02:01
      • 85 Symmetric Key Ciphers01:16
      • 86 Block Cipher00:47
      • 87 Stream Cipher02:02
      • 88 Block Cipher Designs00:41
      • 89 Data Encryption Standard (DES)01:33
      • 90 DES Algorithm01:35
      • 91 DES Operation Modes Electronic Code Book01:01
      • 92 DES Operation Modes Cipher Block Chaining01:07
      • 93 DES Operation Modes Cipher Feed Back01:22
      • 94 DES Operation Modes Output Feed Back00:44
      • 95 DES Operation Modes—Counter01:01
      • 96 Triple DES01:46
      • 97 Advanced Encryption Standard (AES)01:17
      • 98 AES Algorithm00:14
      • 99 AES Algorithm Key Expansion and Initial Round00:15
      • 100 Advanced Encryption Standard (AES) Algorithm—Rounds02:01
      • 101 AES Algorithm Final Round00:08
      • 102 Other Symmetric Systems01:54
      • 103 Other Symmetric Systems (contd.)01:11
      • 104 Business Scenario00:43
      • 105 Introduction to Asymmetric Cryptography02:07
      • 106 Introduction to Asymmetric Cryptography Diagram00:09
      • 107 Introduction to RSA Algorithm00:54
      • 108 RSA Algorithm Process01:20
      • 109 Other Types of Asymmetric Cryptography Elliptic Curve Cryptosystems01:02
      • 110 Other Types of Asymmetric Cryptography Diffie-Hellman Key Exchange00:35
      • 111 Public Key Cryptography01:25
      • 112 Symmetric vs. Asymmetric Cryptography02:45
      • 113 Advantages and Disadvantages00:54
      • 114 Introduction to Public Key Infrastructure02:15
      • 115 PKI Certification01:48
      • 116 PKI Certification (contd.)00:33
      • 117 PKI Steps—Part 100:44
      • 118 PKI Steps—Part 200:58
      • 119 One-Way Hash01:13
      • 120 Hashing Algorithms02:09
      • 121 Hashing Algorithms (contd.)01:41
      • 122 Salting00:34
      • 123 Message Authentication Code (MAC)01:50
      • 124 Digital Signatures01:15
      • 125 Key Management01:30
      • 126 Key Management Principles01:50
      • 127 Escrowed Encryption02:44
      • 128 Business Scenario00:58
      • 129 Need for Physical and Environmental Security01:50
      • 130 Business Scenario01:02
      • 131 Site and Facility Design Criteria02:27
      • 132 Information Protection Environment00:53
      • 133 Crime Prevention Through Environmental Design (CPTED)01:02
      • 134 Site Location01:38
      • 135 Construction01:08
      • 136 Support Facilities01:46
      • 137 Business Scenario00:51
      • 138 Secure Operational Areas03:15
      • 139 Business Scenario00:49
      • 140 Environmental Controls00:21
      • 141 Environmental Controls (Contd.)01:05
      • 142 Fire Detection and Suppression00:44
      • 143 Power Supply02:03
      • 144 Power Supply (contd.)00:57
      • 145 HVAC00:43
      • 146 Training and Awareness00:23
      • 147 Business Scenario01:00
      • 148 Quiz
      • 149 Summary00:48
      • 150 Conclusion00:07
    • Domain 04 - Communications and Network Security 2:07:22
      • 1 Domain 04—Communications and Network Security00:15
      • 2 Objectives00:27
      • 3 Importance of Communications and Network Security—Case Study00:39
      • 4 Introduction to Secure Network Architecture and Design00:26
      • 5 Open Systems Interconnection03:43
      • 6 OSI Model Layers01:15
      • 7 Physical Layer01:09
      • 8 Data Link Layer01:18
      • 9 Network Layer00:49
      • 10 Transport Layer01:01
      • 11 Session Layer00:52
      • 12 Presentation Layer01:16
      • 13 Application Layer00:47
      • 14 Transmission Control Protocol/Internet Protocol (TCP/IP) Model01:08
      • 15 Network Access Layer and Internet Layer01:08
      • 16 Host-to-Host Layer and Application Layer01:10
      • 17 Comparison of OSI and TCP/IP Models01:17
      • 18 Introduction to IP Addressing00:48
      • 19 IPv4 and IPv602:35
      • 20 Classful IP Addressing00:38
      • 21 Class A00:31
      • 22 Class B00:30
      • 23 Class C00:27
      • 24 Class D and Class E00:30
      • 25 Classless Inter-Domain Routing02:41
      • 26 Private Networks and Loopback Address01:42
      • 27 Types of IP Addressing01:15
      • 28 Routed and Routing Protocols01:56
      • 29 Types of Network Protocols00:15
      • 30 Transmission Control Protocol (TCP)01:06
      • 31 User Datagram Protocol (UDP)00:46
      • 32 Internet Protocol00:20
      • 33 Address Resolution Protocol01:37
      • 34 Internet Control Message Protocol (ICMP)00:29
      • 35 Hypertext Transfer Protocol (HTTP)01:56
      • 36 Implications of Multi-Layer Protocols00:53
      • 37 Distributed Network Protocol01:07
      • 38 LAN/Network Technologies04:14
      • 39 Transmission Media00:26
      • 40 Twisted Pair02:00
      • 41 Coaxial Cable Box01:45
      • 42 Fiber-Optic Cable Box01:42
      • 43 Network Topologies01:52
      • 44 Media Access Technologies00:46
      • 45 Carrier-Sense Multiple Access with Collision Detection01:20
      • 46 Carrier-Sense Multiple Access with Collision Avoidance01:04
      • 47 Flavors of LAN transmission methods00:30
      • 48 List of Networking Devices02:33
      • 49 VLANs02:08
      • 50 Gateways01:03
      • 51 Network Access Control Devices00:38
      • 52 Packet-Filtering and Application-Level02:40
      • 53 Circuit-Level and Stateful-Inspection01:39
      • 54 Firewall Architectures02:37
      • 55 Network Security Terms01:51
      • 56 Business Scenario00:26
      • 57 Networks01:09
      • 58 Types of Networks01:09
      • 59 WAN Technologies01:11
      • 60 WAN Switching and Devices01:55
      • 61 Network Address Translation and Frame Relay01:36
      • 62 Multi-Protocol Label Switching and VoIP00:58
      • 63 Fiber Channel over Ethernet and Internet Small Computer System Interface01:05
      • 64 Virtualized Networks01:02
      • 65 Introduction to Remote Access00:45
      • 66 VPN using PPTP and L2TP01:44
      • 67 Internet Security Protocol (IPsec)01:06
      • 68 Internet Security Protocol (IPsec) Modes of Operation01:47
      • 69 IPsec Security Protocols—Authentication Header (AH)02:44
      • 70 IPsec Security Protocols—Encapsulating Security Payload (ESP)01:26
      • 71 Components of the IPsec Process01:28
      • 72 Components of the IPsec Process (contd.)01:18
      • 73 IPsec Process00:59
      • 74 Secure Access Protocols02:49
      • 75 Secure Access Protocols (contd.)02:10
      • 76 Secure Access Protocols (contd.)01:03
      • 77 Remote Access Security Methods00:32
      • 78 Multimedia Collaboration00:52
      • 79 Wireless Technologies00:29
      • 80 IEEE Wireless Standards and Spread-Spectrum Technologies01:17
      • 81 Direct Sequence Spread Spectrum and Frequency-Hopping Spread Spectrum01:20
      • 82 WLAN Operational Modes01:30
      • 83 Bluetooth01:37
      • 84 Bluetooth Attack00:15
      • 85 Blue Jacking and Blue Snarfing01:09
      • 86 Blue Bugging, Backdoor Attacks, and Denial of Service Attacks01:03
      • 87 Wireless Security06:29
      • 88 Business Scenario00:49
      • 89 Network Attacks02:33
      • 90 Network Attacks (contd.)02:17
      • 91 Network Attacks—Countermeasures03:02
      • 92 Quiz
      • 93 Summary00:40
      • 94 Conclusion00:08
    • Domain 05 - Identity and Access Management 1:32:26
      • 1 Domain 05—Identity and Access Management00:15
      • 2 Objectives00:31
      • 3 Importance of Identity and Access Management in Information Security00:59
      • 4 Controlling Physical and Logical Access to Assets01:23
      • 5 Controlling Physical and Logical Access to Assets (contd.)01:51
      • 6 Access Subject Object and Access controls01:13
      • 7 Identity and Access Management Policy00:47
      • 8 Identification Authentication and Authorization01:21
      • 9 Identity Management00:32
      • 10 Identity and Access Provisioning Lifecycle01:28
      • 11 Identity and Access Provisioning Lifecycle (contd.)00:48
      • 12 Guidelines for User Identification00:53
      • 13 Verifying Identification Information01:41
      • 14 Strong Authentication01:26
      • 15 Biometrics—Characteristics02:11
      • 16 Types of Biometrics01:42
      • 17 FRR FAR CER02:04
      • 18 Passwords01:15
      • 19 Password Types01:43
      • 20 Tokens00:30
      • 21 Token Device—Synchronous00:48
      • 22 Token Device—Asynchronous00:40
      • 23 Memory Cards and Smart Cards01:39
      • 24 Attacks on Smart Cards—Fault Generation and Micro-Probing02:08
      • 25 Access Criteria02:04
      • 26 Authorization Concepts02:22
      • 27 Identity Management Implementation00:31
      • 28 Password Management02:02
      • 29 Directory Management01:05
      • 30 Directory Technologies01:35
      • 31 Accounts Management01:16
      • 32 Profile Management00:49
      • 33 Web Access Management00:30
      • 34 Single Sign-On (SSO)01:49
      • 35 SSO Technologies01:01
      • 36 Kerberos02:41
      • 37 Kerberos Steps01:35
      • 38 Problems with Kerberos00:54
      • 39 Business Scenario01:01
      • 40 Access Control Types—Security Layer01:17
      • 41 Access Control Types—Functionality01:39
      • 42 Business Scenario00:24
      • 43 Access Control Models—DAC01:00
      • 44 Access Control Models—MAC01:00
      • 45 Access Control Models—RBAC00:51
      • 46 Business Scenario00:28
      • 47 Access Control Concepts03:12
      • 48 Types of Access Control Administration02:19
      • 49 Remote Authentication Dial-In User Service (RADIUS)01:50
      • 50 TACACS and TACACS+00:56
      • 51 DIAMETER00:58
      • 52 Accountability01:43
      • 53 Accountability (contd.)00:40
      • 54 Session Management00:56
      • 55 Registration and Proof of Identity00:42
      • 56 Credential Management Systems00:47
      • 57 Credential Management Systems—Risks and benefits00:42
      • 58 Federated Identity Management00:45
      • 59 Federated Identity Management Models00:51
      • 60 Federated Identity Management Models (contd.)01:06
      • 61 Federated Identity Management Models (contd.)00:48
      • 62 Identity as a Service00:44
      • 63 Identity as a Service—Functionality01:53
      • 64 Identity as a Service—Possible Issues01:07
      • 65 Integrate Third-Party Identity Services01:05
      • 66 Integrate Third-Party Identity Services (contd.)00:49
      • 67 Unauthorized Disclosure of Information03:37
      • 68 Threats to Access Control04:27
      • 69 Protection against Access Control Attacks00:39
      • 70 Access Control Best Practices00:53
      • 71 Access Control Best Practices (contd.)00:29
      • 72 Quiz
      • 73 Summary00:39
      • 74 Conclusion00:07
    • Domain 06 - Security Assessment and Testing 46:04
      • 1 Domain 06—Security Assessment and Testing00:14
      • 2 Objectives00:25
      • 3 Security Assessment and Testing—Introduction00:36
      • 4 Assessment and Test Strategies00:48
      • 5 Vulnerability Assessment01:04
      • 6 Penetration Testing01:18
      • 7 Log Management01:14
      • 8 Log Management—Advantages and Challenges00:44
      • 9 Log Management—Best Practices00:48
      • 10 Log Management—Operational Process00:40
      • 11 Logged Events00:27
      • 12 Synthetic Transactions00:59
      • 13 Reasons to Use Synthetic Transactions00:51
      • 14 Code Review and Testing00:49
      • 15 Testing Techniques01:16
      • 16 Security Testing in the SDLC01:55
      • 17 Software Product Testing Levels01:05
      • 18 Misuse Case Testing00:37
      • 19 Misuse Case Testing—Scenarios01:19
      • 20 Test Coverage Analysis00:38
      • 21 Interface Testing00:35
      • 22 API Testing (contd.)00:59
      • 23 Interface Testing (contd.)00:27
      • 24 GUI Testing00:51
      • 25 Common Software Vulnerabilities01:28
      • 26 Business Scenario00:54
      • 27 Information Security Continuous Monitoring01:32
      • 28 Information Security Continuous Monitoring—Strategy and Process01:55
      • 29 Risk Evaluation and Control—Metrics01:00
      • 30 Security Controls Monitoring Frequencies02:24
      • 31 ISCM—Benefits00:50
      • 32 Key Performance and Risk Indicators01:12
      • 33 Internal and Third Party Audits01:33
      • 34 Audit Frequency and Scope00:47
      • 35 Statement on Auditing Standards No. 7001:43
      • 36 Service Organization Controls00:57
      • 37 SOC 1 Report01:23
      • 38 SOC 2 Report01:40
      • 39 SOC 2 Reports (contd.)01:07
      • 40 SOC 3 Report00:41
      • 41 SOC 1, SOC 2, and SOC 3 Comparison00:58
      • 42 Audit Process—Audit Preparation Phase01:03
      • 43 Audit Process—Audit Phase00:43
      • 44 Business Scenario00:36
      • 45 Quiz
      • 46 Summary00:52
      • 47 Conclusion00:07
    • Domain 07 - Security Operations 3:06:24
      • 1 Domain 07—Security Operations00:15
      • 2 Objectives00:24
      • 3 Importance of Security Operations—Case Study00:47
      • 4 Introduction to Investigations00:41
      • 5 Investigation Challenges01:04
      • 6 Investigations—Primary Activities01:51
      • 7 Crime Scene00:52
      • 8 Forensic Investigation Guidelines01:07
      • 9 Incident Response Terminologies01:53
      • 10 Incident Response Goals00:28
      • 11 Incident Response Team01:39
      • 12 Incident Response Procedures02:19
      • 13 Incident Response Procedures (contd.)00:59
      • 14 Incident Response Procedures (contd.)00:27
      • 15 Incident Response Procedures (contd.)00:31
      • 16 Business Scenario00:52
      • 17 Evidence01:21
      • 18 Evidence Lifecycle01:17
      • 19 Chain of Evidence01:04
      • 20 Types of Evidence03:47
      • 21 Computer Forensics Procedure00:50
      • 22 Requirements for Investigation Types01:15
      • 23 Logging and Monitoring Activities00:40
      • 24 Intrusion Detection System02:52
      • 25 Intrusion Prevention System02:30
      • 26 Security Information and Event Management (SIEM)01:12
      • 27 Security Information and Event Management (SIEM)—Characteristics00:45
      • 28 Continuous Monitoring00:53
      • 29 Egress Filtering01:00
      • 30 Data Leak or Loss Prevention (DLP)01:26
      • 31 Steganography and Digital Watermarking00:58
      • 32 Business Scenario00:44
      • 33 Secure Provisioning of Resources through Configuration Management01:08
      • 34 Secure Provisioning of Resources through Configuration Management (contd.)00:52
      • 35 Introduction to Security Operations00:37
      • 36 Security Operations Concepts00:44
      • 37 Security Operations00:51
      • 38 Effects of Operations Controls on C.I.A.00:29
      • 39 Business Scenario01:03
      • 40 Operational Resilience01:08
      • 41 Threats to Operations02:12
      • 42 Threats to Operations (contd.)02:36
      • 43 Vulnerabilities03:30
      • 44 Controls01:49
      • 45 Business Scenario00:44
      • 46 Need for Controlling Privileged Accounts01:18
      • 47 Identity and Access Management01:30
      • 48 Types of Accounts01:29
      • 49 Commonly Used Roles01:01
      • 50 Commonly Used Roles (contd.)01:53
      • 51 Monitoring Special Privileges00:33
      • 52 Service Level Agreements (SLAs)01:15
      • 53 Business Scenario00:45
      • 54 Protect Valuable Assets01:28
      • 55 Protecting Physical Assets00:45
      • 56 Protecting Information Assets01:07
      • 57 Protecting Resources01:33
      • 58 Controls for Protecting Assets—Hardware Controls01:51
      • 59 Controls for Protecting Assets—Software Controls02:02
      • 60 Controls for Protecting Assets—Media Controls02:00
      • 61 Controls for Protecting Assets—Administrative Controls02:51
      • 62 Cloud and Virtual Storage00:53
      • 63 Cloud and Virtual Storage Security Issues00:53
      • 64 Types of Virtualized Storage02:00
      • 65 Hard Copy Records00:46
      • 66 Business Scenario00:34
      • 67 Incident Management01:46
      • 68 Security Measurements, Metrics, and Reporting00:32
      • 69 Managing Security Technologies00:42
      • 70 Incident Management—Detection Phase00:27
      • 71 Intrusion Detection System00:46
      • 72 Security Information Event Management (SIEM)02:38
      • 73 Anti-Malware Systems00:59
      • 74 Monitoring Techniques—Violation Analysis01:12
      • 75 Incident Management—Other Phases00:57
      • 76 Trusted Recovery and System Recovery01:54
      • 77 Problem Management01:29
      • 78 Operating and Maintaining Preventive Measures01:02
      • 79 Patch Management01:15
      • 80 Vulnerability Management01:19
      • 81 Change Management01:39
      • 82 Change Control Process01:23
      • 83 Configuration Management02:24
      • 84 Configuration Management (contd.)00:26
      • 85 Business Scenario00:37
      • 86 Develop a Recovery Strategy01:18
      • 87 Types of Recovery—Business Recovery and Facility and Supply Recovery00:44
      • 88 Types of Recovery—User Recovery00:29
      • 89 Types of Recovery—Operational Recovery00:56
      • 90 Recovery Partners Strategy02:44
      • 91 Backup Sites00:51
      • 92 Backup Sites (contd.)03:06
      • 93 Backup Sites (contd.)01:36
      • 94 Backup Methods01:36
      • 95 Importance of Maintaining Resilient Systems02:35
      • 96 Redundancy and Fault Tolerance01:54
      • 97 Redundancy and Fault Tolerance Methods01:13
      • 98 Redundancy and Fault Tolerance Methods (contd.)04:21
      • 99 Best Practices for Backup and Recovery00:55
      • 100 Business Scenario00:43
      • 101 Disaster Recovery—Planning Design and Development00:37
      • 102 Planning Design and Development—Step 1 and Step 201:38
      • 103 Planning Design and Development—Step 3 and Step 402:19
      • 104 Disaster Recovery Phases—Implementation, Testing, and Training00:44
      • 105 Importance of Testing00:19
      • 106 Types of Testing01:04
      • 107 Types of Testing (contd.)01:30
      • 108 Types of Testing (contd.)01:54
      • 109 Training02:57
      • 110 Disaster Recovery Phases—Maintenance02:49
      • 111 Disaster Recovery Phases—Maintenance (contd.)00:26
      • 112 Business Scenario01:04
      • 113 Perimeter Security01:32
      • 114 Barriers00:37
      • 115 Fences01:14
      • 116 Gates01:40
      • 117 Walls and Bollards01:13
      • 118 Perimeter Intrusion Detection04:26
      • 119 Business Scenario00:42
      • 120 Importance of Lighting01:12
      • 121 Types of Lighting Systems01:20
      • 122 Types of Lights01:21
      • 123 Access Control01:41
      • 124 Types of Access Control Systems06:33
      • 125 Business Scenario00:42
      • 126 Building and Inside Security08:05
      • 127 Personnel Security01:28
      • 128 Business Scenario00:50
      • 129 Quiz
      • 130 Summary01:00
      • 131 Conclusion00:06
    • Domain 08 - Software Development Security 1:50:55
      • 1 Domain 08 - Software Development Security00:15
      • 2 Objectives00:25
      • 3 Importance of Software Development Security00:51
      • 4 System Environments01:09
      • 5 Distributed Environment00:11
      • 6 Client/Server Systems and Local Environment00:35
      • 7 Distributed Data Processing and Agents00:45
      • 8 Applets00:42
      • 9 Programming Concepts01:22
      • 8.010 Complier Vs Interpreter01:39
      • 11 Programming and Software01:40
      • 12 Threats in the Software Environment01:15
      • 13 Threats in the Software Environment (contd.)02:11
      • 14 Threats in the Software Environment (contd.)01:07
      • 15 Threats in the Software Environment (contd.)01:03
      • 16 Threats in the Software Environment (contd.)00:49
      • 17 Threats in the Software Environment (contd.)00:46
      • 18 Business Scenario01:12
      • 19 System Life Cycle and Systems Development02:35
      • 20 Systems Development Life Cycle02:31
      • 21 SDLC—Operation and Maintenance00:42
      • 22 Integrated Product Team (IPT)00:42
      • 23 DevOps00:39
      • 24 Software Testing Methods03:18
      • 25 Software Testing Levels00:43
      • 26 Application Controls00:35
      • 27 Software Development Methods01:09
      • 28 Software Development Methods (contd.)01:09
      • 29 Software Development Methods (contd.)00:53
      • 30 Software Development Methods (contd.)00:54
      • 31 Software Development Methods (contd.)01:32
      • 32 Java Security00:57
      • 33 Secure Software Development Best Practices00:47
      • 34 Business Scenario01:05
      • 35 Object - Oriented Programming Terms01:01
      • 36 Object - Oriented Programming Terms (contd.)00:34
      • 37 Object-Oriented Programming—Definition01:23
      • 38 Distributed Object-Oriented Systems01:47
      • 39 Object Request Brokers00:49
      • 40 COM—Component Object Model00:28
      • 41 DCOM—Distributed Component Object Model00:38
      • 42 CORBA—Common Object Request Broker Architecture00:58
      • 43 Software Security and Assurance01:18
      • 44 Software Security and Assurance (contd.)00:43
      • 45 Software Security and Assurance (contd.)00:53
      • 46 Software Security and Assurance (contd.)00:42
      • 47 Software Security and Assurance (contd.)00:41
      • 48 Software Security and Assurance (contd.)00:50
      • 49 Software Security and Assurance (contd.)00:40
      • 50 Software Security and Assurance (contd.)00:55
      • 51 Software Security and Assurance (contd.)00:40
      • 52 Software Security and Assurance (contd.)00:36
      • 53 Software Security and Assurance (contd.)00:56
      • 54 Software Security and Assurance (contd.)00:54
      • 55 Software Security and Assurance (contd.)00:35
      • 56 Software Security : XML and Security Assertion Markup Language01:23
      • 57 Software Security: SOA02:15
      • 58 Audit and Assurance Mechanisms02:24
      • 59 Assessing the Effectiveness of Software Security00:51
      • 60 Assessing the Effectiveness of Software Security (contd.)00:51
      • 61 Assessing the Security Impact of Acquired Software01:15
      • 62 Code Repositories and Application Programming Interfaces01:04
      • 63 Business Scenario00:47
      • 64 Database and Data Warehousing Environments01:25
      • 65 Database Terms01:09
      • 66 Types of Databases00:27
      • 67 Types of Databases (contd.)00:27
      • 68 Types of Databases (contd.)00:41
      • 69 Types of Databases (contd.)00:29
      • 70 Types of Databases (contd.)00:43
      • 71 Database—Threats and Vulnerabilities04:40
      • 72 Introduction to Data Warehousing01:04
      • 73 Data Warehousing Concepts01:57
      • 74 Database Normalization01:17
      • 75 DBMS Controls04:26
      • 76 Business Scenario00:39
      • 77 Malwares—Types04:56
      • 78 Malware Protection01:31
      • 79 Business Scenario00:35
      • 80 Importance and Role of Knowledge Management01:03
      • 81 Knowledge-Based System/Artificial Intelligence00:33
      • 82 Knowledge-Based System—Expert System01:22
      • 83 Knowledge-Based System—Neural Network01:33
      • 84 Web Application Environment—Threats and Vulnerabilities01:35
      • 85 Web Application Environment Security01:03
      • 86 Web Application Environment Security (contd.)01:14
      • 87 Web Application Environment Security (contd.)00:34
      • 88 Web Application Environment Security (contd.)00:45
      • 89 The Ten Best Practices for Secure Software Development—(ISC)206:28
      • 90 Quiz
      • 91 Summary01:07
      • 92 Conclusion00:13
    • {{childObj.title}}
      • {{childObj.childSection.chapter_name}}
        • {{lesson.title}}
      • {{lesson.title}}

    View More

    View Less

Exam & certification FREE PRACTICE TEST

  • How do I become a CISSP certified professional?

    You must pass the CISSP exam to become certified. The CISSP exam is a computer-based test (CBT) administered at Pearson VUE Testing centers around the world.

    Link: https://cert.isc2.org/cissp-exam-outline-form/

  • What are the prerequisites for CISSP certification?

    This CISSP training is intended for professionals who want to acquire the credibility and mobility to advance within their current Information Security careers. To claim the CISSP certificate from ISC2 it is mandatory that you have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP – CBK 2015. In the case that you do not yet have the required 5 years of experience you will be awarded an ISC2 associate title which will be replaced with the CISSP certificate after you gain and submit proof of your experience.

  • What do I need to do to unlock my Simplilearn certificate?

    Online Classroom:
    • Attend one complete batch.
    • Complete one simulation test with a minimum score of 60%.
    Online Self learning:
    • Complete 85% of the course.
    • Complete one simulation test with a minimum score of 60%

Reviews

Simplilearn has been a great learning platform for me. I had enrolled for CISSP and my expectation was met, with the expertise the trainer had on the concepts. I look forward to doing more course with Simplilearn.

Read more Read less

Interactive sessions...Example scenarios are good...The overall flow was good…

The precise syllabus, quality of webEx app, the quality of trainers and the ease of use of Simplilearn website... Highly satisfied.

The concepts of the Instructor was mind-blowing...Lots of Industry examples...Very well organized...

One of the interesting and interactive sessions I have ever attended.

Really good training. It helped me to clear a lot of doubts which were present in my mind for a long time.

The course content is very good and satisfactory. The trainer is also good with his teaching abilities.

Training was up to the mark, solved my purpose of joining the course, a kick-starter to exam preparation and getting the basics right.

The training was nice and to the point. The trainer was nice and helpful. He cleared all our course-related doubts.

Scenario based examples with elaborate details when required. Very strategic and useful way of teaching.

It was a very good and informative training program conducted by Simplilearn.

Excellent training; the trainer is having in-depth knowledge in all domains. He was able to map his experience with real time examples while delivering sessions.

Read more Read less

The training was very helpful to understand CISSP topics.

Faculty is Excellent, Coordination/Assistance from the coordinator is highly appreciated.

The course content is really good. It really helped to get concept understanding. The faculty has taken all the topics very nicely and explained the points.

Read more Read less

FAQs

  • Who are the instructors for the live classroom training?

    All our highly-qualified trainers are CISSP certified with more than 16 years of experience working in the domain.

  • What certification will I receive after completing the CISSP training?

    After successful completion of the CISSP training, you will be awarded the course completion certificate along with the 32 hours PDU/CPE certificate from Simplilearn.

  • How does online classroom training work?

    Online classroom training for CISSP is conducted via online live streaming by a CISSP certified trainer with over 16 years of work experience. The class is attended by a global audience to enrich your learning experience.

  • Is this live training, or will I watch pre-recorded videos?

    All of the classes are conducted live online. They are interactive sessions that enable you to ask questions and participate in discussions during class time. We do, however, provide recordings of each session you attend for your future reference.

  • What tools do I need to attend the training sessions?

    The tools you’ll need to attend training are:
    • Windows: Windows XP SP3 or higher
    • Mac: OSX 10.6 or higher
    • Internet speed: Preferably 512 Kbps or higher
    • Headset, speakers and microphone: You’ll need headphones or speakers to hear instruction clearly, as well as a microphone to talk to others. You can use a headset with a built-in microphone, or separate speakers and microphone.

  • What else will I receive as part of the CISSP training?

    You will get access to our e-learning content along with the practice simulation tests,  complemented by our tips and tricks videos that help you tackle the toughest exam questions. You will also get an online participant handbook with cross references to the e-learning segments for learning reinforcement.

  • Is exam fee included in the course fee?

    No. The exam fee is not included. You can directly schedule your exam through www.pearsonvue.com as mentioned in the steps above.

  • How many questions are there in the CISSP certification exam?

    The CISSP Exam has a total of 250 multiple choice questions. The duration of the exam is 6 hours.

  • What is the CISSP certification cost?

    The CISSP exam cost is $599 for non-members and $549 for members.

  • Do you provide assistance in the exam application process?

    Yes, we can assist you in the exam application process. You can state your queries on community.simplilearn.com and get them answered along with any other query or concern that you might have about the course.

  • How does Simplilearn assure me that the training and course material delivered are effective?

    Our CISSP course is developed to deliver a first attempt pass rate of 100%. With a hands-on learning approach, the training not only gives you the confidence to clear the exam but also helps you retain the knowledge beyond the examination.

  • Can I cancel my enrollment? Will I get a refund?

    Yes, you can cancel your enrollment. We provide you a refund after deducting the administration fee. To know more, please go through our Refund Policy.

  • I’d like to learn more about this training program. Whom should I contact?

    Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives can provide you with more details.

  • Certification Process

    Simplilearn has a well-defined certification process that helps you face the challenges of the IT world. You need to meet following conditions to unlock the certificate.
    • You need to complete at least 85% of the course or attend one complete batch.
    • If your course has simulation exams you will need to complete them with the minimum passing score.
    • You need to submit a project for approval by our panel of subject matter experts.
    • If your project is rejected, our subject matter experts will provide all necessary help to receive approval of your  project in your next attempt.

  • Who are our instructors and how are they selected?

    All of our highly qualified trainers are industry experts with at least 16 years of work experience in the field, including 10-12 years of relevant teaching experience. Each of them has gone through a rigorous selection process that includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating remain on our faculty.

  • What is Global Teaching Assistance?

    Our teaching assistants are a dedicated team of subject matter experts here to help you get certified on your first attempt. They engage students proactively to ensure the course path is being followed and help you enrich your learning experience, from class onboarding to project mentoring and job assistance. Teaching Assistance is available during business hours.

  • What is covered under the 24/7 Support promise?

    We offer 24/7 support through email, chat, and calls. We also have a dedicated team that provides on demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.

Our Bangalore address

# 53/1 C, Manoj Arcade, 24th Main, 2nd Sector, HSR Layout, Bangalore - 560102, Karnataka, India.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.