Explore our course

Key features

MONEY BACK GUARANTEE

How this works :

At Simplilearn, we greatly value the trust of our patrons. Our courses were designed to deliver an effective learning experience, and have helped over half a million find their professional calling. But if you feel your course is not to your liking, we offer a 7-day money-back guarantee. Just send us a refund request within 7 days of purchase, and we will refund 100% of your payment, no questions asked!

For Self Placed Learning :

Raise refund request within 7 days of purchase of course. Money back guarantee is void if the participant has accessed more than 25% content.

For Instructor Led Training :

Raise refund request within 7 days of commencement of the first batch you are eligible to attend. Money back guarantee is void if the participant has accessed more than 25% content of an e-learning course or has attended Online Classrooms for more than 1 day.
  • 32 hours of instructor-led training
  • 32 hours of self-paced videos
  • 5 simulation exams (250 questions each) for practice
  • Offers the requisite 30 CPEs for taking the CISSP examination
  • 8 domain-specific test papers (10 questions each) to prepare you for CISSP certification
  • 98.6% pass rate

Course description

  • What’s the focus of this course?

    Simplilearn’s CISSP certification training is aligned to the (ISC) ² CBK 2015 and trains you in the industry’s latest best practices, which will help you ace the exam in the first attempt. The certification helps you develop the expertise in defining the architecture, in designing, building, and maintaining a secure business environment for your organization using globally approved Information Security standards.

  • What are the course objectives?

    By the end of this training, you will:
    • Be able to define the architecture, and design and manage the security of your organization.
    • Acquire the relevant knowledge and skills required to clear the CISSP certification exam.
    • Earn the requisite 30 CPEs required to take up the CISSP certification exam.
    • Develop working knowledge in the 8 domains areas prescribed by the CISSP Common Book of Knowledge, 2015.

  • Who should take this course?

    The CISSP certification is a globally recognized professional requirement in the IT Security domain. This certification is best-suited for:
    • Security Consultants/Managers
    • IT Directors/Managers
    • Security Auditors/Architects
    • Security Systems Engineers
    • Chief Information Security Officers
    • Network Architects

Course preview

  • CISSP® - Certified Information Systems Security Professional
    • Domain 00 - Introduction 14:53
      • 1 CISSP®—Introduction 01:06
      • 2 Objectives 00:20
      • 3 CISSP® 01:19
      • 4 (ISC)²® 00:58
      • 5 CISSP® Domains 02:47
      • 6 Benefits of CISSP® for Professionals 01:01
      • 7 Benefits of CISSP® for Employers 01:06
      • 8 CISSP® Certification Requirements 00:42
      • 9 CISSP® Certification Requirements (contd.) 00:21
      • 10 CISSP® Certification Requirements (contd.) 00:57
      • 11 CISSP® Certification Requirements (contd.) 01:05
      • 12 CISSP® Examination 02:36
      • 13 CISSP® Examination (contd.) 00:30
      • 14 Conclusion 00:05
    • Domain 01 - Security and Risk Management 2:12:33
      • 1 Domain 01—Security and Risk Management 00:10
      • 2 Objectives 00:32
      • 3 Importance of Information Security and Risk Management 01:03
      • 4 Role and Importance of CIA in ISM 01:07
      • 5 Confidentiality 01:51
      • 6 Integrity 01:32
      • 7 Availability 00:57
      • 8 Information Security 00:33
      • 9 Information Security Management 00:26
      • 10 Information Security Governance 01:06
      • 11 IT Security and Organizational Goals, Mission, and Objectives 00:29
      • 12 Goals, Mission, and Objectives 01:55
      • 13 Aligning Security with Goals, Mission, and Objectives 00:41
      • 14 Business Scenario 01:14
      • 15 Organizational Processes 01:28
      • 16 Auditing 00:21
      • 17 Control Framework 00:40
      • 18 Due Care 00:31
      • 19 Due Diligence 00:28
      • 20 Security Controls 00:49
      • 21 Service Level Agreements 00:58
      • 22 Managing Third - Party Governance 02:23
      • 23 Offshoring Privacy Requirements and Compliance 01:07
      • 24 Business Scenario 00:52
      • 25 Layers of Responsibility 01:03
      • 26 Security Policies 01:31
      • 27 Types of Security Policies 01:35
      • 28 Security Policy Implementation 02:07
      • 29 Policy Chart 01:08
      • 30 Standards, Guidelines, Procedures, and Baselines 02:07
      • 31 Business Scenario 00:30
      • 32 Compliance—Need for Compliance 01:23
      • 33 Regulatory Compliance 00:45
      • 34 Compliance 00:39
      • 35 Compliance (contd.) 00:57
      • 36 Compliance (contd.) 00:48
      • 37 Standards/Manuals/Guidelines for Compliance 01:09
      • 38 Computer Crimes 00:27
      • 39 Introduction to Computer Crimes 00:54
      • 40 Categories of Computer Crimes 02:28
      • 41 Business Scenario 00:51
      • 42 Major Legal Systems 00:45
      • 43 Common Law and Civil Law 01:42
      • 44 Customary Law and Religious Law 01:44
      • 45 Mixed Law 00:28
      • 46 Business Scenario 00:36
      • 47 Introduction to Intellectual Property (IP) Law 01:01
      • 48 Types of Intellectual Property (IP) Law 01:51
      • 49 Types of Intellectual Property (IP) Law (contd.) 01:44
      • 50 Types of Intellectual Property (IP) Law (contd.) 01:00
      • 51 Business Scenario 00:39
      • 52 Import or Export Controls and Trans - Border Data Flow 01:10
      • 53 Introduction to Privacy 01:59
      • 54 U.S. Privacy Laws 01:14
      • 55 U.S. Privacy Laws (contd.) 01:21
      • 56 U.S. Guidelines for Managing Privacy 01:41
      • 57 EU Council Directive (Law) on Data Protection 01:18
      • 58 The U.S.-European Union Safe Harbor 05:44
      • 59 Security Definitions 02:40
      • 60 Information Risk Management 01:09
      • 61 Business Scenario 00:54
      • 62 Introduction to Risk Analysis 01:06
      • 63 Goals of Risk Analysis 00:26
      • 64 Risk Analysis Team 00:54
      • 65 Steps for Risk Analysis 00:50
      • 66 Information and Assets Valuation 01:16
      • 67 Risk Analysis Types 00:41
      • 68 Quantitative Risk Analysis—Steps 01:47
      • 69 Quantitative Risk Analysis—Problem 00:39
      • 70 Qualitative Risk Analysis 01:10
      • 71 Delphi Technique 01:04
      • 72 Quantitative vs.Qualitative 00:29
      • 73 Hybrid Analysis 00:45
      • 74 Countermeasure Selection—Problem 00:56
      • 75 Countermeasure Selection—Other Factors 00:57
      • 76 Handling Risk 01:39
      • 77 Business Scenario 00:51
      • 78 Threat Modeling 00:59
      • 79 Need for Business Continuity Planning 00:55
      • 80 Basic Concepts—Disruptive Events 02:26
      • 81 Basic Concepts—Business Continuity Planning 00:47
      • 82 Importance of Business Continuity Planning 00:31
      • 83 Business Continuity Planning Phases 00:53
      • 84 BCP/DRP Phase 1—Project Initiation and Scoping 02:54
      • 85 BCP/DRP Phase 2—Business Impact Analysis (BIA) 01:11
      • 86 BIA—Goals 01:20
      • 87 BIA—Steps 03:32
      • 88 BIA Steps—Business Unit Level 01:07
      • 89 Maximum Tolerable Downtime (MTD) 01:46
      • 90 Failure and Recovery Metrics 02:52
      • 91 Failure and Recovery Metrics (contd.) 01:46
      • 92 Stages of Failure and Recovery 00:52
      • 93 BCP/DRP Phase 3—Identify Preventive Controls 01:19
      • 94 Importance of Managing Personnel Security 00:51
      • 95 Managing Personnel Security—Hiring Practices 00:54
      • 96 Managing Personnel Security—Employee Termination 00:47
      • 97 Vendor, Contractors, and Consultant Controls 00:47
      • 98 Best Work Practices 01:44
      • 99 Business Scenario 00:48
      • 100 Importance of Security Awareness Training 00:54
      • 101 Security Awareness Training: Awareness, Training, and Education 01:28
      • 102 Implementation of Security Awareness Training Program 00:38
      • 103 Importance of Content Updates 00:23
      • 104 Importance of Managing Security Function 00:53
      • 105 Best Practices—Budget and Establish Security Metrics 01:28
      • 106 Best Practices—Resources and Develop and Implement Strategies 01:23
      • 107 Best Practices—Completeness and Effectiveness of the Program 00:25
      • 108 Business Scenario 00:44
      • 109 (ISC)² Code of Ethics 02:31
      • 110 Quiz
      • 111 Summary 00:54
      • 112 Conclusion 00:06
    • Domain 02 - Asset Security 58:26
      • 1 Domain 02 Asset Security 00:13
      • 2 Objectives 00:28
      • 3 Importance of Asset Security 00:39
      • 4 Need for Information Classification 01:12
      • 5 Information Classification Objectives 00:56
      • 6 Government or Military Sector Classification 01:33
      • 7 Commercial or Private Sector Classification 01:50
      • 8 Information Classification Criteria 01:52
      • 9 Data Classification Considerations 00:47
      • 10 Role Responsible for Data Classification 00:51
      • 11 Business Scenario 00:37
      • 12 Data Management 00:53
      • 13 Best Practices for Data Management 00:54
      • 14 Data Policy 01:14
      • 15 Data Ownership 00:54
      • 16 Data Ownership Best Practices 00:45
      • 17 Data Custodians 01:15
      • 18 Data Custodians (contd.) 00:33
      • 19 Data Quality 01:09
      • 20 Data Quality—Aspects 00:32
      • 21 Data Quality Assurance and Quality Control 00:49
      • 22 Data Documentation 00:44
      • 23 Data Documentation Practices 01:28
      • 24 Data Standards 00:58
      • 25 Data Control Lifecycle 00:33
      • 26 Data Specification and Modeling 00:37
      • 27 Database Maintenance 00:38
      • 28 Data Audit 00:41
      • 29 Data Storage and Archiving 00:59
      • 30 Data Security 00:58
      • 31 Data Access, Sharing, and Dissemination 00:56
      • 32 Data Publishing 00:32
      • 33 Data Handling Requirements 01:25
      • 34 Media Resource Protection 03:32
      • 35 Data Remanence 01:51
      • 36 Business Scenario 00:45
      • 37 Asset Management 01:17
      • 38 Software Licensing 00:45
      • 39 Equipment Lifecycle 01:00
      • 40 Protecting Privacy 02:06
      • 41 Ensuring Appropriate Retention 01:06
      • 42 Data Security Controls 01:36
      • 43 Data in Transit—Best Practices 01:11
      • 44 Scoping and Tailoring 00:52
      • 45 Scoping and Tailoring (contd.) 01:02
      • 46 Standards Selection—US DoD 02:10
      • 47 Standards Selection—International Standards 01:45
      • 48 Standards Selection National Cyber Security Framework Manual 00:48
      • 49 Standards Selection Center for Strategic and International Studies 01:00
      • 50 Standards Selection Critical Security Controls 01:23
      • 51 Standards Selection Security Content Automation Protocol 01:19
      • 52 Framework for Improving Critical Infrastructure Cybersecurity 01:04
      • 53 Business Scenario 00:38
      • 54 Quiz
      • 55 Summary 00:44
      • 56 Conclusion 00:07
    • Domain 03 - Security Engineering 2:48:47
      • 1 Domain 03 Security Engineering 00:14
      • 2 Objectives 00:23
      • 3 Security Architecture and Design - Case Study 00:42
      • 4 Security Engineering 00:31
      • 5 Architecture Framework 01:29
      • 6 Zachman Framework 01:11
      • 7 TOGAF 00:45
      • 8 ITIL 01:32
      • 9 Creating a Security Architecture 03:00
      • 10 Enterprise Security Architecture 02:06
      • 11 Common Security Services in ESA 01:29
      • 12 SABSA Framework 00:58
      • 13 SABSA Matrix 04:01
      • 14 Business Scenario 00:41
      • 15 ISO/IEC 27001:2013 Security Standards 01:08
      • 16 ISO/IEC 27002 Code of Practice for Information Security Management 01:37
      • 17 Security Models 01:06
      • 18 State Machine Model 00:24
      • 19 Multilevel Security Models 01:07
      • 20 Matrix-Based Model 00:48
      • 21 Non-Interference Model 00:57
      • 22 Information flow model 00:40
      • 23 Examples of Security Models: Bell–LaPadula Confidentiality Model 02:13
      • 24 Examples of Security Models: Biba Integrity Model 01:26
      • 25 Examples of Security Models: Clark–Wilson integrity model 01:13
      • 26 Brewer Nash, Graham Denning, and Harrison Ruzzo Ullman models 01:15
      • 27 Business Scenario 00:34
      • 28 Evaluation Criteria 01:04
      • 29 CSEC 02:20
      • 30 Information Technology Security Evaluation Criteria 01:20
      • 31 Common Criteria 01:15
      • 32 Common Criteria Evaluation Process 00:50
      • 33 Common Criteria Levels 01:23
      • 34 Payment Card Industry Data Security Standard 00:51
      • 35 Certification and Accreditation 00:36
      • 36 Certification and Accreditation Standards 01:33
      • 37 SEI—CMMI 01:49
      • 38 SEI—CMMI Levels 00:46
      • 39 Business Scenario 01:11
      • 40 System Security Architecture 01:19
      • 41 Mainframes and Other Thin Client Systems 01:40
      • 42 Middleware and Embedded Systems 00:23
      • 43 Pervasive Computing and Mobile Computing Devices 00:15
      • 44 System Components Processors 01:08
      • 45 System Components Memory 00:51
      • 46 System Components Storage 00:17
      • 47 System Components Trusted Computing Base (TCB) 00:23
      • 48 System Components Reference Monitor 00:29
      • 49 System Components—Trusted Platform Module (TPM) 00:38
      • 50 System Components Peripherals and Other Input/Output Devices 00:42
      • 51 System Components Operating System 00:40
      • 52 System Components Ring Model 00:34
      • 53 System Components System Kernel 00:54
      • 54 Distributed Systems 00:34
      • 55 Virtualization 00:28
      • 56 Hypervisor 00:45
      • 57 Cloud Computing 00:10
      • 58 Service models 01:15
      • 59 Grid Computing 00:12
      • 60 Peer to Peer Networking (P2P) 00:20
      • 61 Business Scenario 00:56
      • 62 Security Threats and Countermeasures 00:22
      • 63 Assessing and Mitigating Vulnerabilities and Threats 01:30
      • 64 Assessing and Mitigating Vulnerabilities and Threats (contd.) 00:54
      • 65 Assessing and Mitigating Vulnerabilities and Threats (contd.) 01:05
      • 66 Best Practices 00:45
      • 67 Best Practices (contd.) 00:30
      • 68 Best Practices Techniques and Technologies 00:59
      • 69 Best Practices Techniques and Technologies (contd.) 00:30
      • 70 Best Practices Techniques and Technologies (contd.) 00:24
      • 71 Best Practices Techniques and Technologies (contd.) 00:37
      • 72 Best Practices Techniques and Technologies (contd.) 00:42
      • 73 Introduction to Cryptography 02:40
      • 74 Cryptographic Lifecycle 00:56
      • 75 Algorithm or Protocol Governance 00:52
      • 76 Cryptography Terms 02:45
      • 77 Strength of a Cryptosystem 01:29
      • 78 Cryptography Methods Substitution Cipher 01:31
      • 79 Cryptography Methods Transposition Cipher 00:24
      • 80 Cryptography Methods Book or Running Key Cipher 01:09
      • 81 Cryptography Methods Concealment Cipher 00:43
      • 82 Cryptography Methods Steganography and DRM 01:19
      • 83 Business Scenario 00:36
      • 84 Introduction to Symmetric Cryptography 02:01
      • 85 Symmetric Key Ciphers 01:16
      • 86 Block Cipher 00:47
      • 87 Stream Cipher 02:02
      • 88 Block Cipher Designs 00:41
      • 89 Data Encryption Standard (DES) 01:33
      • 90 DES Algorithm 01:35
      • 91 DES Operation Modes Electronic Code Book 01:01
      • 92 DES Operation Modes Cipher Block Chaining 01:07
      • 93 DES Operation Modes Cipher Feed Back 01:22
      • 94 DES Operation Modes Output Feed Back 00:44
      • 95 DES Operation Modes—Counter 01:01
      • 96 Triple DES 01:46
      • 97 Advanced Encryption Standard (AES) 01:17
      • 98 AES Algorithm 00:14
      • 99 AES Algorithm Key Expansion and Initial Round 00:15
      • 100 Advanced Encryption Standard (AES) Algorithm—Rounds 02:01
      • 101 AES Algorithm Final Round 00:08
      • 102 Other Symmetric Systems 01:54
      • 103 Other Symmetric Systems (contd.) 01:11
      • 104 Business Scenario 00:43
      • 105 Introduction to Asymmetric Cryptography 02:07
      • 106 Introduction to Asymmetric Cryptography Diagram 00:09
      • 107 Introduction to RSA Algorithm 00:54
      • 108 RSA Algorithm Process 01:20
      • 109 Other Types of Asymmetric Cryptography Elliptic Curve Cryptosystems 01:02
      • 110 Other Types of Asymmetric Cryptography Diffie-Hellman Key Exchange 00:35
      • 111 Public Key Cryptography 01:25
      • 112 Symmetric vs. Asymmetric Cryptography 02:45
      • 113 Advantages and Disadvantages 00:54
      • 114 Introduction to Public Key Infrastructure 02:15
      • 115 PKI Certification 01:48
      • 116 PKI Certification (contd.) 00:33
      • 117 PKI Steps—Part 1 00:44
      • 118 PKI Steps—Part 2 00:58
      • 119 One-Way Hash 01:13
      • 120 Hashing Algorithms 02:09
      • 121 Hashing Algorithms (contd.) 01:41
      • 122 Salting 00:34
      • 123 Message Authentication Code (MAC) 01:50
      • 124 Digital Signatures 01:15
      • 125 Key Management 01:30
      • 126 Key Management Principles 01:50
      • 127 Escrowed Encryption 02:44
      • 128 Business Scenario 00:58
      • 129 Need for Physical and Environmental Security 01:50
      • 130 Business Scenario 01:02
      • 131 Site and Facility Design Criteria 02:27
      • 132 Information Protection Environment 00:53
      • 133 Crime Prevention Through Environmental Design (CPTED) 01:02
      • 134 Site Location 01:38
      • 135 Construction 01:08
      • 136 Support Facilities 01:46
      • 137 Business Scenario 00:51
      • 138 Secure Operational Areas 03:15
      • 139 Business Scenario 00:49
      • 140 Environmental Controls 00:21
      • 141 Environmental Controls (Contd.) 01:05
      • 142 Fire Detection and Suppression 00:44
      • 143 Power Supply 02:03
      • 144 Power Supply (contd.) 00:57
      • 145 HVAC 00:43
      • 146 Training and Awareness 00:23
      • 147 Business Scenario 01:00
      • 148 Quiz
      • 149 Summary 00:48
      • 150 Conclusion 00:07
    • Domain 04 - Communications and Network Security 2:07:22
      • 1 Domain 04—Communications and Network Security 00:15
      • 2 Objectives 00:27
      • 3 Importance of Communications and Network Security—Case Study 00:39
      • 4 Introduction to Secure Network Architecture and Design 00:26
      • 5 Open Systems Interconnection 03:43
      • 6 OSI Model Layers 01:15
      • 7 Physical Layer 01:09
      • 8 Data Link Layer 01:18
      • 9 Network Layer 00:49
      • 10 Transport Layer 01:01
      • 11 Session Layer 00:52
      • 12 Presentation Layer 01:16
      • 13 Application Layer 00:47
      • 14 Transmission Control Protocol/Internet Protocol (TCP/IP) Model 01:08
      • 15 Network Access Layer and Internet Layer 01:08
      • 16 Host-to-Host Layer and Application Layer 01:10
      • 17 Comparison of OSI and TCP/IP Models 01:17
      • 18 Introduction to IP Addressing 00:48
      • 19 IPv4 and IPv6 02:35
      • 20 Classful IP Addressing 00:38
      • 21 Class A 00:31
      • 22 Class B 00:30
      • 23 Class C 00:27
      • 24 Class D and Class E 00:30
      • 25 Classless Inter-Domain Routing 02:41
      • 26 Private Networks and Loopback Address 01:42
      • 27 Types of IP Addressing 01:15
      • 28 Routed and Routing Protocols 01:56
      • 29 Types of Network Protocols 00:15
      • 30 Transmission Control Protocol (TCP) 01:06
      • 31 User Datagram Protocol (UDP) 00:46
      • 32 Internet Protocol 00:20
      • 33 Address Resolution Protocol 01:37
      • 34 Internet Control Message Protocol (ICMP) 00:29
      • 35 Hypertext Transfer Protocol (HTTP) 01:56
      • 36 Implications of Multi-Layer Protocols 00:53
      • 37 Distributed Network Protocol 01:07
      • 38 LAN/Network Technologies 04:14
      • 39 Transmission Media 00:26
      • 40 Twisted Pair 02:00
      • 41 Coaxial Cable Box 01:45
      • 42 Fiber-Optic Cable Box 01:42
      • 43 Network Topologies 01:52
      • 44 Media Access Technologies 00:46
      • 45 Carrier-Sense Multiple Access with Collision Detection 01:20
      • 46 Carrier-Sense Multiple Access with Collision Avoidance 01:04
      • 47 Flavors of LAN transmission methods 00:30
      • 48 List of Networking Devices 02:33
      • 49 VLANs 02:08
      • 50 Gateways 01:03
      • 51 Network Access Control Devices 00:38
      • 52 Packet-Filtering and Application-Level 02:40
      • 53 Circuit-Level and Stateful-Inspection 01:39
      • 54 Firewall Architectures 02:37
      • 55 Network Security Terms 01:51
      • 56 Business Scenario 00:26
      • 57 Networks 01:09
      • 58 Types of Networks 01:09
      • 59 WAN Technologies 01:11
      • 60 WAN Switching and Devices 01:55
      • 61 Network Address Translation and Frame Relay 01:36
      • 62 Multi-Protocol Label Switching and VoIP 00:58
      • 63 Fiber Channel over Ethernet and Internet Small Computer System Interface 01:05
      • 64 Virtualized Networks 01:02
      • 65 Introduction to Remote Access 00:45
      • 66 VPN using PPTP and L2TP 01:44
      • 67 Internet Security Protocol (IPsec) 01:06
      • 68 Internet Security Protocol (IPsec) Modes of Operation 01:47
      • 69 IPsec Security Protocols—Authentication Header (AH) 02:44
      • 70 IPsec Security Protocols—Encapsulating Security Payload (ESP) 01:26
      • 71 Components of the IPsec Process 01:28
      • 72 Components of the IPsec Process (contd.) 01:18
      • 73 IPsec Process 00:59
      • 74 Secure Access Protocols 02:49
      • 75 Secure Access Protocols (contd.) 02:10
      • 76 Secure Access Protocols (contd.) 01:03
      • 77 Remote Access Security Methods 00:32
      • 78 Multimedia Collaboration 00:52
      • 79 Wireless Technologies 00:29
      • 80 IEEE Wireless Standards and Spread-Spectrum Technologies 01:17
      • 81 Direct Sequence Spread Spectrum and Frequency-Hopping Spread Spectrum 01:20
      • 82 WLAN Operational Modes 01:30
      • 83 Bluetooth 01:37
      • 84 Bluetooth Attack 00:15
      • 85 Blue Jacking and Blue Snarfing 01:09
      • 86 Blue Bugging, Backdoor Attacks, and Denial of Service Attacks 01:03
      • 87 Wireless Security 06:29
      • 88 Business Scenario 00:49
      • 89 Network Attacks 02:33
      • 90 Network Attacks (contd.) 02:17
      • 91 Network Attacks—Countermeasures 03:02
      • 92 Quiz
      • 93 Summary 00:40
      • 94 Conclusion 00:08
    • Domain 05 - Identity and Access Management 1:32:26
      • 1 Domain 05—Identity and Access Management 00:15
      • 2 Objectives 00:31
      • 3 Importance of Identity and Access Management in Information Security 00:59
      • 4 Controlling Physical and Logical Access to Assets 01:23
      • 5 Controlling Physical and Logical Access to Assets (contd.) 01:51
      • 6 Access Subject Object and Access controls 01:13
      • 7 Identity and Access Management Policy 00:47
      • 8 Identification Authentication and Authorization 01:21
      • 9 Identity Management 00:32
      • 10 Identity and Access Provisioning Lifecycle 01:28
      • 11 Identity and Access Provisioning Lifecycle (contd.) 00:48
      • 12 Guidelines for User Identification 00:53
      • 13 Verifying Identification Information 01:41
      • 14 Strong Authentication 01:26
      • 15 Biometrics—Characteristics 02:11
      • 16 Types of Biometrics 01:42
      • 17 FRR FAR CER 02:04
      • 18 Passwords 01:15
      • 19 Password Types 01:43
      • 20 Tokens 00:30
      • 21 Token Device—Synchronous 00:48
      • 22 Token Device—Asynchronous 00:40
      • 23 Memory Cards and Smart Cards 01:39
      • 24 Attacks on Smart Cards—Fault Generation and Micro-Probing 02:08
      • 25 Access Criteria 02:04
      • 26 Authorization Concepts 02:22
      • 27 Identity Management Implementation 00:31
      • 28 Password Management 02:02
      • 29 Directory Management 01:05
      • 30 Directory Technologies 01:35
      • 31 Accounts Management 01:16
      • 32 Profile Management 00:49
      • 33 Web Access Management 00:30
      • 34 Single Sign-On (SSO) 01:49
      • 35 SSO Technologies 01:01
      • 36 Kerberos 02:41
      • 37 Kerberos Steps 01:35
      • 38 Problems with Kerberos 00:54
      • 39 Business Scenario 01:01
      • 40 Access Control Types—Security Layer 01:17
      • 41 Access Control Types—Functionality 01:39
      • 42 Business Scenario 00:24
      • 43 Access Control Models—DAC 01:00
      • 44 Access Control Models—MAC 01:00
      • 45 Access Control Models—RBAC 00:51
      • 46 Business Scenario 00:28
      • 47 Access Control Concepts 03:12
      • 48 Types of Access Control Administration 02:19
      • 49 Remote Authentication Dial-In User Service (RADIUS) 01:50
      • 50 TACACS and TACACS+ 00:56
      • 51 DIAMETER 00:58
      • 52 Accountability 01:43
      • 53 Accountability (contd.) 00:40
      • 54 Session Management 00:56
      • 55 Registration and Proof of Identity 00:42
      • 56 Credential Management Systems 00:47
      • 57 Credential Management Systems—Risks and benefits 00:42
      • 58 Federated Identity Management 00:45
      • 59 Federated Identity Management Models 00:51
      • 60 Federated Identity Management Models (contd.) 01:06
      • 61 Federated Identity Management Models (contd.) 00:48
      • 62 Identity as a Service 00:44
      • 63 Identity as a Service—Functionality 01:53
      • 64 Identity as a Service—Possible Issues 01:07
      • 65 Integrate Third-Party Identity Services 01:05
      • 66 Integrate Third-Party Identity Services (contd.) 00:49
      • 67 Unauthorized Disclosure of Information 03:37
      • 68 Threats to Access Control 04:27
      • 69 Protection against Access Control Attacks 00:39
      • 70 Access Control Best Practices 00:53
      • 71 Access Control Best Practices (contd.) 00:29
      • 72 Quiz
      • 73 Summary 00:39
      • 74 Conclusion 00:07
    • Domain 06 - Security Assessment and Testing 46:04
      • 1 Domain 06—Security Assessment and Testing 00:14
      • 2 Objectives 00:25
      • 3 Security Assessment and Testing—Introduction 00:36
      • 4 Assessment and Test Strategies 00:48
      • 5 Vulnerability Assessment 01:04
      • 6 Penetration Testing 01:18
      • 7 Log Management 01:14
      • 8 Log Management—Advantages and Challenges 00:44
      • 9 Log Management—Best Practices 00:48
      • 10 Log Management—Operational Process 00:40
      • 11 Logged Events 00:27
      • 12 Synthetic Transactions 00:59
      • 13 Reasons to Use Synthetic Transactions 00:51
      • 14 Code Review and Testing 00:49
      • 15 Testing Techniques 01:16
      • 16 Security Testing in the SDLC 01:55
      • 17 Software Product Testing Levels 01:05
      • 18 Misuse Case Testing 00:37
      • 19 Misuse Case Testing—Scenarios 01:19
      • 20 Test Coverage Analysis 00:38
      • 21 Interface Testing 00:35
      • 22 API Testing (contd.) 00:59
      • 23 Interface Testing (contd.) 00:27
      • 24 GUI Testing 00:51
      • 25 Common Software Vulnerabilities 01:28
      • 26 Business Scenario 00:54
      • 27 Information Security Continuous Monitoring 01:32
      • 28 Information Security Continuous Monitoring—Strategy and Process 01:55
      • 29 Risk Evaluation and Control—Metrics 01:00
      • 30 Security Controls Monitoring Frequencies 02:24
      • 31 ISCM—Benefits 00:50
      • 32 Key Performance and Risk Indicators 01:12
      • 33 Internal and Third Party Audits 01:33
      • 34 Audit Frequency and Scope 00:47
      • 35 Statement on Auditing Standards No. 70 01:43
      • 36 Service Organization Controls 00:57
      • 37 SOC 1 Report 01:23
      • 38 SOC 2 Report 01:40
      • 39 SOC 2 Reports (contd.) 01:07
      • 40 SOC 3 Report 00:41
      • 41 SOC 1, SOC 2, and SOC 3 Comparison 00:58
      • 42 Audit Process—Audit Preparation Phase 01:03
      • 43 Audit Process—Audit Phase 00:43
      • 44 Business Scenario 00:36
      • 45 Quiz
      • 46 Summary 00:52
      • 47 Conclusion 00:07
    • Domain 07 - Security Operations 3:06:24
      • 1 Domain 07—Security Operations 00:15
      • 2 Objectives 00:24
      • 3 Importance of Security Operations—Case Study 00:47
      • 4 Introduction to Investigations 00:41
      • 5 Investigation Challenges 01:04
      • 6 Investigations—Primary Activities 01:51
      • 7 Crime Scene 00:52
      • 8 Forensic Investigation Guidelines 01:07
      • 9 Incident Response Terminologies 01:53
      • 10 Incident Response Goals 00:28
      • 11 Incident Response Team 01:39
      • 12 Incident Response Procedures 02:19
      • 13 Incident Response Procedures (contd.) 00:59
      • 14 Incident Response Procedures (contd.) 00:27
      • 15 Incident Response Procedures (contd.) 00:31
      • 16 Business Scenario 00:52
      • 17 Evidence 01:21
      • 18 Evidence Lifecycle 01:17
      • 19 Chain of Evidence 01:04
      • 20 Types of Evidence 03:47
      • 21 Computer Forensics Procedure 00:50
      • 22 Requirements for Investigation Types 01:15
      • 23 Logging and Monitoring Activities 00:40
      • 24 Intrusion Detection System 02:52
      • 25 Intrusion Prevention System 02:30
      • 26 Security Information and Event Management (SIEM) 01:12
      • 27 Security Information and Event Management (SIEM)—Characteristics 00:45
      • 28 Continuous Monitoring 00:53
      • 29 Egress Filtering 01:00
      • 30 Data Leak or Loss Prevention (DLP) 01:26
      • 31 Steganography and Digital Watermarking 00:58
      • 32 Business Scenario 00:44
      • 33 Secure Provisioning of Resources through Configuration Management 01:08
      • 34 Secure Provisioning of Resources through Configuration Management (contd.) 00:52
      • 35 Introduction to Security Operations 00:37
      • 36 Security Operations Concepts 00:44
      • 37 Security Operations 00:51
      • 38 Effects of Operations Controls on C.I.A. 00:29
      • 39 Business Scenario 01:03
      • 40 Operational Resilience 01:08
      • 41 Threats to Operations 02:12
      • 42 Threats to Operations (contd.) 02:36
      • 43 Vulnerabilities 03:30
      • 44 Controls 01:49
      • 45 Business Scenario 00:44
      • 46 Need for Controlling Privileged Accounts 01:18
      • 47 Identity and Access Management 01:30
      • 48 Types of Accounts 01:29
      • 49 Commonly Used Roles 01:01
      • 50 Commonly Used Roles (contd.) 01:53
      • 51 Monitoring Special Privileges 00:33
      • 52 Service Level Agreements (SLAs) 01:15
      • 53 Business Scenario 00:45
      • 54 Protect Valuable Assets 01:28
      • 55 Protecting Physical Assets 00:45
      • 56 Protecting Information Assets 01:07
      • 57 Protecting Resources 01:33
      • 58 Controls for Protecting Assets—Hardware Controls 01:51
      • 59 Controls for Protecting Assets—Software Controls 02:02
      • 60 Controls for Protecting Assets—Media Controls 02:00
      • 61 Controls for Protecting Assets—Administrative Controls 02:51
      • 62 Cloud and Virtual Storage 00:53
      • 63 Cloud and Virtual Storage Security Issues 00:53
      • 64 Types of Virtualized Storage 02:00
      • 65 Hard Copy Records 00:46
      • 66 Business Scenario 00:34
      • 67 Incident Management 01:46
      • 68 Security Measurements, Metrics, and Reporting 00:32
      • 69 Managing Security Technologies 00:42
      • 70 Incident Management—Detection Phase 00:27
      • 71 Intrusion Detection System 00:46
      • 72 Security Information Event Management (SIEM) 02:38
      • 73 Anti-Malware Systems 00:59
      • 74 Monitoring Techniques—Violation Analysis 01:12
      • 75 Incident Management—Other Phases 00:57
      • 76 Trusted Recovery and System Recovery 01:54
      • 77 Problem Management 01:29
      • 78 Operating and Maintaining Preventive Measures 01:02
      • 79 Patch Management 01:15
      • 80 Vulnerability Management 01:19
      • 81 Change Management 01:39
      • 82 Change Control Process 01:23
      • 83 Configuration Management 02:24
      • 84 Configuration Management (contd.) 00:26
      • 85 Business Scenario 00:37
      • 86 Develop a Recovery Strategy 01:18
      • 87 Types of Recovery—Business Recovery and Facility and Supply Recovery 00:44
      • 88 Types of Recovery—User Recovery 00:29
      • 89 Types of Recovery—Operational Recovery 00:56
      • 90 Recovery Partners Strategy 02:44
      • 91 Backup Sites 00:51
      • 92 Backup Sites (contd.) 03:06
      • 93 Backup Sites (contd.) 01:36
      • 94 Backup Methods 01:36
      • 95 Importance of Maintaining Resilient Systems 02:35
      • 96 Redundancy and Fault Tolerance 01:54
      • 97 Redundancy and Fault Tolerance Methods 01:13
      • 98 Redundancy and Fault Tolerance Methods (contd.) 04:21
      • 99 Best Practices for Backup and Recovery 00:55
      • 100 Business Scenario 00:43
      • 101 Disaster Recovery—Planning Design and Development 00:37
      • 102 Planning Design and Development—Step 1 and Step 2 01:38
      • 103 Planning Design and Development—Step 3 and Step 4 02:19
      • 104 Disaster Recovery Phases—Implementation, Testing, and Training 00:44
      • 105 Importance of Testing 00:19
      • 106 Types of Testing 01:04
      • 107 Types of Testing (contd.) 01:30
      • 108 Types of Testing (contd.) 01:54
      • 109 Training 02:57
      • 110 Disaster Recovery Phases—Maintenance 02:49
      • 111 Disaster Recovery Phases—Maintenance (contd.) 00:26
      • 112 Business Scenario 01:04
      • 113 Perimeter Security 01:32
      • 114 Barriers 00:37
      • 115 Fences 01:14
      • 116 Gates 01:40
      • 117 Walls and Bollards 01:13
      • 118 Perimeter Intrusion Detection 04:26
      • 119 Business Scenario 00:42
      • 120 Importance of Lighting 01:12
      • 121 Types of Lighting Systems 01:20
      • 122 Types of Lights 01:21
      • 123 Access Control 01:41
      • 124 Types of Access Control Systems 06:33
      • 125 Business Scenario 00:42
      • 126 Building and Inside Security 08:05
      • 127 Personnel Security 01:28
      • 128 Business Scenario 00:50
      • 129 Quiz
      • 130 Summary 01:00
      • 131 Conclusion 00:06
    • Domain 08 - Software Development Security 1:50:55
      • 1 Domain 08 - Software Development Security 00:15
      • 2 Objectives 00:25
      • 3 Importance of Software Development Security 00:51
      • 4 System Environments 01:09
      • 5 Distributed Environment 00:11
      • 6 Client/Server Systems and Local Environment 00:35
      • 7 Distributed Data Processing and Agents 00:45
      • 8 Applets 00:42
      • 9 Programming Concepts 01:22
      • 8.010 Complier Vs Interpreter 01:39
      • 11 Programming and Software 01:40
      • 12 Threats in the Software Environment 01:15
      • 13 Threats in the Software Environment (contd.) 02:11
      • 14 Threats in the Software Environment (contd.) 01:07
      • 15 Threats in the Software Environment (contd.) 01:03
      • 16 Threats in the Software Environment (contd.) 00:49
      • 17 Threats in the Software Environment (contd.) 00:46
      • 18 Business Scenario 01:12
      • 19 System Life Cycle and Systems Development 02:35
      • 20 Systems Development Life Cycle 02:31
      • 21 SDLC—Operation and Maintenance 00:42
      • 22 Integrated Product Team (IPT) 00:42
      • 23 DevOps 00:39
      • 24 Software Testing Methods 03:18
      • 25 Software Testing Levels 00:43
      • 26 Application Controls 00:35
      • 27 Software Development Methods 01:09
      • 28 Software Development Methods (contd.) 01:09
      • 29 Software Development Methods (contd.) 00:53
      • 30 Software Development Methods (contd.) 00:54
      • 31 Software Development Methods (contd.) 01:32
      • 32 Java Security 00:57
      • 33 Secure Software Development Best Practices 00:47
      • 34 Business Scenario 01:05
      • 35 Object - Oriented Programming Terms 01:01
      • 36 Object - Oriented Programming Terms (contd.) 00:34
      • 37 Object-Oriented Programming—Definition 01:23
      • 38 Distributed Object-Oriented Systems 01:47
      • 39 Object Request Brokers 00:49
      • 40 COM—Component Object Model 00:28
      • 41 DCOM—Distributed Component Object Model 00:38
      • 42 CORBA—Common Object Request Broker Architecture 00:58
      • 43 Software Security and Assurance 01:18
      • 44 Software Security and Assurance (contd.) 00:43
      • 45 Software Security and Assurance (contd.) 00:53
      • 46 Software Security and Assurance (contd.) 00:42
      • 47 Software Security and Assurance (contd.) 00:41
      • 48 Software Security and Assurance (contd.) 00:50
      • 49 Software Security and Assurance (contd.) 00:40
      • 50 Software Security and Assurance (contd.) 00:55
      • 51 Software Security and Assurance (contd.) 00:40
      • 52 Software Security and Assurance (contd.) 00:36
      • 53 Software Security and Assurance (contd.) 00:56
      • 54 Software Security and Assurance (contd.) 00:54
      • 55 Software Security and Assurance (contd.) 00:35
      • 56 Software Security : XML and Security Assertion Markup Language 01:23
      • 57 Software Security: SOA 02:15
      • 58 Audit and Assurance Mechanisms 02:24
      • 59 Assessing the Effectiveness of Software Security 00:51
      • 60 Assessing the Effectiveness of Software Security (contd.) 00:51
      • 61 Assessing the Security Impact of Acquired Software 01:15
      • 62 Code Repositories and Application Programming Interfaces 01:04
      • 63 Business Scenario 00:47
      • 64 Database and Data Warehousing Environments 01:25
      • 65 Database Terms 01:09
      • 66 Types of Databases 00:27
      • 67 Types of Databases (contd.) 00:27
      • 68 Types of Databases (contd.) 00:41
      • 69 Types of Databases (contd.) 00:29
      • 70 Types of Databases (contd.) 00:43
      • 71 Database—Threats and Vulnerabilities 04:40
      • 72 Introduction to Data Warehousing 01:04
      • 73 Data Warehousing Concepts 01:57
      • 74 Database Normalization 01:17
      • 75 DBMS Controls 04:26
      • 76 Business Scenario 00:39
      • 77 Malwares—Types 04:56
      • 78 Malware Protection 01:31
      • 79 Business Scenario 00:35
      • 80 Importance and Role of Knowledge Management 01:03
      • 81 Knowledge-Based System/Artificial Intelligence 00:33
      • 82 Knowledge-Based System—Expert System 01:22
      • 83 Knowledge-Based System—Neural Network 01:33
      • 84 Web Application Environment—Threats and Vulnerabilities 01:35
      • 85 Web Application Environment Security 01:03
      • 86 Web Application Environment Security (contd.) 01:14
      • 87 Web Application Environment Security (contd.) 00:34
      • 88 Web Application Environment Security (contd.) 00:45
      • 89 The Ten Best Practices for Secure Software Development—(ISC)2 06:28
      • 90 Quiz
      • 91 Summary 01:07
      • 92 Conclusion 00:13
  • Free Course
    • {{childObj.title}}
      • {{childObj.childSection.chapter_name}}
        • {{lesson.title}}
      • {{lesson.title}}

    View More

    View Less

Exam & certification FREE PRACTICE TEST

  • How do you become a CISSP certified professional?

    The CISSP exam is a computer-based test (CBT) administered at Pearson VUE Testing centers around the world. Please follow these steps to register for the exam:
    1. Go to www.pearsonvue.com/isc2 to register for a test appointment.
    2. Select the most convenient test center.
    3. Book an exam-slot and make the payment.
    You will receive confirmation from Pearson VUE with the appointment details, test center location, and other relevant instructions, if any.
    Please note that your registration information will be transferred to (ISC) ², and all communication about the testing process from (ISC) ² and Pearson VUE will be sent to you via email. Please refer to the exam outline for CISSP by (ISC) ² for more details:
    https://www.isc2.org/uploadedfiles/%28isc%292_public_content/exam_outlines/cissp-cib.pdf

    For US & Canada students: Exam Pass Guarantee*

    Simplilearn offers “Exam Pass Guarantee” to our students who complete our course training. The current offering has an ISC2 CISSP exam voucher included. We also offer a voucher (free of charge) to the students to retake the exam in case they fail ISC2 CISSP final exam.

    T&C for claiming the retake voucher as a part of exam pass guarantee
    • Attend at least one complete instructor-led class
    • Score over 85% in at least 3 of the 5 test papers provided along with the course
    • Must give final exam within 30 days from the date of course completion
    • Produce exam failure notice received from ISC2
     

  • What are the prerequisites for a CISSP certification?

    This training is intended for professionals who want to acquire the credibility and mobility to advance within their current Information Security careers. To claim the CISSP certificate from ISC2 it is mandatory that you have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP - CBK 2015.You will be awarded an ISC2 associate title incase you do not have the required 5 years expereince which will be replaced with the CISSP certificate post gaining and submitting the experience.

  • What do I need to do to unlock my Simplilearn certificate?

    Online Classroom:
    1. You need to attend one complete batch.
    2. Complete 1 simulation test with a minimum score of 60%.
    Online Self learning:
    1. Complete 85% of the course.
    2. Complete 1 simulation test with a minimum score of 60%.

Reviews

Simplilearn has been a great learning platform for me. I had enrolled for CISSP and my expectation was met, with the expertise the trainer had on the concepts. I look forward to doing more course with Simplilearn.

Read more Read less

Interactive sessions...Example scenarios are good...The overall flow was good…

The precise syllabus, quality of webEx app, the quality of trainers and the ease of use of Simplilearn website... Highly satisfied.

The concepts of the Instructor was mind-blowing...Lots of Industry examples...Very well organized...

One of the interesting and interactive sessions I have ever attended.

Really good training. It helped me to clear a lot of doubts which were present in my mind for a long time.

The course content is very good and satisfactory. The trainer is also good with his teaching abilities.

Training was up to the mark, solved my purpose of joining the course, a kick-starter to exam preparation and getting the basics right.

The training was nice and to the point. The trainer was nice and helpful. He cleared all our course-related doubts.

Scenario based examples with elaborate details when required. Very strategic and useful way of teaching.

It was a very good and informative training program conducted by Simplilearn.

Excellent training; the trainer is having in-depth knowledge in all domains. He was able to map his experience with real time examples while delivering sessions.

Read more Read less

The training was very helpful to understand CISSP topics.

Faculty is Excellent, Coordination/Assistance from the coordinator is highly appreciated.

The course content is really good. It really helped to get concept understanding. The faculty has taken all the topics very nicely and explained the points.

Read more Read less
View More View Less

FAQs

  • Who are the trainers for the live classroom training?

    All Our Trainers are CISSP certified and highly qualified with over 16 years of experience in training and are working in the domain.

  • What certification will I receive after completing the training?

    After successful completion of the training, you will be awarded the course completion certificate along with the 30 hours CPE certificate from Simplilearn.

  • What is Online Classroom training?

    Online Classroom training for CISSP is a live training conducted via online live streaming of a class. This is run by a CISSP certified trainer with over 16 years of work experience in the domain and training. The class attended by the global audience can enrich your learning experience.

  • Are these training classes live or will I watch pre-recorded videos?

    All these trainings are live interactive sessions wherein you can raise concerns and discussions at any point during the class. Additionally, we also provide recordings of the sessions attended by you for your future references.

  • What tools do I need to attend the training sessions?

    The system requirements are quite basic:
    OS: Windows any version above XP SP3 & Mac any version above OS X 10.6
    Internet Speed: Preferably above 512 KBPS
    Headset: Any decent headset and microphone which can be used to talk and hear clearly.

  • What all will I get as part of the training?

    You get access to our e-learning content along with the practice simulation tests, these are complemented by our tips and tricks videos that help you tackle the toughest of the exam questions. You will also get an online participant handbook with cross references to the e-learning for reinforcement of your learning.

  • Is exam fee included in the course fee?

    No. The exam fee is not included. You can directly schedule your exam through www.pearsonvue.com as in the steps mentioned above.

  • How many questions are there in the CISSP certification exam?

    The CISSP Exam has a total of 250 multiple choice questions. The duration of the exam is 6 hours.

  • What is the CISSP certfication cost?

    The CISSP exam cost is $599 for Non-members and $549 for members.

  • Do you provide assistance for the exam application process?

    Yes, we do provide assistance for the exam application process. You can state your queries on community.simplilearn.com and get them answered along with any other query or concern that you might have about the course.

  • How does Simplilearn assure me that the training and course material delivered are effective?

    Our CISSP course is developed to deliver a first attempt pass rate of 100%. With a hands-on learning approach, the training not only gives you the confidence to clear the exam but also helps you retain the knowledge beyond the examination.

  • Can I cancel my enrollment? Will I get a refund?

    Yes, you can cancel your enrollment. We provide you a refund after deducting the administration fee. To know more, please go through our Refund Policy.

  • I’d like to learn more about this training program. Who should I contact?

    Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives will be able to give you more details.

  • Certification Process

    Simplilearn has a well-defined certification process that helps you face the challenges of the IT world.  You need to meet following conditions to unlock the certificate –
    • You need to complete at least 85% of the course or attend one complete batch
    • If your course has simulation exams you will need to complete it with the minimum passing score.
    • You need to submit a project and get it approved by our panel of Subject Matter Experts.
    • In case your project is rejected, our subject matter experts would provide all necessary help to clear the project in your next attempt.

  • Who are our Faculties and how are they selected?

    All our trainers are working professionals and industry experts with at least 10-12 years of relevant teaching experience.

    Each of them have gone through a rigorous selection process which includes profile screening, technical evaluation, and training demo before they are certified to train for us.  

    We also ensure that only those trainers with a high alumni rating continue to train for us.

  • What is Global Teaching Assistance?

    Our teaching assistants are here to help you get certified in your first attempt.

    They are a dedicated team of subject matter experts to help you at every step and enrich your learning experience from class onboarding to project mentoring and job assistance.

    They engage with the students proactively to ensure the course path is followed.

    Teaching Assistance is available during business hours.

  • What is covered under the 24/7 Support promise?

    We offer 24/7 support through email, chat, and calls.  

    We also have a dedicated team that provides on demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.

View More View Less

Contact Us

1-800-102-9602

(Toll Free)

Find this training in other cities

Choose your Location

Let us know your convenient schedule

Name *
Email *
Phone Number
Date (MM/DD/YYYY)