Questions about this class?
Get help now from a knowledge expert!

Certified Information Systems Security Professional

at Certstaffix Training - Largo

Course Details
$3,100 4 seats left
Start Date:

Mon, May 17, 10:00am - May 21, 5:00pm Eastern Time (5 sessions)

1300 Caraway Ct Ste 200
Btwn McCormick & Arena Drives
Largo, Maryland 20774
Purchase Options
Class Level: All levels
Age Requirements: 18 and older
Average Class Size: 3

Flexible Reschedule Policy: This provider has flexible, free rescheduling for any-in person workshop. Please see the cancellation policy for more details

What you'll learn in this csp training:

Security professionals consider the Certified Information Systems Security Professional (CISSP) to be the most desired certification to achieve. More than 200,000 have taken the exam, and there are more than 70,000 CISSPs worldwide. This course is updated for the latest 2015 CISSP Body of Knowledge. This course covers 100% of all exam objectives. You'll prepare for the exam smarter and faster thanks to expert content, real-world examples, advice on passing each section of the exam, access to an online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

Coverage of all of the exam topics in the course means you'll be ready for:
  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communication and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
Certification exams are administered by third party testing companies such as Pearson Vue or Prometric. Our courses prepare you for the certification exam, which is an additional fee paid to the testing provider.. You must contact Prometric, Pearson Vue or the corresponding testing provider to take a certification exam.

Course Lessons:

Chapter 1 Security Governance Through Principles and Policies
  • Understand and Apply Concepts of Confidentiality, Integrity, and Availability 
  • Confidentiality 
  • Integrity 
  • Availability 
  • Other Security Concepts 
  • Protection Mechanisms 
  • Layering 
  • Abstraction 
  • Data Hiding 
  • Encryption 
  • Apply Security Governance Principles
  • Alignment of Security Function to Strategy, Goals, Mission, and Objectives 
  • Organizational Processes
  • Security Roles and Responsibilities 
  • Control Frameworks 
  • Due Care and Due Diligence 
  • Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines 
  • Security Policies 
  • Security Standards, Baselines, and Guidelines
  • Security Procedures
  • Understand and Apply Threat Modeling 
  • Identifying Threats 
  • Determining and Diagramming Potential Attacks 
  • Performing Reduction Analysis 
  • Prioritization and Response
  • Integrate Security Risk Considerations into Acquisition Strategy and Practice 
Chapter 2 Personnel Security and Risk Management Concepts
  • Contribute to Personnel Security Policies
  • Employment Candidate Screening 
  • Employment Agreements and Policies 
  • Employment Termination Processes 
  • Vendor, Consultant, and Contractor Controls 
  • Compliance 
  • Privacy 
  • Security Governance 
  • Understand and Apply Risk Management Concepts 
  • Risk Terminology 
  • Identify Threats and Vulnerabilities 
  • Risk Assessment/Analysis 
  • Risk Assignment/Acceptance
  • Implementation 
  • Types of Controls 
  • Monitoring and Measurement
  • Asset Valuation
  • Continuous Improvement 
  • Risk Frameworks 
  • Establish and Manage Information Security Education, Training, and Awareness 
  • Manage the Security Function 
Chapter 3 Business Continuity Planning
  • Planning for Business Continuity 
  • Project Scope and Planning 
  • Business Organization Analysis 
  • BCP Team Selection
  • Resource Requirements 
  • Legal and Regulatory Requirements 
  • Business Impact Assessment 
  • Identify Priorities 
  • Risk Identification
  • Likelihood Assessment 
  • Impact Assessment 
  • Resource Prioritization 
  • Continuity Planning 
  • Strategy Development
  • Provisions and Processes
  • Plan Approval 
  • Plan Implementation
  • Training and Education 
  • BCP Documentation 
  • Continuity Planning Goals 
  • Statement of Importance 
  • Statement of Priorities 
  • Statement of Organizational Responsibility 
  • Statement of Urgency and Timing 
  • Risk Assessment 
  • Risk Acceptance/Mitigation 
  • Vital Records Program
  • Emergency-Response Guidelines 
  • Maintenance 
  • Testing and Exercises 
Chapter 4 Laws, Regulations, and Compliance
  • Categories of Laws
  • Criminal Law 
  • Civil Law 
  • Administrative Law 
  • Laws 
  • Computer Crime
  • Intellectual Property 
  • Licensing 
  • Import/Export 
  • Privacy 
  • Compliance 
  • Contracting and Procurement 
  • Summary 
  • Exam Essentials
  • Written Lab 
  • Review Questions 
  • Chapter 5 Protecting Security of Assets 
  • Classifying and Labeling Assets 
  • Defining Sensitive Data 
  • Defining Classifications
  • Defining Data Security Requirements 
  • Understanding Data States 
  • Managing Sensitive Data
  • Protecting Confidentiality with Cryptography 
  • Identifying Data Roles 
  • Data Owners 
  • System Owners
  • Business/Mission Owners 
  • Data Processors
  • Administrators 
  • Custodians 
  • Users 
  • Protecting Privacy 
  • Using Security Baselines 
  • Scoping and Tailoring 
  • Selecting Standards 
Chapter 6 Cryptography and Symmetric Key Algorithms
  • Historical Milestones in Cryptography 
  • Caesar Cipher
  • American Civil War 
  • Ultra vs. Enigma
  • Cryptographic Basics 
  • Goals of Cryptography 
  • Cryptography Concepts
  • Cryptographic Mathematics 
  • Ciphers 
  • Modern Cryptography 
  • Cryptographic Keys 
  • Symmetric Key Algorithms
  • Asymmetric Key Algorithms 
  • Hashing Algorithms 
  • Symmetric Cryptography
  • Data Encryption Standard 
  • Triple DES
  • International Data Encryption Algorithm 
  • Blowfish 
  • Skipjack
  • Advanced Encryption Standard 
  • Symmetric Key Management 
  • Cryptographic Life Cycle 
Chapter 7 PKI and Cryptographic Applications
  • Asymmetric Cryptography 
  • Public and Private Keys
  • RSA 
  • El Gamal 
  • Elliptic Curve 
  • Hash Functions 
  • SHA 
  • MD2 
  • MD4 
  • MD5 
  • Digital Signatures 
  • HMAC 
  • Digital Signature Standard 
  • Public Key Infrastructure 
  • Certificates 
  • Certificate Authorities 
  • Certificate Generation and Destruction 
  • Asymmetric Key Management 
  • Applied Cryptography 
  • Portable Devices 
  • Email 
  • Web Applications 
  • Digital Rights Management
  • Networking
  • Cryptographic Attacks 
Chapter 8 Principles of Security Models, Design, and Capabilities
  • Implement and Manage Engineering Processes Using Secure Design Principles
  • Objects and Subjects 
  • Closed and Open Systems 
  • Techniques for Ensuring Confidentiality, Integrity, and Availability
  • Controls 
  • Trust and Assurance 
  • Understand the Fundamental Concepts of Security Models 
  • Trusted Computing Base 
  • State Machine Model 
  • Information Flow Model 
  • Noninterference Model 
  • Take-Grant Model 
  • Access Control Matrix 
  • Bell-LaPadula Model 
  • Biba Model 
  • Clark-Wilson Model 
  • Brewer and Nash Model (aka Chinese Wall) 
  • Goguen-Meseguer Model 
  • Sutherland Model 
  • Graham-Denning Model 
  • Select Controls and Countermeasures Based on Systems Security Evaluation Models 
  • Rainbow Series 
  • ITSEC Classes and Required Assurance and Functionality 
  • Common Criteria 
  • Industry and International Security Implementation Guidelines 
  • Certification and Accreditation 
  • Understand Security Capabilities of Information Systems 
  • Memory Protection
  • Virtualization 
  • Trusted Platform Module
  • Interfaces 
  • Fault Tolerance
Chapter 9 Security Vulnerabilities, Threats, and Countermeasures
  • Assess and Mitigate Security Vulnerabilities 
  • Hardware 
  • Input/Output Structures 
  • Firmware
  • Client-Based
  • Applets
  • Local Caches 
  • Server Based 
  • Database Security
  • Aggregation 
  • Inference 
  • Data Mining and Data Warehousing 
  • Data Analytics 
  • Large-Scale Parallel Data Systems 
  • Distributed Systems 
  • Cloud Computing 
  • Grid Computing 
  • Peer to Peer 
  • Industrial Control Systems 
  • Assess and Mitigate Vulnerabilities in Web-Based Systems 
  • Assess and Mitigate Vulnerabilities in Mobile Systems 
  • Device Security
  • Application Security 
  • BYOD Concerns 
  • Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems 
  • Examples of Embedded and Static Systems 
  • Methods of Securing 
  • Essential Security Protection Mechanisms 
  • Technical Mechanisms
  • Security Policy and Computer Architecture 
  • Policy Mechanisms 
  • Common Architecture Flaws and Security Issues 
  • Covert Channels 
  • Attacks Based on Design or Coding Flaws and Security Issues 
  • Programming 
  • Timing, State Changes, and Communication Disconnects 
  • Technology and Process Integration 
  • Electromagnetic Radiation
Chapter 10 Physical Security Requirements
  • Apply Secure Principles to Site and Facility Design 
  • Secure Facility Plan 
  • Site Selection
  • Visibility
  • Natural Disasters
  • Facility Design
  • Design and Implement Physical Security 
  • Equipment Failure 
  • Wiring Closets 
  • Server Rooms 
  • Media Storage Facilities
  • Evidence Storage
  • Restricted and Work Area Security (e.g., Operations Centers) 
  • Datacenter Security
  • Utilities and HVAC Considerations
  • Water Issues (e.g., Leakage, Flooding) 
  • Fire Prevention, Detection, and Suppression 
  • Implement and Manage Physical Security 
  • Perimeter (e.g., Access Control and Monitoring) 
  • Internal Security (e.g., Escort Requirements/Visitor Control, Keys, and Locks)
Chapter 11 Secure Network Architecture and Securing Network Components
  • OSI Model
  • History of the OSI Model 
  • OSI Functionality 
  • Encapsulation/Deencapsulation 
  • OSI Layers 
  • TCP/IP Model 
  • TCP/IP Protocol Suite Overview 
  • Converged Protocols 
  • Content Distribution Networks 
  • Wireless Networks 
  • Securing Wireless Access Points 
  • Securing the SSID
  • Conducting a Site Survey 
  • Using Secure Encryption Protocols 
  • Determining Antenna Placement 
  • Antenna Types 
  • Adjusting Power Level Controls 
  • Using Captive Portals 
  • General Wi-Fi Security Procedure 
  • Secure Network Components 
  • Network Access Control 
  • Firewalls
  • Endpoint Security 
  • Other Network Devices 
  • Cabling, Wireless, Topology, and Communications Technology 
  • Network Cabling 
  • Network Topologies 
  • Wireless Communications and Security
  • LAN Technologies
Chapter 12 Secure Communications and Network Attacks
  • Network and Protocol Security Mechanisms 
  • Secure Communications Protocols
  • Authentication Protocols 
  • Secure Voice Communications 
  • Voice over Internet Protocol (VoIP) 
  • Social Engineering
  • Fraud and Abuse 
  • Multimedia Collaboration
  • Remote Meeting
  • Instant Messaging 
  • Manage Email Security 
  • Email Security Goals 
  • Understand Email Security Issues 
  • Email Security Solutions
  • Remote Access Security Management 
  • Plan Remote Access Security 
  • Dial-Up Protocols 
  • Centralized Remote Authentication Services 
  • Virtual Private Network 
  • Tunneling 
  • How VPNs Work 
  • Common VPN Protocols
  • Virtual LAN
  • Virtualization
  • Virtual Software 
  • Virtual Networking 
  • Network Address Translation 
  • Private IP Addresses 
  • Stateful NAT
  • Static and Dynamic NAT
  • Automatic Private IP Addressing
  • Switching Technologies 
  • Circuit Switching 
  • Packet Switching 
  • Virtual Circuits 
  • WAN Technologies 
  • WAN Connection Technologies 
  • Dial-Up Encapsulation Protocols 
  • Miscellaneous Security Control Characteristics 
  • Transparency 
  • Verify Integrity
  • Transmission Mechanisms 
  • Security Boundaries 
  • Prevent or Mitigate Network Attacks 
  • DoS and DDoS 
  • Eavesdropping 
  • Impersonation/Masquerading 
  • Replay Attacks 
  • Modification Attacks 
  • Address Resolution Protocol Spoofing
  • DNS Poisoning, Spoofing, and Hijacking
  • Hyperlink Spoofing 
Chapter 13 Managing Identity and Authentication
  • Controlling Access to Assets 
  • Comparing Subjects and Objects 
  • Types of Access Control
  • The CIA Triad 
  • Comparing Identification and Authentication 
  • Registration and Proofing of Identity 
  • Authorization and Accountability 
  • Authentication Factors
  • Passwords 
  • Smartcards and Tokens 
  • Biometrics 
  • Multifactor Authentication 
  • Device Authentication 
  • Implementing Identity Management 
  • Single Sign-On
  • Credential Management Systems 
  • Integrating Identity Services 
  • Managing Sessions 
  • AAA Protocols 
  • Managing the Identity and Access Provisioning Life Cycle 
  • Provisioning
  • Account Review
  • Account Revocation 
Chapter 14 Controlling and Monitoring Access
  • Comparing Access Control Models 
  • Comparing Permissions, Rights, and Privileges 
  • Understanding Authorization Mechanisms 
  • Defining Requirements with a Security Policy 
  • Implementing Defense in Depth 
  • Discretionary Access Controls 
  • Nondiscretionary Access Controls 
  • Understanding Access Control Attacks
  • Risk Elements 
  • Identifying Assets 
  • Identifying Threats 
  • Identifying Vulnerabilities 
  • Common Access Control Attacks 
  • Summary of Protection Methods 
Chapter 15 Security Assessment and Testing
  • Building a Security Assessment and Testing Program 
  • Security Testing 
  • Security Assessments 
  • Security Audits 
  • Performing Vulnerability Assessments 
  • Vulnerability Scans
  • Penetration Testing 
  • Testing Your Software 
  • Code Review and Testing 
  • Interface Testing 
  • Misuse Case Testing 
  • Test Coverage Analysis 
  • Implementing Security Management Processes 
  • Log Reviews 
  • Account Management 
  • Backup Verification 
  • Key Performance and Risk Indicators
Chapter 16 Managing Security Operations
  • Applying Security Operations Concepts 
  • Need to Know and Least Privilege 
  • Separation of Duties and Responsibilities 
  • Job Rotation 
  • Mandatory Vacations 
  • Monitor Special Privileges 
  • Managing the Information Life Cycle 
  • Service Level Agreements 
  • Addressing Personnel Safety 
  • Provisioning and Managing Resources 
  • Managing Hardware and Software Assets 
  • Protecting Physical Assets 
  • Managing Virtual Assets 
  • Managing Cloud-based Assets 
  • Media Management
  • Managing Configuration 
  • Baselining 
  • Using Images for Baselining
  • Managing Change 
  • Security Impact Analysis 
  • Versioning 
  • Configuration Documentation 
  • Managing Patches and Reducing Vulnerabilities 
  • Patch Management 
  • Vulnerability Management
  • Common Vulnerabilities and Exposures
Chapter 17 Preventing and Responding to Incidents
  • Managing Incident Response 
  • Defining an Incident
  • Incident Response Steps
  • Implementing Preventive Measures
  • Basic Preventive Measures 
  • Understanding Attacks 
  • Intrusion Detection and Prevention Systems
  • Specific Preventive Measures 
  • Logging, Monitoring, and Auditing 
  • Logging and Monitoring 
  • Egress Monitoring 
  • Auditing to Assess Effectiveness
  • Security Audits and Reviews
  • Reporting Audit Results
Chapter 18 Disaster Recovery Planning
  • The Nature of Disaster 
  • Natural Disasters 
  • Man-made Disasters 
  • Understand System Resilience and Fault Tolerance 
  • Protecting Hard Drives 
  • Protecting Servers 
  • Protecting Power Sources 
  • Trusted Recovery 
  • Quality of Service 
  • Recovery Strategy 
  • Business Unit and Functional Priorities 
  • Crisis Management 
  • Emergency Communications 
  • Workgroup Recovery
  • Alternate Processing Sites 
  • Mutual Assistance Agreements 
  • Database Recovery 
  • Recovery Plan Development 
  • Emergency Response 
  • Personnel and Communications 
  • Assessment 
  • Backups and Offsite Storage
  • Software Escrow Arrangements
  • External Communications 
  • Utilities 
  • Logistics and Supplies 
  • Recovery vs. Restoration
  • Training, Awareness, and Documentation 
  • Testing and Maintenance
  • Read-Through Test 
  • Structured Walk-Through 
  • Simulation Test 
  • Parallel Test 
  • Full-Interruption Test 
  • Maintenance 
Chapter 19 Incidents and Ethics
  • Investigations 
  • Investigation Types 
  • Evidence 
  • Investigation Process 
  • Major Categories of Computer Crime 
  • Military and Intelligence Attacks 
  • Business Attacks 
  • Financial Attacks
  • Terrorist Attacks
  • Grudge Attacks
  • Thrill Attacks 
  • Incident Handling 
  • Common Types of Incidents 
  • Response Teams 
  • Incident Response Process 
  • Interviewing Individuals 
  • Incident Data Integrity and Retention
  • Reporting and Documenting Incidents
  • Ethics
  • (ISC)2 Code of Ethics 
  • Ethics and the Internet
Chapter 20 Software Development Security
  • Introducing Systems Development Controls
  • Software Development 
  • Systems Development Life Cycle 
  • Life Cycle Models
  • Gantt Charts and PERT 
  • Change and Configuration Management
  • The DevOps Approach
  • Application Programming Interfaces 
  • Software Testing 
  • Code Repositories 
  • Service-Level Agreements 
  • Software Acquisition 
  • Establishing Databases and Data Warehousing 
  • Database Management System Architecture 
  • Database Transactions 
  • Security for Multilevel Databases 
  • ODBC 
  • Storing Data and Information
  • Types of Storage 
  • Storage Threats 
  • Understanding Knowledge-based Systems 
  • Expert Systems 
  • Neural Networks 
  • Decision Support Systems 
  • Security Applications 
Chapter 21 Malicious Code and Application Attacks
  • Malicious Code
  • Sources of Malicious Code 
  • Viruses 
  • Logic Bombs 
  • Trojan Horses 
  • Worms 
  • Spyware and Adware 
  • Countermeasures 
  • Password Attacks 
  • Password Guessing 
  • Dictionary Attacks
  • Social Engineering
  • Countermeasures
  • Application Attacks 
  • Buffer Overflows
  • Time of Check to Time of Use 
  • Back Doors 
  • Escalation of Privilege and Rootkits 
  • Web Application Security
  • Cross-Site Scripting (XSS)
  • SQL Injection 
  • Reconnaissance Attacks 
  • IP Probes
  • Port Scans 
  • Vulnerability Scans 
  • Dumpster Diving 
  • Masquerading Attacks 
  • IP Spoofing 
  • Session Hijacking
Headsets for free, Guaranteed to Run, Re-Takes for free (Up to 6 months), Interactive Classroom environment.

Registration Note: We can only accept students into our classes whose tuition is being paid by an employer or sponsoring organization. Self-paying individuals cannot enroll.

School Notes:

Courseware (if a course has a Courseware) will be shipped to the address provided two weeks before the class starts. Make sure that the additional info field is properly and correctly filled out to avoid Courseware being lost in transit. Please also note that P.O. Box addresses are not allowed.

Certstaffix Training offers instructor-led live training classes that can be taken from your home or work. We also have real physical locations where students can go and connect to class in a quiet office with a computer that we provide. Our instructors teach from a remote location while being able to interact with students as in a traditional classroom setting.

Instructors can view student progress and take control of their PC to provide direct assistance. Students can see the instructor's presentation as well as voice questions directly to the instructor and participate in class discussions.

Still have questions? Ask the community.

Refund Policy

Note: This provider has a temporary cancellation policy for COVID-19 related cancellations which is as follows: 

All of our classes are offered live online and any student with a computer and an internet connection can take class from their home or anywhere else they feel comfortable. For customers who are concerned about COVID-19 with regard to attending classes from one of our computer labs, please know that you can switch to attend from home up to the day before class. We just ask that you notify us so we can send them class connection information and inform the center staff that they won’t be coming in for class. 

With regard to our computer labs, each one holds a maximum of only two students per room so no student will need to be in close proximity to any large group of people. We’ve also asked the centers that host our computer labs to disinfect all keyboards/mice/surfaces, etc. after each use and requested that they provide hand sanitizer to our students. That being said, we definitely understand if a student would feel more comfortable taking class from their home.  

We purchase and ship books to students two weeks before their class date and we are charged for any computer lab booking if not cancelled within a week of the booking date, so we would not be able to fully refund a student who wants to cancel less than two weeks before class without incurring a financial loss to us that we would not be able to recover. With the attend from home option, students do hava a choice to stay home and still get their training. Students can also choose to postpone their training to a later date if they wish. 


Original cancellation policy (non-COVID-19):

You can cancel or reschedule your registration without penalty or charge provided you give notice of 10 business days (M-F) or more days before the start of my class.

If you request to cancel or reschedule your registration 10 Business Days (M-F) or less days before the class start you will be charged 100% the course fee and will not be entitled to a refund. You have one (1) opportunity to use our Make-Up policy to have those funds applied to a later class date.

You cannot change your class location ten (10) Business days (M-F) or less before the class start because Certified Staffing Solutions has shipped training materials and provisioned resources. Location changes requested prior to that timeframe are subject to availability and may incur an additional charge.

Should Certified Staffing Solutions need to cancel your class due to insufficient enrollment, or postpone it due to events beyond their control, Certified Staffing Solutions will notify you as soon as possible. In such cases, you may reschedule to a future class date at no additional charge or receive a refund for any money on account relating to that registration.

Travel arrangements and costs are the sole responsibility of the student. Certified Staffing Solutions suggests obtaining refundable reservations. Certified Staffing Solutions classes are confirmed approximately 14 days before the start of the class. We cannot guarantee class commitments before that window of time. Certified Staffing Solutions will not be responsible for any cancellation costs incurred, including but not limited to, airline/mass transit tickets, hotel reservations and so on.


Google Map

Certstaffix Training

All classes at this location

Start Dates (1)
Start Date Time Teacher # Sessions Price
10:00am - 5:00pm Eastern Time Remote Instructor 5 $3,100
This course consists of multiple sessions, view schedule for sessions.
Tue, May 18 10:00am - 5:00pm Eastern Time Remote Instructor
Wed, May 19 10:00am - 5:00pm Eastern Time Remote Instructor
Thu, May 20 10:00am - 5:00pm Eastern Time Remote Instructor
Fri, May 21 10:00am - 5:00pm Eastern Time Remote Instructor

Benefits of Booking Through CourseHorse

Booking is safe. When you book with us your details are protected by a secure connection.
Lowest price guaranteed. Classes on CourseHorse are never marked up.
This class will earn you 31000 points. Points give you money off your next class!
Questions about this class?
Get help now from a knowledge expert!
Questions & Answers (0)

Get quick answers from CourseHorse and past students.

Reviews of Classes at Certstaffix Training (31)

School: Certstaffix Training

Certstaffix Training

Certified Staffing Solutions specializes in providing computer training and instructors nationwide. Our instructors are professional trainers and utilize hands-on exercises to reinforce lecture. Each averages more than 5 years delivering classes to business professionals.

Our Advantages

  • Our Instructors:...

Read more about Certstaffix Training

CourseHorse Approved

This school has been carefully vetted by CourseHorse and is a verified DC educator.

Ready to take this class?
Booking this class for a group? Find great private group events here