CISSP introduction 2016 Udemy Course

CISSP Introduction
Certified Information System Security Professional
https://www.udemy.com/introduction-to-the-cissp-security-
certification/

CISSP Introduction 2
CISSP Training Course Introduction
 Introductions
 (ISC)2 CISSP and other Certifications
 Course Objectives & Exam
 New Exam Questions
 Study Tips & Resources

Adrian Mikeliunas, Instructor
 Certified Information System Security Professional (CISSP)
 Certified Information Systems Auditor (CISA)
 30+ Years IT Experience, 15+ in Information Security
 Certified Linux Professional (LPI)
 Open Source Evangelist!

(ISC)2 and the CISSP
 The International Information Systems Security Certification Consortium
or (ISC)2 at https://www.isc2.org/
 Founded in 1989, (ISC)² issues Security Certifications & vendor-neutral
education products in more than 160 countries
 CISSP and SSCP meet the stringent requirements of ANSI/ISO/IEC
Standard 17024, a global benchmark for assessing and certifying
personnel
 International, not-for-profit leader in educating and certifying cyber,
information, software and infrastructure security professionals

(ISC)2 Certification Programs
• Systems Security Certified Practitioner (SSCP)
• Certified Information Systems Security Professional (CISSP)
− Information Systems Security Architecture Professional (ISSAP)
− Information Systems Security Engineering Professional (ISSEP)
− Information Systems Security Management Professional (ISSMP)
• Certified Authorization Professional (CAP)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Cyber Forensics Professional (CCFP)
• HealthCare Information Security & Privacy Practitioner HCISPP
• Certified Cloud Security Professional (CCSP)
…

Why Become a CISSP?
 Demonstrates a working knowledge of information security
 Confirms commitment to profession
 Offers a career differentiator, with enhanced credibility and
marketability
• Extra Compensation $$$
 Provides access to valuable resources, such as peer networking
and idea exchange

Why Become a CISSP
 “The CISSP has emerged as one of the most prominent vendor-neutral
certifications.”
 “The CISSP provides a holistic approach to security, viewing it as a process,
not a product.”
 “At a basic minimum, an organization should have a CISSP on staff.”
 ISO/IEC Standard 17024 accredited
• DoD Directive 8570 Requirement
• http://iase.disa.mil/iawip/Pages/iabaseline.aspx

Course Objectives
 At the end of this course students will:
• Be Familiar with the (ISC)2 Common Body of Knowledge (CBK)
including common terms, principles, lists, categories,
mechanisms, etc.
• Be familiar with the CISSP exam process
• Be able to develop a study plan for taking and passing the exam.

Course Objectives
 THIS COURSE IS NOT:
• Security Engineering 101
− Not a basic course
− Knowledge is assumed
• Advanced Security Course
− Coverage of material is broad and not-in-depth
• Everything you need to pass the CISSP
− This course is a part of the strategy to pass the exam
− Home Study, Understanding Key Concepts,
and Memorization is required.

8 Domains, 8 Separate Courses!
 Security and Risk Management
 Asset Security
 Security Engineering
 Communication and Network Security
 Identity and Access Management
 Security Assessment and Testing
 Security Operations
 Software Development Security
~1 domain per week…

Exam Preparation Plan
 Take the Pre-Course Assessment Exam in 60 minutes
 Plan on a minimum of 8 weeks to prepare for the Exam, more
depending on your level of proficiency
 Each week:
• 2 chapters (or about 1 domain)
 Practice Exam Questions
• www.cccure.org questions

CISSP Requirements
 https://www.isc2.org/cissp-how-to-certify.aspx
 Required Experience
• 5 Year of full time paid work experience in 2 or more of the 8 CBK
domains
− Or 4 years experience plus a college degree
 Pass the Exam
• Pass the CISSP exam with a scaled score of 700 points or greater
• Create an Account and Schedule your Exam
− http://www.vue.com/isc2/

Associate of (ISC)2
 Can pass the CISSP examination, but lack
the years of practical work experience
• Must also subscribe to the (ISC)² Code of
Ethics and maintain their status in good
standing with (ISC)²
• After successfully passing the exam and
achieving the professional experience
requirements, Associate of (ISC)² status
can be converted to CISSP

CISSP Exam
 Computer Based, Taken at Pearson’s Centers
BRING 2 Forms of ID!!!
• Pay $599
• 250 Total Questions, 225 are scored
• 25 are research questions
• Drawn from a pool of 10,000 questions
• Questions from all 10 domains of the CBK
• Multiple Choice, 4 choices
• Pass/Fail, 700 Points or greater
• 6 Hours
• Closed Book
• Results are sent via email within 2-6 weeks

After Passing the Exam
• Subscribe to the ISC2 Code of Ethics
• Submit a properly completed and executed Endorsement Form
− Signed by an active CISSP who has review your qualifications
− Must be submitted within 9 months of passing the exam
• Successfully pass an audit of their assertions regarding professional
experience, if the candidate is selected for audit
• Maintain your CISSP Certification

Continuing Professional Education (CPE)
 120 CPE credits every 3 years or retesting is required to maintain the
CISSP
• Attending educational courses or seminars
• Attending security conferences
• Member of an association / attending meetings
• Listening to vendor presentations
• Completing university/college courses
• Providing security training
• Publishing security articles or books
• Serving on industry boards
• Self-study
• volunteer work, (ISC)² volunteer committees
 20 CPEs must be posted during each calendar year!
 Yearly Fee of $85

2015 CBK: What’s New: Topics
 3rd Party Risk Management
 BYOD Risks (Bring Your Own Devices)
 IoT (Internet of Things)
 Software Defined Networks
 Cloud Identity Services (OAuth 2.0)
About 4% change…

New Test Question Formats
 Majority: Multiple Choice, 4 candidate answers, you select one
correct one, occasionally more than one correct answer!
 New Questions:
• Scenario
• Drag and Drop
• Hot Box

Scenario Questions
 Description:
• Situational: 1-2 paragraphs describing an environment, results of
an audit, etc.
• 3-5 questions on the scenario
 Tactics:
• Read the question first [to understand!]
• Consider “operational” issues (tradeoffs)

Drag and Drop
Which algorithms below are examples of
symmetric cryptography?
Advanced Encryption
Standard
Rivest Shamir
Adlemann
Diffie Hellman
El Gamal
Data Encryption
Standard

Hot Spot
The diagram below is a design of a Public Key
Infrastructure to secure internet transactions. Within
the design is a Certificate Authority, a Registration
Authority, and a Validation Authority.
Click on the location of the registration authority.

Resources
 ISC2: www.isc2.org
 Online Resources & Practice Exams www.cccure.org
 NIST Computer Security Resource Center http://csrc.nist.gov
 http://learncissp.com/resources/
 Shon Harris audio libraries & practice tests for EACH [old 10] Domains:
http://www.mhprofessional.com/sites/CISSPExams/

Books
 Sybex CISSP 2015
http://www.amazon.com/Certified-Information-
Security-Professional-Official/
 ISC2 Official CISSP
http://www.amazon.com/Official-Guide-CISSP-
Fourth-Press

Questions?
FREE Intro to CISSP course at
https://www.udemy.com/introduction-to-the-cissp-security-
certification/

CISSP introduction 2016 Udemy Course

Recommended

More Related Content

What's hot (20)

Viewers also liked (13)

Similar to CISSP introduction 2016 Udemy Course (20)

More from Adrian Mikeliunas (18)

Recently uploaded (20)

CISSP introduction 2016 Udemy Course