CERTIFIED INFORMATION SYSTEM SECURITY PROFESSIONAL

Explore Training Details Below

Jadwal Training Selanjutnya

Date Topic Training" Investment  

Silabus

Descriptions

The CISSP certification exam is one of the most sought-after certifications by security professionals worldwide. The status gained by having the certification and demonstrating the base knowledge in the Ten Domains of Enterprise Security can be a career changing accomplishment.

The Found stone CISSP rep Course is designed for the security professional that is preparing to take the Certified Information System Professional exam provided by (ISC)2™. Developed to help those studying for the test gain an understanding of it, this course is designed to identify areas of the exam in which they are weak, and work with instructors and peers to gain the knowledge to successfully pass the exam.

 

Objectives

Upon the completion of the course the participants will have the following mastership and knowledge competency such as:

  • Know what level of understanding is required to pass the CISSP exam
  • Upon completion of this course, students will be better prepared to take the CISSP exam, and will have a balanced exposure to key security principals and practices

 

Target Audience

Individuals involving in the information system security  activities and has strong inclination to certify their  professional competence based on ISC 2  standard.

 

Duration                    :           3 Days

 

Course Contents and Descriptions

Day1

  • Introduction

Introducingthe CISSP certification program covering: CISSP

competitive values, Common Body of Knowledge (CBK) and assessment test to gauge  participants security knowledge, while interrelated domains are exposed to give thorough insight of the integral knowledge and full fields  in IT security.

 

Access Control Systems and Methodology

This domain examines mechanisms and methods used to enable administrators and managers to control what subjects can access, the extent of their capabilities after authorization and authentication, auditing and monitoring of these activities. Some of the topics covered include:

- Access Control Security Models 

- Identification and authentication technologies and   techniques

- Access control administration

- Data ownerships

- Attack methods

 

Day 2

Telecommunications and Network Security

This domain examines internal, external, public, and private communication systems; networking structures;

devices; protocols; and remote access and administration. Some of the topics covered include:

- OSI model layers 

- Local Area Network (LAN), metropolitan Area Network (MAN), and Wide Area Network (WAN) technologies

- Internet, intranet, and extranet issues

- Virtual private networks (VPNs), firewalls, routers, bridges, and repeaters

- Network topologies and cabling

- Attack methods

 

Security Management Practices

 This domain examines the identification of company assets, the proper way to determine the necessary level of protection required, and what type of budget to  develop for security implementations with the goal of reducing threats and monetary loss. Some of the topics covered  include:

- Data classification

- Policies, procedures, standards, and guidelines

- Risk assessment and management

- Personnel security, training, and awareness

 

Applications and Systems Development Security

This domain examines the security components within operating systems and applications and how to best develop and measure  their effectiveness.  This domain looks  at software life cycles, change control,   and application security. Some of the other topics covered  include:

- Data warehousing and data mining

- Various development practices and their risks

- System storage and processing components

- Malicious code

 

Day 3

Cryptography

This domain examines methods and techniques for disguising data for protection purposes. This  involves

cryptography techniques, approaches, and technologies. Some of the topics covered include:

 

- Symmetric versus asymmetric algorithms and uses

- Public key infrastructure (PKI) and hashing functions

- Encryption protocols and implementation

- Attack methods 

 

Security Architecture and Models

This domain  examines concepts, principles, and standards  for designing and implementing secure applications, operating systems, and systems. This covers international security measurement standards and their meaning for different types of platforms.   

 Some of the topics covered include: 

- Operating states, kernel functions, and memory mapping

- Security models, architectures, and evaluations

- Evaluation criteria: Trusted Computer Security Evaluation  Criteria

- (TCSEC), Information Technology Security Evaluation Criteria

- (ITSEC), and Common Criteria

- Common flaws in applications and systems

- Certification and accreditation

 

Operations Security

This domain examines controls over personnel, hardware, systems, and auditing and monitoring techniques. This also covers possible abuse channels and how to recognize and address them. Some of the topics covered include:

- Administrative responsibilities pertaining to personnel and job functions

- Maintenance concepts of antivirus, training, auditing, and resource protection activities

- Preventive, detective, corrective, and recovery controls 

- Standards, compliance, and due care concepts

- Security and fault tolerance technologies 

 

Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)

This domain examines the preservation of business activities when faced with disruptions or disasters. This involves the identification of real  risks, proper risk assessment, and countermeasure implementation. Some of the topics covered include:

- Business resource identification and value assignment

- Business impact analysis and prediction of possible losses

- Unit priorities and crisis management

- Plan development, implementation, and maintenance

- Evidence types and admissibility into court

- Incident handling

 

Day 4

Laws, Investigation, and Ethics

This domain examines computer crimes, laws, and regulations. This includes techniques in investigating          a crime, gathering  Evidence, and handling procedures. It also covers how to develop and implement an incident-handling

program. Some of the topics covered include:

- Types of laws, regulations, and crimes

- Licensing and software piracy

- Export and import laws and issues

  Evidence types and admissibility into court

- Incident handling

  • Test and Excercices

 

Day 5

Physical Security

This domain examines threats, risks, and countermeasure to protect facilities, hardware, data, media, and

personnel. This involves facility  selection, authorized entry methods, and environmental and safety procedures. Some of

the topics covered include: 

- Restricted areas, authorization methods, and controls

- Motion detectors, sensors, and alarms

- Intrusion detection

- Fire detection, prevention, and suppression

- Fencing, security guards, and security badge types

Test and Excercices

 

Case Studies

Case-based discussions will be conducted with topics related to the subjects of training. Exam exercises and questions evaluation.

Trainer : Spectracentre Trainer Team

Tanggal Training

Selasa - Kamis , 27 Maret 2018 - 29 Maret 2018

Investasi

Rp.12,500,000

Certification

-

Form Pendaftaran

  • Pengisian Formulir Pendaftaran Pelatihan Spectra Trainer belum bersifat mengikat, penawaran dan penjelasan resmi dan lebih lengkap akan diberikan langsung oleh Marketing Spectra Training yang bersangkutan dengan topik / kebutuhan Pelatihan yang Anda minta, sesaat setelah data Anda sampai di email pendaftaran kami. Anda berhak untuk membatalkan untuk mengikuti training, jika penawaran resmi dari Marketing Spectra Training yang bersangkutan berbeda dengan kebutuhan Anda.
  • Mohon melengkapi data Anda sedetail mungkin di Setiap Pengisian Formulir Our Services Spectra Training , , kesalahan/kekurangan data yang diisikan, akan menyebabkan Marketing Kami akan kesulitan menghubungi Anda.
  • Untuk jadwal tanggal pelaksanaan Public Training bisa berubah dikarenakan disesuaikan dengan jadwal trainer dan kondisi jumlah peserta
  • Untuk 1 Peserta Public Training Kami , Akan Tetap Berjalan Dan Pelaksanaan Di Hotel Berbintang