Skip to main content
Go Back to LUNA Academy

Certified Information Systems Security Professional (CISSP®)

Course Code: DDL-0007

FREE ACCESS

  •   Access to course content
  •   No access to labs
  •   Certificate not included

PAID ACCESS

  •   Access to course content
  •   Access to all course labs
  •   Blockchain Enabled Certificate and Badges

SCHEDULES

  • SCHEDULE A - September 5-9,2022, Monday-Friday, 7am-4pm
  • SCHEDULE B - October 10-14,2022, Monday-Friday, 6am-3pm
  • SCHEDULE C - November 7-11,2022, Monday-Friday, 6am-3pm
  • SCHEDULE D - December 5-9,2022, Monday-Friday, 6am-3pm

ABOUT THIS COURSE

Accelerate your cybersecurity career with the CISSP certification.

This course is the most comprehensive review of information security concepts and industry best practices, and focuses on the eight domains of the CISSP CBK® (Common Body of Knowledge) that are covered in the CISSP exam. You will gain knowledge in information security that will increase your ability to successfully implement and manage security programs in any organisation or government entity.

Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program. With a CISSP, you validate your expertise and become an (ISC)2 member, unlocking a broad array of exclusive resources, educational tools, and peer-to-peer networking opportunities.

OBJECTIVES

This course will help you to prepare for the CISSP certification. You will gain core knowledge to successfully implement and manage security programs. You will gain in-depth knowledge of the eight domains required to prepare for the CISSP exam.

RECOMMENDED FOR

The CISSP is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:

  • Chief Information Security Officer
  • Chief Information Officer
  • Director of Security
  • IT Director/Manager
  • Security Systems Engineer
  • Security Analyst
  • Security Manager
  • Security Auditor
  • Security Architect
  • Security Consultant
  • Network Architect

PREREQUISITES

You should have a minimum of five years of experience working in IT Infrastructure and Cybersecurity.

MEET THE INSTRUCTORS

  • ADRIAN SMITH

    • TECHNICAL TRAINER


    PROFILE SUMMARY

    Since completing his B.Sc. in Computer Science, Adrian has compiled over 30 years’ IT experience. During his time as a Technical Trainer at DDLS, Adrian has worked across Microsoft, Google Cloud & AWS product sets.

  • DAVID VAN GEMERT

    • SENIOR TECHNICAL TRAINER


    PROFILE SUMMARY

    David is a Technical Trainer for DDLS for Microsoft Infrastructure and Security Training, CompTIA A+, Network+ and Security+ delivering Training and Consulting in Australia and New Zealand.

  • ITVINDER MANKOO

    • PROCESS TRAINER


    PROFILE SUMMARY

    He is a highly experienced and passionate facilitator with a wealth of ‘real-world’ experience which she uses to bring to life her training courses. She is an entertaining trainer and without exception, students excel, enjoy, and learn in an environment that is supportive, educational, and fun.

  • JOHN ANG

    • TECHNICAL TRAINER


    PROFILE SUMMARY

    An experienced Infrastructure, Security, Consulting and Project Management in Information Technology. With more than 20 years in the IT industry, recently led the Infrastructure and Security projects for one of the largest conglomerates in the country. Highly skilled in Microsoft, Symantec, CyberArk, Qualys, SolarWinds, and IT Security Policies and Procedures.

  • LOUIS CREMEN

    • TECHNICAL TRAINER


    PROFILE SUMMARY

    Graduated B of Computer Science at University of Wollongong in 2009. Started his own software company making mobile and web apps for other companies (CommBank, RBA, Army, Government, Enterprises). Contracted to create courses to train developers how to write apps for companies (DDLS, AUC) and then as a university lecturer (UOW).

  • MICHAEL MANASAN

    • SENIOR TECHNICAL TRAINER


    PROFILE SUMMARY

    Michael is a versatile individual with a passion for technology, be it open or closed source. He is interested in infrastructure, messaging, database, and development technologies as well as management processes. Michael is continually upgrading his skillset as well as adding new skills that fancies his interest.

  • TERRY GRIFFIN

    • TECHNICAL TRAINER


    PROFILE SUMMARY

    Terry is a technology specialist and brings to the classroom his extensive experience and knowledge which he uses to keep his courses interesting to the attendees. He is known as a Microsoft, VMware, and Citrix evangelist, and brings that enthusiasm to the classroom.

  COURSE OUTLINE


  • Module 1: Security and Risk Management
    • Understand, adhere to, and promote professional ethics
    • Understand and apply security concepts
    • Evaluate and apply security governance principles
    • Determine compliance and other requirements
    • Understand legal and regulatory issues that pertain to information security in a holistic context
    • Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
    • Develop, document, and implement security policy, standards, procedures, and guidelines
    • Identify, analyse, and prioritise Business Continuity (BC) requirements
    • Contribute to and enforce personnel security policies and procedures
    • Understand and apply risk management concepts
    • Understand and apply threat modeling concepts and methodologies
    • Apply Supply Chain Risk Management (SCRM) concepts
    • Establish and maintain a security awareness, education, and training program

  • Module 2: Asset Security
    • Identify and classify information and assets
    • Establish information and asset handling requirements
    • Provision resources securely
    • Manage data lifecycle
    • Ensure appropriate asset retention (e.g. End-of-Life (EOL), End-of- Support (EOS))
    • Determine data security controls and compliance requirements

  • Module 3: Security Architecture and Engineering
    • Research, implement and manage engineering processes using secure design principles
    • Understand the fundamental concepts of security models (e.g. Biba, Star Model, Bell-LaPadula)
    • Select controls based upon systems security requirements
    • Understand security capabilities of Information Systems (IS) (e.g. memory protection, Trusted Platform Module (TPM), encryption/decryption)
    • Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
    • Select and determine cryptographic solutions
    • Understand methods of cryptanalytic attacks
    • Apply security principles to site and facility design
    • Design site and facility security controls

  • Module 4: Communication and Network Security
    • Assess and implement secure design principles in network architectures
    • Secure network components
    • Implement secure communication channels according to design

  • Module 5: Identity and Access Management(IAM)
    • Control physical and logical access to assets
    • Manage identification and authentication of people, devices, and services
    • Federated identity with a third-party service
    • Implement and manage authorisation mechanisms
    • Manage the identity and access provisioning lifecycle
    • Implement authentication systems

  • Module 6: Security Assessment and Testing
    • Design and validate assessment, test, and audit strategies
    • Conduct security control testing
    • Collect security process data (e.g. technical and administrative)
    • Analyse test output and generate reports
    • Conduct or facilitate security audits

  • Module 7: Security Operations
    • Understand and comply with investigations
    • Conduct logging and monitoring activities
    • Perform Configuration Management (CM) (e.g. provisioning, baselining, automation)
    • Apply foundational security operations concepts
    • Apply resource protection
    • Conduct incident management
    • Operate and maintain detective and preventative measures
    • Implement and support patch and vulnerability management
    • Understand and participate in change management processes
    • Implement recovery strategies
    • Implement Disaster Recovery (DR) processes
    • Test Disaster Recovery Plans (DRP)
    • Participate in Business Continuity (BC) planning and exercises
    • Implement and manage physical security
    • Address personnel safety and security concerns

  • Module 8: Software Development Security
    • Understand and integrate security in the Software Development Life Cycle (SDLC)
    • Identify and apply security controls in development environments
    • Assess the effectiveness of software security
    • Assess security impact of acquired software
    • Define and apply secure coding guidelines and standards

Course Details

  1. Classes Start

  2. Estimated Effort

    5 days/week, max. 8 hours/day
Enroll
LUNA TECHNOLOGIES INC. 2022. All rights reserved.