cissp introduction 2016 udemy course
TRANSCRIPT
![Page 1: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/1.jpg)
CISSP Introduction
Certified Information System Security Professional
https://www.udemy.com/introduction-to-the-cissp-security-certification/
![Page 2: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/2.jpg)
CISSP Introduction 2
CISSP Training Course Introduction
Introductions
(ISC)2 CISSP and other Certifications
Course Objectives & Exam
New Exam Questions
Study Tips & Resources
![Page 3: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/3.jpg)
Adrian Mikeliunas, Instructor
Certified Information System Security Professional (CISSP)
Certified Information Systems Auditor (CISA)
30+ Years IT Experience, 15+ in Information Security
Certified Linux Professional (LPI)
Open Source Evangelist!
CISSP Introduction 3
![Page 4: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/4.jpg)
CISSP Introduction 4
(ISC)2 and the CISSP
The International Information Systems Security Certification Consortium or (ISC)2 at https://www.isc2.org/
Founded in 1989, (ISC)² issues Security Certifications & vendor-neutral education products in more than 160 countries
CISSP and SSCP meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel
International, not-for-profit leader in educating and certifying cyber, information, software and infrastructure security professionals
![Page 5: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/5.jpg)
CISSP Introduction 5
(ISC)2 Certification Programs
• Systems Security Certified Practitioner (SSCP)
• Certified Information Systems Security Professional (CISSP)− Information Systems Security Architecture Professional (ISSAP)
− Information Systems Security Engineering Professional (ISSEP)
− Information Systems Security Management Professional (ISSMP)
• Certified Authorization Professional (CAP)
• Certified Secure Software Lifecycle Professional (CSSLP)
• Certified Cyber Forensics Professional (CCFP)
• HealthCare Information Security & Privacy Practitioner HCISPP
• Certified Cloud Security Professional (CCSP)
…
![Page 6: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/6.jpg)
CISSP Introduction 6
Why Become a CISSP?
Demonstrates a working knowledge of information security
Confirms commitment to profession
Offers a career differentiator, with enhanced credibility and marketability
• Extra Compensation $$$
Provides access to valuable resources, such as peer networking and idea exchange
![Page 7: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/7.jpg)
CISSP Introduction 7
Why Become a CISSP
“The CISSP has emerged as one of the most prominent vendor-neutral certifications.”
“The CISSP provides a holistic approach to security, viewing it as a process, not a product.”
“At a basic minimum, an organization should have a CISSP on staff.”
ISO/IEC Standard 17024 accredited
• DoD Directive 8570 Requirement
• http://iase.disa.mil/iawip/Pages/iabaseline.aspx
![Page 8: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/8.jpg)
CISSP Introduction 8
Course Objectives
At the end of this course students will:
• Be Familiar with the (ISC)2 Common Body of Knowledge (CBK) including common terms, principles, lists, categories, mechanisms, etc.
• Be familiar with the CISSP exam process
• Be able to develop a study plan for taking and passing the exam.
![Page 9: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/9.jpg)
CISSP Introduction 9
Course Objectives
THIS COURSE IS NOT:
• Security Engineering 101− Not a basic course
− Knowledge is assumed
• Advanced Security Course− Coverage of material is broad and not-in-depth
• Everything you need to pass the CISSP− This course is a part of the strategy to pass the exam
− Home Study, Understanding Key Concepts, and Memorization is required.
![Page 10: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/10.jpg)
8 Domains, 8 Separate Courses!
Security and Risk Management
Asset Security
Security Engineering
Communication and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security
CISSP Introduction 10
~1 domain per week…
![Page 11: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/11.jpg)
Exam Preparation Plan
Take the Pre-Course Assessment Exam in 60 minutes
Plan on a minimum of 8 weeks to prepare for the Exam, more depending on your level of proficiency
Each week:
• 2 chapters (or about 1 domain)
Practice Exam Questions
• www.cccure.org questions
CISSP Introduction 11
![Page 12: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/12.jpg)
CISSP Introduction 12
CISSP Requirements
https://www.isc2.org/cissp-how-to-certify.aspx
Required Experience
• 5 Year of full time paid work experience in 2 or more of the 8 CBK domains− Or 4 years experience plus a college degree
Pass the Exam
• Pass the CISSP exam with a scaled score of 700 points or greater
• Create an Account and Schedule your Exam− http://www.vue.com/isc2/
![Page 13: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/13.jpg)
CISSP Introduction 13
Associate of (ISC)2
Can pass the CISSP examination, but lack the years of practical work experience
• Must also subscribe to the (ISC)² Code of Ethics and maintain their status in good standing with (ISC)²
• After successfully passing the exam and achieving the professional experience requirements, Associate of (ISC)² status can be converted to CISSP
![Page 14: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/14.jpg)
CISSP Introduction 14
CISSP Exam
Computer Based, Taken at Pearson’s CentersBRING 2 Forms of ID!!!
• Pay $599
• 250 Total Questions, 225 are scored
• 25 are research questions
• Drawn from a pool of 10,000 questions
• Questions from all 10 domains of the CBK
• Multiple Choice, 4 choices
• Pass/Fail, 700 Points or greater
• 6 Hours
• Closed Book
• Results are sent via email within 2-6 weeks
![Page 15: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/15.jpg)
After Passing the Exam
• Subscribe to the ISC2 Code of Ethics
• Submit a properly completed and executed Endorsement Form− Signed by an active CISSP who has review your qualifications
− Must be submitted within 9 months of passing the exam
• Successfully pass an audit of their assertions regarding professional experience, if the candidate is selected for audit
• Maintain your CISSP Certification
CISSP Introduction 15
![Page 16: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/16.jpg)
CISSP Introduction 16
Continuing Professional Education (CPE)
120 CPE credits every 3 years or retesting is required to maintain the CISSP
• Attending educational courses or seminars
• Attending security conferences
• Member of an association / attending meetings
• Listening to vendor presentations
• Completing university/college courses
• Providing security training
• Publishing security articles or books
• Serving on industry boards
• Self-study
• volunteer work, (ISC)² volunteer committees
20 CPEs must be posted during each calendar year!
Yearly Fee of $85
![Page 17: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/17.jpg)
2015 CBK: What’s New: Topics
3rd Party Risk Management
BYOD Risks (Bring Your Own Devices)
IoT (Internet of Things)
Software Defined Networks
Cloud Identity Services (OAuth 2.0)
About 4% change…
CISSP Introduction 17
![Page 18: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/18.jpg)
New Test Question Formats
Majority: Multiple Choice, 4 candidate answers, you select one correct one, occasionally more than one correct answer!
New Questions:
• Scenario
• Drag and Drop
• Hot Box
CISSP Introduction 18
![Page 19: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/19.jpg)
Scenario Questions
Description:
• Situational: 1-2 paragraphs describing an environment, results of an audit, etc.
• 3-5 questions on the scenario
Tactics:
• Read the question first [to understand!]
• Consider “operational” issues (tradeoffs)
CISSP Introduction 19
![Page 20: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/20.jpg)
Drag and Drop
CISSP Introduction 20
Which algorithms below are examples of symmetric cryptography?
Advanced Encryption Standard
Rivest Shamir Adlemann
Diffie Hellman
El Gamal
Data Encryption Standard
![Page 21: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/21.jpg)
Hot Spot
CISSP Introduction 21
The diagram below is a design of a Public Key Infrastructure to secure internet transactions. Within the design is a Certificate Authority, a Registration Authority, and a Validation Authority.
Click on the location of the registration authority.
![Page 22: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/22.jpg)
CISSP Introduction 22
Resources
ISC2: www.isc2.org
Online Resources & Practice Exams www.cccure.org
NIST Computer Security Resource Center http://csrc.nist.gov
http://learncissp.com/resources/
Shon Harris audio libraries & practice tests for EACH [old 10] Domains: http://www.mhprofessional.com/sites/CISSPExams/
![Page 23: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/23.jpg)
Books
Sybex CISSP 2015http://www.amazon.com/Certified-Information-Security-Professional-Official/
ISC2 Official CISSPhttp://www.amazon.com/Official-Guide-CISSP-Fourth-Press
CISSP Introduction 23
![Page 24: CISSP introduction 2016 Udemy Course](https://reader034.vdocument.in/reader034/viewer/2022042619/587d6c171a28ab32318b6d39/html5/thumbnails/24.jpg)
Questions?
CISSP Introduction 24
FREE Intro to CISSP course at https://www.udemy.com/introduction-to-the-cissp-security-certification/