Course Description

This practical and highly-interactive course includes real-life case studies where participants will be engaged in a series of interactive small groups and class workshops. This course is designed to provide participants with a detailed and up-to-date overview of Certified Information System Security Professional. It covers the security and risk management; the concepts of confidentiality, integrity and availability; the security governance principles, compliance requirements and legal and regulatory issues that pertain to information security in a global context; the business continuity (BC) requirements and personnel security policies and procedures; and the risk management and threat modeling concepts, methodologies and risk-based management concepts to the supply chain. Further, the course will also discuss the security awareness, education and training program; the asset security, privacy, appropriate asset retention, data security controls and information and asset handling requirements; the security architecture and engineering; the fundamental concepts of security models; and the systems security requirements, security architectures, designs and solution elements.During this interactive course, participants will learn the security operations, support investigations and the requirements for investigation types; the logging and monitoring activities, provisioning resources and foundational security operations concepts and resource protection techniques; the incident management, detective and preventative measures and patch and vulnerability management; the change management processes, recovery strategies, disaster recovery (DR) processes and disaster recovery plans (DRP); the business continuity (BC) planning and exercises, physical security and personnel safety and security concerns; the software development security, security in the software development life cycle (SDLC) and security controls in development environments; the effectiveness of software security and security impact of acquired software; and the coding guidelines and standard.

link to course overview PDF

TRAINING METHODOLOGY

This interactive training course includes the following training methodologies:

30 % Lectures
20 % Workshops & Work Presentations
20 % Case Studies & Practical Exercises
30 % Videos, Software & Simulators

In an unlikely event, the course instructor may modify the above training methodology for technical reasons.

VIRTUAL TRAINING (IF APPLICABLE)

If this course is delivered online as a Virtual Training, the following limitations will be applicable:

Certificates	:	Only soft copy certificates will be issued
Training Materials	:	Only soft copy materials will be issued
Training Methodology	:	80% theory, 20% practical
Training Program	:	4 hours per day, from 09:30 to 13:30