Syllabus of CISSP Certification in Course Makati
Module 1: Security and Risk Management:
- 1. Confidentiality, Integrity, and Availability Concepts
- 2. Security Governance Principles
- 3. Compliance
- 4. Legal and Regulatory Issues
- 5. Professional Ethics
- 6. Security Policies, Standards, Procedures, and Guidelines
Module 2: Asset Security:
- 1. Information and Asset Classification
- 2. Ownership
- 3. Protect Privacy
- 4. Appropriate Retention
- 5. Data Security Controls
- 6. Handling Requirements
Module 3: Security Architecture and Engineering:
- 1. Engineering Processes using Secure Design Principles
- 2. Security Models Fundamental Concepts
- 3. Security Evaluation Models
- 4. Security Capabilities of Information Systems
- 5. Security Architectures, Designs, and Solution Elements Vulnerabilities
- 6. Web-based Systems Vulnerabilities
- 7. Mobile Systems Vulnerabilities
- 8. Embedded Devices and Cyber-Physical Systems Vulnerabilities
- 9. Cryptography
- 10. Site and Facility Design Secure Principles
- 11. Physical Security
Module 4: Communication and Network Security:
- 1. Secure Network Architecture Design
- 2. Secure Network Components
- 3. Secure Communication Channels
- 4. Network Attacks
Module 5: Identity and Access Management (IAM):
- 1. Physical and Logical Assets Control
- 2. Identification and Authentication of People and Devices
- 3. Identity as a Service
- 4. Third-party Identity Services
- 5. Access Control Attacks
- 6. Identity and Access Provisioning Lifecycle
Module 6: Security Assessment and Testing:
- 1. Assessment and Test Strategies
- 2. Security Process Data
- 3. Security Control Testing
- 4. Test Outputs
- 5. Security Architectures Vulnerabilities
Module 7: Security Operations:
- 1. Investigations Support and Requirements
- 2. Logging and Monitoring Activities
- 3. Provisioning of Resources
- 4. Foundational Security Operations Concepts
- 5. Resource Protection Techniques
- 6. Incident Management
- 7. Preventative Measures
- 8. Patch and Vulnerability Management
- 9. Change Management Processes
- 10. Recovery Strategies
- 11. Disaster Recovery Processes and Plans
- 12. Business Continuity Planning and Exercises
- 13. Physical Security
- 14. Personnel Safety Concerns
Module 8: Software Development Security:
- 1. Security in the Software Development Lifecycle
- 2. Development Environment Security Controls
- 3. Software Security Effectiveness
- 4. Acquired Software Security Impact