Q: Module 1: Security and Risk Management (Weeks 1-4)

Topics Covered: Overview of CISSP Exam Structure and Domains Understanding CIA Triad (Confidentiality, Integrity, Availability) Security Governance Principles: Laws, Ethics, and Compliance Risk Management: Threat Modeling, Risk Assessment, and Business Impact Analysis Security Policy Development and Risk Treatment Key Concepts: Security Awareness Training and Disaster Recovery Assignment: Conduct a risk assessment for a sample organization, identifying threats, vulnerabilities, and mitigation strategies.

Q: Module 2: Asset Security and Access Management (Weeks 5-8)

Topics Covered: Classification of Information and Asset Management Data Handling Standards: Data Privacy, Retention, and Disposal Access Control Models: DAC, MAC, RBAC, and ABAC Identity and Access Management (IAM) Policies and Procedures Authentication Techniques: Multi-Factor Authentication, Single Sign-On Identity Federation and IAM in Cloud Environments Assignment: Design an access control model for a company with multiple levels of data sensitivity and access requirements.

Q: Module 3: Security Architecture and Engineering (Weeks 9-12)

Topics Covered: Security Architecture Principles: Secure System Design and Trusted Computing Security Models: Bell-LaPadula, Biba, and Clark-Wilson Models Cryptography: Symmetric, Asymmetric, Hashing, Digital Signatures, and PKI Security for Virtualized and Cloud Environments Physical Security Design and Environmental Controls Assignment: Create a security architecture plan for a corporate network, incorporating encryption and physical security considerations.

Q: Module 4: Communication and Network Security (Weeks 13-16)

Topics Covered: Network Architecture and Design: OSI Model, Network Segmentation, and VLANs Secure Network Protocols: SSL/TLS, IPsec, SSH, and VPNs Wireless Security Protocols and Best Practices Firewall, IDS/IPS, and Network Monitoring Tools Network Attack Types and Countermeasures Assignment: Configure a simulated network environment using virtual tools, implementing secure network protocols and intrusion detection.

Q: Module 5: Identity, Governance, Risk, and Compliance (Weeks 17-20)

Topics Covered: Security Governance: Frameworks (NIST, ISO 27001, COBIT) Legal, Regulatory, and Compliance Considerations: GDPR, HIPAA, SOX Auditing and Monitoring for Compliance Security Awareness Programs and Training Incident Management and Business Continuity Planning (BCP) Disaster Recovery (DR) and Operational Resilience Assignment: Develop an incident response plan for a hypothetical data breach scenario, including communication, remediation, and reporting.

Q: Module 6: Security Assessment, Testing, and Software Development Security (Weeks 21-24)

Topics Covered: Vulnerability Management and Security Testing: Penetration Testing, Code Reviews Security Assessment Methods: Audits, Vulnerability Scanning, and Continuous Monitoring Secure Software Development Life Cycle (SDLC) and Security-by-Design Application Security Testing: Static, Dynamic, and Fuzz Testing Software Development Models: Waterfall, Agile, and DevSecOps Integration Assignment: Conduct a security assessment for a web application, documenting identified vulnerabilities and proposing mitigations.

Q: Capstone Project (Final Weeks)

Project Description: Students will complete a final project that synthesizes all learned domains by developing a comprehensive security framework for a fictional organization. This project includes creating a risk assessment, network security plan, access management model, incident response plan, and security testing procedures.

Question 1

Module 1: Security and Risk Management (Weeks 1-4)

Accepted Answer

- Topics Covered:
  - Overview of CISSP Exam Structure and Domains
  - Understanding CIA Triad (Confidentiality, Integrity, Availability)
  - Security Governance Principles: Laws, Ethics, and Compliance
  - Risk Management: Threat Modeling, Risk Assessment, and Business Impact Analysis
  - Security Policy Development and Risk Treatment
  - Key Concepts: Security Awareness Training and Disaster Recovery
Assignment: Conduct a risk assessment for a sample organization, identifying threats, vulnerabilities, and mitigation strategies.

Question 2

Module 2: Asset Security and Access Management (Weeks 5-8)

Accepted Answer

- Topics Covered:
  - Classification of Information and Asset Management
  - Data Handling Standards: Data Privacy, Retention, and Disposal
  - Access Control Models: DAC, MAC, RBAC, and ABAC
  - Identity and Access Management (IAM) Policies and Procedures
  - Authentication Techniques: Multi-Factor Authentication, Single Sign-On
  - Identity Federation and IAM in Cloud Environments
Assignment: Design an access control model for a company with multiple levels of data sensitivity and access requirements.

Question 3

Module 3: Security Architecture and Engineering (Weeks 9-12)

Accepted Answer

- Topics Covered:
  - Security Architecture Principles: Secure System Design and Trusted Computing
  - Security Models: Bell-LaPadula, Biba, and Clark-Wilson Models
  - Cryptography: Symmetric, Asymmetric, Hashing, Digital Signatures, and PKI
  - Security for Virtualized and Cloud Environments
  - Physical Security Design and Environmental Controls
- Assignment: Create a security architecture plan for a corporate network, incorporating encryption and physical security considerations.

Question 4

Module 4: Communication and Network Security (Weeks 13-16)

Accepted Answer

- Topics Covered:
  - Network Architecture and Design: OSI Model, Network Segmentation, and VLANs
  - Secure Network Protocols: SSL/TLS, IPsec, SSH, and VPNs
  - Wireless Security Protocols and Best Practices
  - Firewall, IDS/IPS, and Network Monitoring Tools
  - Network Attack Types and Countermeasures
- Assignment: Configure a simulated network environment using virtual tools, implementing secure network protocols and intrusion detection.

Question 5

Module 5: Identity, Governance, Risk, and Compliance (Weeks 17-20)

Accepted Answer

Topics Covered:
- Security Governance: Frameworks (NIST, ISO 27001, COBIT)
- Legal, Regulatory, and Compliance Considerations: GDPR, HIPAA, SOX
- Auditing and Monitoring for Compliance
- Security Awareness Programs and Training
- Incident Management and Business Continuity Planning (BCP)
- Disaster Recovery (DR) and Operational Resilience
Assignment: Develop an incident response plan for a hypothetical data breach scenario, including communication, remediation, and reporting.

Question 6

Module 6: Security Assessment, Testing, and Software Development Security (Weeks 21-24)

Accepted Answer

- Topics Covered:
  - Vulnerability Management and Security Testing: Penetration Testing, Code Reviews
  - Security Assessment Methods: Audits, Vulnerability Scanning, and Continuous Monitoring
  - Secure Software Development Life Cycle (SDLC) and Security-by-Design
  - Application Security Testing: Static, Dynamic, and Fuzz Testing
  - Software Development Models: Waterfall, Agile, and DevSecOps Integration
Assignment: Conduct a security assessment for a web application, documenting identified vulnerabilities and proposing mitigations.

Question 7

Capstone Project (Final Weeks)

Accepted Answer

Project Description:
- Students will complete a final project that synthesizes all learned domains by developing a comprehensive security framework for a fictional organization. This project includes creating a risk assessment, network security plan, access management model, incident response plan, and security testing procedures.

Question 8

Expected Outcome:

Accepted Answer

- By completing this program, students will acquire a thorough understanding of information security across key domains, preparing them to take the CISSP exam and qualify for roles such as Information Security Analyst, IT Security Manager, and Security Consultant. CISSP-certified professionals are in demand in industries such as finance, healthcare, government, and tech, where they help organizations mitigate security risks, protect sensitive data, and ensure regulatory compliance. This certificate is an excellent foundation for advancing in cybersecurity leadership roles and securing high-paying, in-demand positions.

Certified Information Systems Security Professional

Certified Information
Systems Security
Professional

Online Course

Certified Information Systems Security Professional

Course Fee

Qualification

Duration

Course Type

Our Recognitions Speaks

Creative Mentors was honored for its excellency in animation education industry

WHAT WE TEACH

TO START AN EXCITING CREATIVE CAREER

OUR FACULTY

Amanda Lee

Adam Cheise

FROM THE STUDENTS

Direct testimonials from the students who completed the course

ADMISSION PROCESS

OTHER COURSES

2D ANIMATION

LEARN 3D ANIMATION

ANIMATION FILM MAKING

LEARN ANIMATION FILM MAKING

MULTIMEDIA

LEARN MULTIMEDIA

Call Us

Email Us

Chat With Us

Address