Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Coursera

CISSP Certified Information Security Professional Exam Guide

Packt via Coursera

Go to class Write review

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
This CISSP preparation resource equips learners with the knowledge and tools needed to succeed in the certification exam and excel in cybersecurity roles. It covers essential domains such as risk management, network security, and software development, with practical insights and expert guidance. Designed for professionals aiming to advance their careers, it provides a structured and comprehensive learning path. What sets this course apart is its combination of theoretical knowledge and real-world applications. By following practical examples and expert guidance, you will gain a deep understanding of key concepts and apply them in various professional scenarios. Ideal for IT professionals looking to pursue CISSP certification, this course is best suited for those with a solid foundation in network administration, systems administration, and governance, risk, and compliance (GRC). Based on the book, Certified Information Systems Security Professional (CISSP) Exam Guide, by Ted Jordan, Ric Daza, and Hinne Hettema.

Syllabus

  • Ethics, Security Concepts, and Governance Principles
    • In this section, we explore the ISC2 Code of Ethics, the CIA triad, and aligning security governance with organizational goals to support ethical and effective decision-making.
  • Compliance, Regulation, and Investigations
    • In this section, we explore contractual, legal, and industry requirements, analyze privacy principles, and differentiate investigation types to ensure data protection and legal compliance.
  • Security Policies and Business Continuity
    • In this section, we explore developing security policies, conducting business impact analysis, and implementing business continuity plans to ensure operational resilience and compliance.
  • Risk Management, Threat Modeling, SCRM, and SETA
    • In this section, we explore risk management frameworks, threat identification, and SCRM and SETA strategies to mitigate risks and enhance organizational security through structured approaches.
  • Asset and Privacy Protection
    • In this section, we explore identifying and classifying digital assets, establishing secure handling requirements, and allocating resources based on asset value for effective cybersecurity management.
  • Information and Asset Handling
    • In this section, we explore data life cycle management, asset retention, and security controls to ensure compliance and effective digital asset governance throughout their existence.
  • Secure Design Principles and Controls
    • In this section, we explore secure design principles, analyze security models, and select controls based on system requirements using frameworks like STRIDE and Zero Trust.
  • Architecture Vulnerabilities and Cryptography
    • In this section, we examine system architecture vulnerabilities and cryptographic methods to secure data. Key concepts include encryption types, attack mitigation, and practical applications in IoT and cloud systems.
  • Facilities and Physical Security
    • In this section, we explore physical security principles for site design, facility controls, and HVAC measures to protect data and systems from unauthorized access and environmental threats.
  • Network Architecture Security
    • In this section, we explore secure network design using OSI and TCP/IP models, focusing on layer-based security analysis and real-world protocol implications.
  • Securing Communication Channels
    • In this section, we explore securing network components and communication channels to ensure data confidentiality, integrity, and protection against vulnerabilities in network environments.
  • Identity, Access Management, and Federation
    • In this section, we explore identity and access management, focusing on secure access control, federation, and user provisioning to balance data security and operational efficiency.
  • Identity Management Implementation
    • In this section, we explore implementing authentication systems for third parties, analyzing authentication and access control mechanisms, and designing secure collaboration strategies using federated identity management and SSO.
  • Designing and Conducting Security Assessments
    • In this section, we explore designing and validating security assessment strategies, conducting control testing, and ensuring audit outcomes are accurate and actionable for continuous improvement.
  • Designing and Conducting Security Testing
    • In this section, we explore collecting and analyzing security data to improve system resilience, focusing on audit processes, disaster recovery, and effective reporting techniques.
  • Planning for Security Operations
    • In this section, we explore pre-incident planning for security operations, focusing on incident response, logging, monitoring, and configuration management to ensure operational resilience and effective threat response.
  • Security Operations
    • In this section, we explore the incident response cycle, detective and preventive security measures, and patch and vulnerability management for practical security operations.
  • Disaster Recovery
    • In this section, we explore disaster recovery strategies, testing plans, and recovery site options to ensure IT system availability and resilience in real-world scenarios.
  • Business Continuity, Personnel, and Physical Security
    • In this section, we examine business continuity, personnel, and physical security, focusing on stakeholder collaboration, access controls, and safety protocols to enhance organizational resilience and disaster recovery planning.
  • Software Development Life Cycle Security
    • In this section, we explore secure software development methodologies, maturity models, and change management to ensure application security and functionality throughout the life cycle.
  • Software Development Security Controls
    • In this section, we explore secure coding practices, SAST and DAST integration in CI/CD, and automation of security testing to reduce application vulnerabilities.
  • Securing Software Development
    • In this section, we examine software security effectiveness, evaluate risks of acquired software, and analyze common vulnerabilities to enhance digital system protection.
  • Secure Coding Guidelines, Third-Party Software, and Databases
    • In this section, we examine secure coding practices, source code vulnerabilities, and database security to build resilient systems and protect data integrity.

Taught by

Packt - Course Instructors

Reviews

Start your review of CISSP Certified Information Security Professional Exam Guide

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.