Kurser

Online

Online kursus 
Online læring, der kan tages, når det passer dig

Certified Information Systems Security Professional (CISSP) 2024

Tilmelding Garantifor afholdelse

Få adgang til online kurset.
Tilgængeligt i 365 dage.
DKK  10.999
ekskl. moms
Nr. 72882 P

Lær at udvikle standarder, politikker og processer inden for IT-sikkerhed. Med denne kursuspakke bliver du klædt på til tage en certificering som IT-sikkerhedsspecialist. Kurset er på engelsk og foregår online, når det passer dig. Du har adgang til online kursuspakken i 365 dage.

Bliv Certified Information Systems Security Professional

De grundlæggende sikkerhedsprincipper som fortrolighed, tilgængelighed og integritet styrer al vellykket best practice inden for informationssikkerhed, som lærer at anvende med denne kursussamling. Kurset viser dig best practices til at etablere sikkerhedskontrol, asset security, implementering og styring af secure engineering processes, og inden for implementering og håndhævelse af software sikkerhedskontrol.

Kursussamlingen dækker målsætningerne for at gennemføre Certified Information Systems Security Professional (CISSP) eksamen.

Deltagerprofil

Kursusamlingen er henvendt til dig, der ønsker at tage Certified Information Systems Security Professional (CISSP) eksamen. Du skal have erfaring inden for området, og have arbejdet med IT-sikkerhed i et par år.

Udbytte

  • Få styr på, hvordan man udvikler og implementere en dokumenteret sikkerhedspolitik
  • Lær at måle og monitorere risici
  • Lær best practice til at implementere og styre sikre engineering processer
  • Brug data fra key performance og risk indicator til at bedømme sikkerhed og test
  • Identificer karakteristika ved digital forensics, og rollen under sikkerhedsundersøgelser
  • Lær at operere i og opretholde firewalls, som en præventiv foranstaltning
  • Få styr på best practices til at indarbejde disaster recovery training og opmærksomhed ved security operations

Det får du på onlinekurset

Vi sørger for, at rammerne er i orden, så du kan fokusere på at lære.

Undervisning på engelsk

Undervisning på engelsk

Indhold

CISSP 2024: Investigations & Policie
  • Cybercrime investigation is a critical practice in a modern security landscape. In this field, skilled security professionals from agencies like the FBI use digital forensics to track, analyze, and dismantle various types of cybercrime and cyber threats.
    This course covers several CISSP exam objectives. You will begin by exploring the requirements for administrative, criminal, civil, regulatory, and industry investigations. You will then learn to develop, document, and implement security policy, standards, procedures, and guidelines. Finally, you will discover considerations for the enforcement of personnel security policies and procedures.
  • Course duration: 32 Minutes
CISSP 2024: Logging, Monitoring, & Investigations
  • In the realm of cybersecurity, logging, monitoring, and investigations play a critical role in ensuring the integrity, confidentiality, and availability of information systems. These processes help to safeguard an organization's digital assets from potential threats.
    In this course, learn about log management, intrusion detection and prevention systems (IDPS), and compare security information and event management (SIEM) and security orchestration, automation, and response (SOAR). Next, explore continuous monitoring and tuning, threat intelligence and hunting concepts, and user and entity behavior analytics. Finally, examine cyber forensics collection and handling, the forensic analysis process and activities, and forensic reporting and documentation.
  • Course duration: 33 Minutes
CISSP 2024: Risk Management Concepts
  • Security risk management involves the continual process of identifying security risks and implementing strategy and tactics to mitigate them. It is a vital component of any organization's strategy to protect its assets, ensure regulatory compliance, maintain operational continuity, and safeguard its reputation.
    Begin this course by exploring threat and vulnerability identification, as well as risk analysis, assessment, and response. Next, you will discover control categories, types, and assessments. Then you will investigate continuous monitoring and measurement and risk management reporting. Finally, you will examine continuous improvement and risk frameworks as you gain the essential skills to protect and secure your organization’s critical resources.
  • Course duration: 45 Minutes
CISSP 2024: Site & Facility Security
  • Physical security consists of tested practices for protecting building sites and equipment (and all information and software contained therein) from theft, vandalism, natural disaster, human-caused catastrophes, and accidental damage, thereby maintaining overall organizational security.
    Begin this course by exploring site and facility security design principles, as well as perimeter and internal security controls to gain insights into safeguarding both the outer and inner layers of infrastructure. Then you will investigate security concerns for wiring closets, distribution frames, server rooms, data centers, and media and evidence storage facilities. Next, you will examine security issues for restricted and work areas, utilities, and heating, ventilation, and air conditioning (HVAC) systems. Additionally, you will focus on environmental topics, including fire prevention, detection, and suppression. Finally, you will discover power issues and controls, including redundancy and backup, and personnel safety concerns including insider threats, social media impacts, two-factor authentication (2FA) fatigue, emergency management, and duress.
  • Course duration: 46 Minutes
CISSP 2024: Business Continuity Planning & Exercises
  • Business continuity planning is a systematic and comprehensive strategy and set of tactics for ensuring that an organization can prevent or quickly recover from a significant disruption to its operations at a pre-determined acceptable level.
    In this course, discover methods to identify, assess, prioritize, and implement business continuity requirements. Learn about the business continuity plan (BCP) and business impact analysis (BIA). Next, explore how to implement recovery strategies using backup storage and recovery sites. Finally, learn about the importance of system and design resilience, high availability, and fault tolerance.
  • Course duration: 36 Minutes
CISSP 2024: Asset Classification, Handling, & Provisioning
  • IIt is an established principle that before risk can be assessed and analyzed, an organization must know what physical and software resources they have. This enables businesses to categorize and allocate their assets effectively, thus mitigating risks, optimizing usage, and potentially saving costs.
    Begin this course by exploring general asset classification, types of assets, and restricted, confidential, internal, and public data. Then you will discover information and asset handling requirements and secure provisioning of assets. Next, you will investigate different use cases for asset ownership. Finally, you will examine tangible and intangible asset inventory and asset management per International Organization for Standardization (ISO) guidelines.
  • Course duration: 23 Minutes
CISSP 2024: Authorization Mechanisms & Identity Management
  • While authentication is technically mandatory, authorization is optional, and if all principals had root or administrative access in a small organization, there would be no need for different access layers. This scenario, however, is quite rare and is a violation of modern identity management and zero-trust initiatives.
    In this course, learn about the implementation and management of authorization mechanisms and control of the identity and access provisioning lifecycle, including rule-based, role-based, discretionary, mandatory, attribute-based, and risk-based access controls. Next, compare attribute-based access control (ABAC) with RBAC and explore access policy enforcement, account access review, and provisioning/deprovisioning. Finally, examine role definitions and transitions, privilege escalation, and service accounts management.
  • Course duration: 36 Minutes
CISSP 2024: Professional Ethics & Security Concepts
  • Regardless of the guidance that one is following as a security professional, one common theme is that architects must be held to a high ethical standard based on their responsibility to manage risk to all assets.
    In this course, you will explore the International Information System Security Certification Consortium (ISC2) Code of Professional Ethics. Then you will discover organizational codes of ethics, which establish an integral aspect of a mission and model adopted by an organization. Finally, you will focus on the Five Pillars of information security - confidentiality, integrity, availability, authenticity, and non-repudiation.
  • Course duration: 18 Minutes
CISSP 2024: Operating Detection & Preventative Measures
  • A firewall system is designed to prevent fires from spreading from one zone or domain to another. Patch management, on the other hand, can stop a fire from ever starting.
    In this course, examine operating detection and preventative measures, including intrusion detection systems (IDS) and intrusion prevention systems (IPS) and whitelisting and blacklisting. Next, learn about third-party security services, sandboxing, and honeypots and honeynets. Finally, explore antimalware systems, machine learning (ML) and AI-based tools, and how to implement and support patch and vulnerability management.
  • Course duration: 36 Minutes
CISSP 2024: Security Audit & Controls Testing
  • A security audit is a comprehensive assessment of an organization’s information systems. Typically, they measure the systems and applications against an audit checklist of industry best practices, externally established standards, and/or federal regulations.
    In this course, differentiate internal, external, and third-party auditing and learn about locations for auditing and controls testing, the purpose of a vulnerability assessment, and the basics of penetration testing. Next, explore log reviews and log data, code review and testing techniques, and compare synthetic transactions, benchmark, and misuse case testing. Finally, examine coverage analysis concepts, compare interface testing methods, and discover the purpose of compliance checks.
  • Course duration: 34 Minutes
CISSP 2024: Secure Design Principles & Models
  • For the CISSP exam, one must be able to understand a variety of security design principles and practices. The topics in this course cover the following Domain 3 objectives: research, implement, and manage engineering processes using secure design principles and understand the fundamental concepts of security models.
    Begin by exploring the importance of least privilege and defense in depth to create multi-layered security defenses and restrict access to sensitive information. You will then look at concepts of segregation of duties (SOD), keeping it simple and small, and privacy by default and design. Next, you will consider how the shared responsibility model is crucial for participants to grasp the roles and accountability in cloud and collaborative environments. You will also explore threat modeling techniques to identify, evaluate, and mitigate potential security threats. Finally, you will compare zero trust vs. trust, explore the secure access service edge (SASE) framework, and consider the fundamental concepts of security models such as Bell-LaPadula, Biba, Star, and Clark-Wilson.
  • Course duration: 41 Minutes
CISSP 2024: Data Lifecycle, Controls, & Compliance
  • Data is one of the highest-priority assets that most organizations possess. For CISSP professionals, understanding the data lifecycle to ensure that security measures are applied at each stage to protect sensitive information, controls, and compliance is crucial. Together, these elements form the backbone of a robust security strategy, ensuring that data is managed securely throughout its lifecycle, mitigating risks through effective controls, and meeting legal and regulatory requirements.
    Begin this course by exploring various data roles like owner, controllers, and processors, as well as in use, in transit, and at rest data states. Then you will delve into the phases of the data lifecycle, including data collection, data location, data maintenance, data retention and remanence, and data destruction. Next, you will compare data scoping to data tailoring and learn how to select appropriate data security and privacy standards. Finally, you will focus on data protection methods, including digital rights management (DRM), data loss prevention (DLP), and cloud access security brokers (CASBs).
  • Course duration: 34 Minutes
CISSP 2024: Cryptographic Solutions & Cryptanalytic Attacks
  • Cryptology is the science of securing all communications. Cryptography generates messages with hidden meaning whereas cryptanalysis is the science of breaking those encrypted messages to recover their meaning.
    In this course, we will begin by defining several cryptographic methods such as symmetric, asymmetric, elliptic curves, and quantum and explore the cryptographic life cycle. Next, we will compare key management practices like generation and rotation and look at digital signatures and digital certificates for non-repudiation and integrity. We will then explore public key infrastructure (PKI), including quantum key distribution, and compare several types of brute force attacks. Finally, we will delve into implementation attacks, side-channel attacks, Kerberos exploitation, and ransomware attacks.
  • Course duration: 48 Minutes
CISSP 2024: Security Governance & Compliance Issues
  • Security governance is the set of practices exercised by executive management to offer strategic direction, ensuring that objectives are achieved, determining that risks are managed properly, and verifying that the organizations' resources are used responsibly. Begin this course by discovering how to align security governance with organizational goals and objectives. Then you will explore organizational processes like acquisitions, divestitures, and governance committees, as well as organizational roles and responsibilities. You will investigate security control frameworks like including the International Organization for Standardization (ISO), the National Institute of Standards and Technology (NIST) and learn about due diligence, due care, cybercrimes, and data breaches. Next, you will examine licensing and intellectual property requirements, import and export controls, transborder data flow, and privacy-related issues. Finally, you will focus on contractual, legal, industry standards and regulatory requirements.
  • Course duration: 42 Minutes
CISSP 2024: Threat Modeling, SCRM, & Security Awareness
  • Threat modeling uses hypothetical scenarios, system and data flow diagrams, and testing to assist in securing systems, applications and data.
    In this course, the learner will explore threat modeling concepts and methodologies, supply chain risk management (SCRM) concepts, and ways to establish and maintain a security awareness, education, and training program.
  • Course duration: 30 Minutes
CISSP 2024: Foundational Security Operations & Resource Protection
  • Different organizations have varying definitions of change management and configuration management in IT.
    In this course, learn the differences between IT change management and configuration management, compare need to know and least privilege, and explore segregation of duties (SoD) and privileged account management (PAM). Next, learn about job rotation, service-level agreements (SLAs), and how to apply resource protection for media management. Finally, examine the processes of the incident management life cycle, including preparation, detection, response, mitigation, reporting, recovery, remediation, and lessons learned.
  • Course duration: 36 Minutes
CISSP 2024: Collecting & Analyzing Security Process Data
  • Collecting and analyzing security process data is a key aspect of maintaining and improving the overall security of a business or organization, and there is a vast array of sources and metrics that must be considered.
    In this course, learn about account management process data collection, management review and approval data collection, and key concepts of security management key performance indicators (KPI) and key risk indicators (KRIs). Next, examine data backup verification best practices, training and awareness process data, and disaster recovery (DR) and business continuity (BC) process data. Finally, discover how to analyze test output and generate reports, and explore best practices for proper security audit reporting.
  • Course duration: 23 Minutes
CISSP 2024: Securing Network Components & Communication Channels
  • Evaluate the best data communications solutions for your organizations based on factors such as reliability, cost, and security. In this course, you'll explore how to design and deploy infrastructure that meets the requirements of modern businesses. Learn how to evaluate infrastructure solutions based on factors such as reliability, scalability, and cost-effectiveness, explore the best practices for maintaining that infrastructure, and learn about the different types of transmission media, including physical security and signal propagation quality. Next, you'll discover different transmission media solutions, Network Access Control (NAC) systems, and gain an understanding of how to design and deploy NAC solutions that provide comprehensive security to network endpoints. Finally, explore the different types of data communications, including backhaul networks, satellite, and third-party connectivity such as telecom providers and hardware support.
  • Course duration: 35 Minutes
CISSP 2024: Vulnerabilities of Architectures, Designs, & Solution Elements
  • A security vulnerability is a weakness, flaw, or error found within a security element that has the potential to be leveraged by a threat agent in order to compromise a secure network, system, or application. The goal of this course is to prepare the CISSP candidate to assess and mitigate the vulnerabilities of security architectures, designs, and solution elements.
    In this course, you will begin by considering the potential vulnerabilities of various systems including client-based, server-based, database, cryptographic, industrial control (ICS), embedded, virtualized, cloud-based, and distributed systems and how you might mitigate these issues.
    Next, you will walk through ways to lessen vulnerabilities in Internet of Things (IoT) devices and discover how to assess and mitigate vulnerabilities in containerized systems and microservices including application programming interface (API) calls. You will also look at the potential weaknesses in serverless technologies, high-performance computing, and edge computing and how to alleviate these issues.
    Finally, you will explore the security capabilities of Information Systems like memory protection, Trusted Platform Module (TPM), and encryption/decryption.
  • Course duration: 56 Minutes
CISSP 2024: Controlling Asset Access, Device Identification, and Authentication
  • Traditionally, access control has been described as AAA services. Authentication, authorization, and accounting (AAA) is a security framework that controls access to computer resources, enforces policies, and audits usage.
    This course explores classic and evolving approaches to controlling asset access and device identification and authentication. Topics include physical and logical access, groups and roles, AAA services, session management, registration, proofing, identity, federated identity management (FIM), credential management systems, single sign-on (SSO), Just-In-Time (JIT), authentication systems, and federated identity.
  • Course duration: 46 Minutes
CISSP 2024: Secure Design Principles in Network Architectures (Part 1)
  • In the digital era, understanding network protocols and their impact on performance is crucial for IT professionals tasked with maintaining robust and efficient communication systems. This course is the first of two courses that cover a large part of CISSP Domain 4.
    In this course the learner will focus on several aspects of secure design principles in network architectures including OSI and TCP/IP protocols for IPv4 and IPv6, secure protocols, multilayer protocol implications, converged protocols, transport architectures, performance metrics, and traffic flows.
  • Course duration: 47 Minutes
CISSP 2024: Secure Design Principles in Network Architectures (Part 2)
  • In today's increasingly complex threat landscape, securing physical sites and facilities is paramount for safeguarding assets, data, and personnel. This course covers secure design principles in network architectures beginning with an exploration of physical and logical segmentation and microsegmentation. Next you will dig into edge networks, including peering and ingress/egress. You will compare types of wireless networks and explore cellular and mobile networks. Next you will discover the roles of content distribution networks (CDNs), software-defined networks (SDNs), and virtual private clouds (VPCs) in security design. Finally, you will explore security monitoring and management.
  • Course duration: 48 Minutes
CISSP 2024: Business Continuity Planning & Exercises
  • Business continuity planning is a systematic and comprehensive strategy and set of tactics for ensuring that an organization can prevent or quickly recover from a significant disruption to its operations at a pre-determined acceptable level.
    In this course, discover methods to identify, assess, prioritize, and implement business continuity requirements. Learn about the business continuity plan (BCP) and business impact analysis (BIA). Next, explore how to implement recovery strategies using backup storage and recovery sites. Finally, learn about the importance of system and design resilience, high availability, and fault tolerance.
    This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.
  • Course duration: 36 Minutes
CISSP 2024: Operating Detection & Preventative Measures
  • A firewall system is designed to prevent fires from spreading from one zone or domain to another. Patch management, on the other hand, can stop a fire from ever starting.
    In this course, examine operating detection and preventative measures, including intrusion detection systems (IDS) and intrusion prevention systems (IPS) and whitelisting and blacklisting. Next, learn about third-party security services, sandboxing, and honeypots and honeynets. Finally, explore antimalware systems, machine learning (ML) and AI-based tools, and how to implement and support patch and vulnerability management.
    This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.
  • Course duration: 36 Minutes
Ask a mentor
  • Du har på alle moduler mulighed for at stille spørgsmål til et mentorteam, hvis du har spørgsmål til kurset.
 

Tidsforbrug

Kursuspakken består af 22 moduler og kan gennemføres på ca. 14 timer.

Form

Denne online kursuspakke består af flere forskellige kurser, som du ved tilmelding har adgang til i 365 dage. Hvert enkelt kursus er opdelt i flere kursusmoduler, som du via en oversigtsmenu kan tage i den rækkefølge, du ønsker. Modulerne indeholder lyd, billeder og tekst, der gennemgår kursusindholdet. Nogle moduler indeholder små videofilm med scenarier og cases. Ved hvert kursus har du mulighed for at teste din forståelse af indholdet med tests, som du kan tage både før, under og efter kurset. Du gennemfører kursusmodulerne via din computer eller tablet med lyd og adgang til Internettet. Du kan selv styre, hvornår du vil tage modulerne – og de kan sættes på pause undervejs.

Læs mere om vores online kurser og se svar på dine spørgsmål (FAQ).

Certificering

Kurset leder hen mod certificeringen Certified Information Systems Security Professional (CISSP). Eksamen bestilles og betales særskilt. Vi henviser til certificeringsudbyderens hjemmeside for nærmere information om aktuelle betingelser for at opnå certificering. I forbindelse med nogle certificeringer skal du selv oprette dig på udbyderens hjemmeside for at få adgang til eksamen. Vær venligst opmærksom på, at der er overensstemmelse mellem den certificeringsversion, du har forberedt dig på og den version, du bestiller eksamen i.

Søgte du et andet online kursus?

Vi tilbyder en bred vifte af forskellige kurser inden for mange områder. Kontakt os på tlf. 72203000 eller kurser@teknologisk.dk, så vi kan hjælpe med at imødekomme dit behov.

Se desuden listen over vores udvalgte online kurser.

Køb online kurser til flere

Er I en afdeling, en hel virksomhed eller blot flere personer, der ønsker adgang til online kurser, så kontakt os og få et tilbud på tlf. 72203000 eller kurser@teknologisk.dk.

Se også vores tilstedeværelseskurser

"CISSP Bootcamp", som vi afholder på en af vores fysiske lokationer, kunne også være interessant for dig.