CISSP Certification Training in Glasgow, UK - PowerPoint PPT Presentation

About This Presentation
Title:

CISSP Certification Training in Glasgow, UK

Description:

The vendor-neutral CISSP certification in Glasgow is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks. – PowerPoint PPT presentation

Number of Views:113

less

Transcript and Presenter's Notes

Title: CISSP Certification Training in Glasgow, UK


1
www.infosectrain.com
Preparation for CISSP in Glasgow, UK
2
InfosecTrain
About Us
InfosecTrain is one of the finest Security and
Technology Training and Consulting organization,
focusing on a range of IT Security Trainings and
Information Security Services. InfosecTrain was
established in the year 2016 by a team of
experienced and enthusiastic professionals, who
have more than 15 years of industry experience.
We provide professional training, certification
consulting services related to all areas of
Information Technology and Cyber Security.
3
(No Transcript)
4
Preparation for CISSP
  • CISSP is known as a Certified Information System
    Security Professional. Now it is one of the most
    globally recognized certifications in information
    security. So, the certificate is taken by people
    who are responsible for maintaining the security
    posture for an enterprise-level.
  • It is not at all entry-level certification that
    requires a minimum of 5 years of experience in
    information security and two or more eight
    domains of CISSP.
  • You will understand how important this
    certification is because it has been more than 26
    years since CISSP launched in 1994, and since
    then, there are only 140 thousand people
    certified across the globe.
  • CCISO Certification

5
Part of CISSP certification
  • There are eight domains of CISSP Certification
  • Domain 1 Security and risk management (15)  It
    is all about security risk and control. It will
    give you a complete perspective of security risk,
    governance risk management, and it also talks
    about at an enterprise-level, how you can take
    care of business continuity planning. It also
    gives you a flavor of understanding the loss
    thats is following across the globe. This
    particular domain has the highest percentage in
    the examination.
  • Domain 2 Asset Security (10) The next part is
    assets security, a relatively short domain but
    indeed a significant one. We will talk about
    various things that we deal with to protect
    assets (it is about the information assets that
    are the data).
  • Domain 3 Security Architecture and engineering
    (13) It is one of the humongous domains in
    CISSP it includes five different modules and
    three other parts. It talks about cryptography,
    security architecture, and engineering, system
    architecture, and it also talks about physical
    security. So it is essential for the examination
    perspective.

6
  • Domain 4 Communication and network security
    (14) It is one of the most extensive fields in
    CISSP from a content perspective and indeed
    important once. Many people do not have a
    networking background they have difficulty
    understanding many of the concepts from this
    domain.
  • Domain 5 Identity and access management (ISM)
    (13) Indeed, it is one of the binding domain
    essentials, but there are few concepts in
    specific parts that are testable from an
    examination perspective.
  • Domain 6 Security assessment and testing
    (12) In this domain, we look at various aspects
    that we need to know from an application security
    perspective the different things we need to
    understand while we asset or test an application
    from a security perspective.
  • Domain 7 Security operations (13) Many people
    have first-hand experience in this domain because
    it talks about the concepts that everybody
    follows or sees at their day to day level. So it
    is going to change management, patch management,
    or vulnerability management. Many people who have
    worked in information security have done at least
    one thing in the security operations section.
  • Domain 8 Software development security (10) In
    this, we will see various ways of developing
    software (like software development life cycle,
    life cycle model, and activity of malicious code
    and their impact on applications, including your
    software applications).

7
Exam Specifics
  • CISSP is a CAT (Computer Adaptive Test)
  • How exactly CAT format works When you start the
    examination, you will give the first question
    the question would have four responses choose
    one of the right answers. Now the movement, you
    select a reply and submit the response the next
    question will base on the previous questions
    response. If someone has done the last question
    correctly, the next question will be a slight
    difficulty level. If someone has done the
    previous question incorrectly, the next question
    will be a slightly lower difficulty level.
  • When the examination gets over, the result will
    decide based on the three rules.
  • Confidence interval rule.
  • Minimum length exam rule.
  • Run out of time rule.
  • 3 hours of duration.
  • You can not flag the question and go back to the
    previous one.
  • You will be given a Wipr Board and pen with an
    inbuilt calculator in the testing system.
  • Questions are weighted.

8
Domain1 Security Risk and governance
  • Domain Agenda
  • Understand and apply the concept of
    confidentiality, integrity, and availability.
  • Develop, and implement security policy,
    standards, procedures, and guidelines.
  • Understanding risk management concepts.
  • Identify, analyze, and prioritize business
    continuity requirements.
  • Understanding CIAConfidentiality Confidentialit
    y means any communication or any information
    intended for a specific audience we will only
    share with those audiences. The best method to
    protect the confidentiality of the data would be
    encryption. Now data at any state needs to be
    protected. So data has typically three different
    forms
  • DIM (Data in motion)
  • DAR (Data at rest)
  • DIU (Data in use)

9
Integrity Any unauthorized modification of the
data by an authorized or unauthorized person
called as there is a compromise or breach in the
integrity. We need to ensure that any
unauthorized modification or alteration of any
data by any authorized and unauthorized person
will be called a compromise or a breach of
integritythe best method or approach for the
examination perspective made through the concept
of hashing.Availability Availability is going
to ensure that the data is available whenever
its needed. Whenever someone wants to access the
information, it should be available to us. The
best method to achieve availability is
fault-tolerance.Develop, and implement security
policy, standards, procedures, and
guidelines.What exactly is your policy? Now,
these documents are essential for any
organization. They need to keep a hold of these
documents because if we do not have these
documents, it is difficult for any enterprise or
organization to create security or drive a
security project at any organization.Policy It
is a mandatory document that precisely the system
is going to state. It is a high-level requirement
for security for any organization. Some security
policies areAccess controlNetwork
securityRisk managementTraining and awareness

10
  • Standards Standards are also mandatory. Standard
    suggests that it(policies) is compulsory for
    every newly hired employee. So whenever someone
    joins the very first time the organization, they
    go through the mandatory orientation program.
  • Guidelines Policy and standard are mandatory,
    but guidelines are optional. It is going to
    suggest the best practice.
  • Baseline Just like policy and the standard, the
    baseline is also mandatory. The baseline is the
    minimum-security requirement. It suggests to you
    how the guidelines and measures can implement.
  • Procedure Procedure is the step by step process
    to conduct any business tasks.
  • Understanding risk management concepts
  • Asset valuation Value of an asset.
  • Vulnerability A weakness, a lack of safeguards.
  • Threat Has the potential to harm the asset.
  • Exploit Instance of compromise.
  • Risk Likelihood that a threat will exploit a
    vulnerability in an asset.
  • Controls Protective mechanism to a security
    vulnerability.

11
Identify, analyze, and prioritize business
continuity requirements
  • Business continuity is going to help you to
    prepare for any disaster.
  • Understand legal and regulatory issues that
    pertain to information security in a global
    context
  • Laws apply to all organizations that collect
    data from EU residents or process that
    information on behalf of someone who manages it.
  • General data protection regulation
  • Breaches informed within 72 hours.
  • Centralized data protection authorities.
  • Individuals will have access to their data.
  • Right to be forgotten Delete information if
    its no longer required.

12
  • InfosecTrain is one of the best consulting
    organizations, focusing on a range of IT security
    training and information security services and
    providing all the necessary CISSP
    certification exam preparation. Certified
    instructors deliver all training with years of
    industry experience. You can check and enroll in
    our CISSP-certification-training to prepare for
    the certification exam.

13
(No Transcript)
14
ABOUT OUR COMPANY
OUR CONTACT
InfosecTrain welcomes overseas customers to come
and attend training sessions in destination
cities across the globe and enjoy their learning
experience at the same time.
 44 7451208413
https//www.facebook.com/Infosectrain/
sales_at_infosectrain.com
https//www.linkedin.com/company/infosec-train/
www.infosectrain.com
https//www.youtube.com/c/InfosecTrain
Write a Comment
User Comments (0)
About PowerShow.com