CISSP Cert Prep: 1 Security and Risk Management

Learning Objectives:
 Aligning security with the business
 Using control frameworks
 Understanding compliance ethics
 Implementing effective security policies
 Planning for business continuity
 Ensuring the security of employees
 Managing risk
 Identifying threats
 Managing vendors
 Building security awareness
 Conducting security training

CISSP Cert Prep: 2 Asset Security

Learning Objectives:
 Understanding data security policies and roles
 Limiting data collection
 Developing security baselines
 Leveraging industry standards
 Restricting access to data with Windows and Linux file permissions
 Encrypting data
 Securing cloud storage

CISSP Cert Prep: 3 Security Architecture and Engineering

Learning Objectives:
 Understanding security design principles and models
 Cloud computing and virtualization
 Hardware security
 Client and server vulnerabilities
 Web security vulnerabilities
 Securing mobile devices and smart devices
 Understanding encryption
 Symmetric and asymmetric cryptography
 Key management and public key infrastructure
 Physical security

1|Page
CISSP Cert Prep: 4 Communication and Network Security
Learning Objectives:
 How IP addresses are assigned and managed
 Multilayer protocols
 VPNs and VPN concentrators
 Designing secure networks
 Firewall management techniques
 Maintaining network availability
 Software defined networking (SDN)
 Port isolation
 Network attacks
 How Wi-Fi networks function
 WPA, WPS, and propagation attacks
 Host-based network security control

CISSP Cert Prep: 5 Identity and Access Management

Learning Objectives:
 Identity and access management overview
 Identification mechanisms: user names, access cards, biometrics, and registration
 Authentication factors
 Password authentication protocols
 Identity as a service (IDaaS)
 Enforcing accountability
 Managing credentials with policies
 Using access control lists
 Defending against access control attacks

CISSP Cert Prep: 6 Security Assessment and Testing

Learning Objectives:
 Using security assessment tools
 Scanning for vulnerabilities
 Threat assessment techniques
 Performing penetration testing
 Reviewing monitor logs
 Performing code reviews
 Performing fuzz testing and misuse case testing
 Analyzing coverage
 Assessing disaster recovery sites and backups
 Testing BC/DR plans
 Collecting security process data and metrics
 Auditing and control management

2|Page
CISSP Cert Prep: 7 Security Operations
Learning Objectives:
 Conducting investigations
 Forensics
 Reporting and documenting incidents
 Continuous security monitoring
 Preventing data loss and theft
 Asset management
 Change management
 Virtualization security
 Security principles: need to know, separation of duties, and more
 Building an incident response program
 Personnel safety and emergency management

CISSP Cert Prep: 8 Software Development Security

Learning Objectives:
 Software development methodologies
 Operation, maintenance, and change management
 DevOps
 Cross-site scripting
 Preventing SQL injection
 Overflow attacks
 Malicious add-ons
 Secure coding practices
 Code signing
 Risk analysis and mitigation
 Software testing
 Acquired software

3|Page