CISSP : CISSP - Certified Information Systems Security Professional 2015 (Course & Labs)

CISSP-2015-complete
CISSP - Certified Information Systems Security Professional...
ISBN : 978-1-61691-719-7

Gain hands-on expertise in CISSP certification exam by CISSP-2015 course and performance based labs. Performance based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. CISSP certification is vendor-neutral credential designed for IT security practitioners to validate their technical and managerial skills, credibility and, experience. CISSP exam is designed to engineer, implement, and manage the overall information security program to protect organizations from growing sophisticated attacks.

 

Lessons

uCertify uses content from well known publishers, instructors, and subject matter experts. They have a minimum of 15 years of experience in their fields. uCertify brings these textbooks to life. It is full of interactive activities that keep the learner engaged. uCertify brings all available learning resources for a topic in one place so that the learner can efficiently learn without going to multiple places. Challenge questions are also embedded in the chapters so learners can attempt those while they are learning about that particular topic. This helps them grasp the concepts better because they can go over it again right away which improves learning. At the end of every lesson, uCertify courses guide the learners on the path they should follow.

uCertify platform supports 50+ different types of interactive activities, connect the idea, or try it yourself lab activities embedded throughout its course. These interactive activities keep learners engaged and make learning fun.

Here's What You Get

Exercises Flashcards Quizzes Glossary

Each lesson comes with Exercises, Flashcards & Quizzes. There is no limit to the number of times learners can attempt these. Exercises come with detailed remediation, which ensures that learners are confident on the topic before proceeding. Flashcards help master the key concepts. Glossary defines the key terms.

Exercise Questions
309+
Quizzes
233+
Flashcards
636+
Glossary of terms
132+
Lessons
20+

Test Prep & Practice Questions

uCertify provides full length practice tests. These tests closely follow the exam objectives and are designed to simulate real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure that learners are prepared for the certification exam.

Here's What You Get

Pre-assessments Questions
110+
Full Length Tests
3+
Post-Assessments Questions
100+

Features

Full Remediation

Each question comes with detailed remediation explaining not only why an answer option is correct but also why the incorrect answer options are incorrect.

Unlimited Practice

Each test can be taken unlimited number of times until the learner feels they are prepared. Learner can review the test and read detailed remediation. Detailed test history is also available.

Learn, Test and Review Mode

Each test set comes with learn, test and review modes. In learn mode, learners will attempt a question and will get immediate feedback and complete remediation as they move on to the next question. In test mode, learners can take a timed test simulating the actual exam conditions. In review mode, learners can read through one item at a time without attempting it.

Labs

Online labs can be used to supplement training. uCertify labs are an inexpensive & safe way to explore and learn. uCertify labs are versatile - labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training.

Here's What You Get

Performance based lab
113+
Video tutorials
27+
Minutes
33+

Hands on Activities

Access Control

  • Identifying access control types
  • Disabling a service
  • Identifying drawbacks of Kerberos authentication
  • Identifying components of the Kerberos authentication protocol
  • Identifying authentication services
  • Creating a password for account
  • Configuring password policies
  • Enabling and disabling password expiration
  • Configuring NPS to provide RADIUS authentication
  • Configuring NPS network policy
  • Configuring the server
  • Creating and configuring a network
  • Identifying authorization mechanisms
  • Identifying responsibilities

Access Control Attacks and Monitoring

  • Identifying types of system attack
  • Identifying attacks
  • Identifying social engineering attacks
  • Filtering entries in Event Viewer
  • Viewing password hashes
  • Configuring audit policies
  • Viewing different event details
  • Identifying log types

Secure Network Architecture and Securing Network Components

  • Identifying OSI layer functions
  • Identifying OSI layers
  • Identifying connectionless communication
  • Identifying abbreviations for various Internet layer protocols
  • Identifying TCP/IP protocol layers
  • Identifying TCP/IP layers
  • Configuring IPv4 address
  • Identifying application layer protocols
  • Identifying steps in the encapsulation/decapsulation process
  • Identifying flag bit designator
  • Identifying gateway firewalls
  • Identifying hardware devices
  • Connecting systems to the Internet through a firewall router
  • Identifying firewall techniques
  • Identifying types of cable
  • Identifying components of a coaxial cable
  • Configuring Windows 7 wireless settings
  • Configuring SSID
  • Identifying network topologies
  • Identifying UTP categories
  • Identifying steps in CSMA technology
  • Identifying LAN sub technologies

Secure Communications and Network Attacks

  • Identifying secure communication protocols
  • Identifying authentication protocols
  • Creating a remote access VPN connection
  • Identifying VPN protocols
  • Connecting to a server using Remote Desktop Connection
  • Creating a dial-up connection
  • Understanding NAT
  • Identifying switching technology properties
  • Installing Windows Virtual PC
  • Identifying specialized protocols
  • Creating a virtual PC machine
  • Understanding transparency
  • Identifying security solutions
  • Identifying phreaker tools
  • Understanding security boundaries
  • Identifying types of Denial of Service attacks

Security Governance Concepts, Principles, and Policies

  • Identifying security management plans
  • Identifying protection mechanisms
  • Identifying steps in a classification scheme

Risk and Personnel Management

  • Identifying risk actions
  • Understanding elements of risk
  • Identifying steps in quantitative risk analysis

Software Development Security

  • Identifying types of malware
  • Understanding agents
  • Identifying keys in a database
  • Identifying storage types
  • Identifying stages in a waterfall lifecycle model
  • Identifying generations of languages
  • Understanding object-oriented programming terms
  • Identifying levels in Software Capability Maturity Model
  • Identifying testing methods
  • Identifying primary phases of SDLC

Malicious Code and Application Attacks

  • Identifying types of viruses
  • Understanding application attacks
  • Identifying types of viruses
  • Installing the AVG antivirus and scanning a drive

Cryptography and Symmetric Key Algorithms

  • Checking the integrity of messages through MAC values
  • Identifying asymmetric algorithms
  • Identifying cryptographic attacks

PKI and Cryptographic Applications

  • Identifying sequence of sender's process in digital signature system
  • Backing up an encryption certificate and key
  • Understanding PKCS standards

Principles of Security Models, Design, and Capabilities

  • Identifying Information models
  • Identifying TCSEC categories

Security Architecture Vulnerabilities, Threats, and Countermeasures

  • Identifying computer activities
  • Disabling the COM and parallel ports
  • Installing SDRAM and DDR memory modules
  • Connecting speakers to a computer
  • Connecting a keyboard, mouse, and monitor to a computer
  • Understanding process scheduler
  • Identifying RAID levels
  • Identifying service associated with cloud computing

Security Operations

  • Identifying terms associated with data destruction
  • Identifying steps within an effective patch management program
  • Identifying security reviews

Incident Management

  • Identifying steps in incident response management
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Working with a host-based IDS
  • Identifying malicious attacks
  • Identifying RAID level characteristics

Business Continuity Planning

  • Identifying phases in BCP process
  • Identifying man-made threats

Disaster Recovery Planning

  • Identifying processing sites in disaster recovery plan
  • Identifying disaster recovery plan tests

Laws, Regulations, and Compliance

  • Identifying CFAA provisions

Incidents and Ethics

  • Identifying computer crime types

Physical Security Requirements

  • Identifying physical access control mechanisms
  • Identifying terms associated with power issues
  • Identifying primary stages of fire

Appendix A

Exam Information

The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks.

Prepare for the following certification

Career Prospects

  • Security analyst
  • Director of security
  • Security auditor

Exam FAQs
What is the exam registration fee?
USD 599
How many questions are asked in the exam?
The exam contains 250 questions.
What is the passing score?
700

(on a scale of 0-1000)

What is the exam's retake policy?

Test takers who do not pass the exam the first time will be able to retest after 30 days.  Test takers that fail a second time will need to wait 90 days prior to sitting for the exam again.  In the unfortunate event that a candidate fails a third time, the next available time to sit for the exam will be 180 days after the most recent exam attempt.  Candidates are eligible to sit for (ISC)² exams a maximum of 3 times within a calendar year.

Table of Content

Here's What you will Learn

Lesson 1: Access Control

  • Access Control Overview
  • Identification and Authentication Techniques
  • Access Control Techniques
  • Authorization Mechanisms
  • Identity and Access Provisioning Life Cycle
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 2: Access Control Attacks and Monitoring

  • Understanding Access Control Attacks
  • Preventing Access Control Attacks
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 3: Secure Network Architecture and Securing Network Components

  • OSI Model
  • Secure Network Components
  • Cabling, Wireless, Topology, and Communications Technology
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 4: Secure Communications and Network Attacks

  • Network and Protocol Security Mechanisms
  • Virtual Private Network
  • Remote Access Security Management
  • Network Address Translation
  • Switching Technologies
  • WAN Technologies
  • Virtualization
  • Miscellaneous Security Control Characteristics
  • Manage Email Security
  • Secure Voice Communications
  • Security Boundaries
  • Network Attacks and Countermeasures
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 5: Security Governance Concepts, Principles, and Policies

  • Security Management Planning
  • Security Governance
  • Security Roles and Responsibilities
  • Protection Mechanisms
  • Privacy Requirements Compliance
  • Control Frameworks: Planning to Plan
  • Security Management Concepts and Principles
  • Develop and Implement Security Policy
  • Change Control/Management
  • Data Classification
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 6: Risk and Personnel Management

  • Manage Third-Party Governance
  • Risk Management
  • Manage Personnel Security
  • Develop and Manage Security Education, Training, and Awareness
  • Manage the Security Function
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 7: Software Development Security

  • Application Issues
  • Databases and Data Warehousing
  • Data/Information Storage
  • Knowledge-Based Systems
  • Systems Development Controls
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 8: Malicious Code and Application Attacks

  • Malicious Code
  • Password Attacks
  • Application Attacks
  • Web Application Security
  • Reconnaissance Attacks
  • Masquerading Attacks
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 9: Cryptography and Symmetric Key Algorithms

  • Historical Milestones in Cryptography
  • Cryptographic Basics
  • Modern Cryptography
  • Symmetric Cryptography
  • Cryptographic Life Cycle
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 10: PKI and Cryptographic Applications

  • Asymmetric Cryptography
  • Hash Functions
  • Digital Signatures
  • Public Key Infrastructure
  • Asymmetric Key Management
  • Applied Cryptography
  • Cryptographic Attacks
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 11: Principles of Security Models, Design, and Capabilities

  • Understand the Fundamental Concepts of Security Models
  • Objects and Subjects
  • Understand the Components of Information Systems Security Evaluation Models
  • Understand Security Capabilities Of Information Systems
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 12: Security Architecture Vulnerabilities, Threats, and Countermeasures

  • Computer Architecture
  • Avoiding Single Points of Failure
  • Distributed Architecture
  • Security Protection Mechanisms
  • Common Flaws and Security Issues
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 13: Security Operations

  • Security Operations Concepts
  • Resource Protection
  • Patch and Vulnerability Management
  • Change and Configuration Management
  • Security Audits and Reviews
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 14: Incident Management

  • Managing Incident Response
  • Implement Preventive Measures Against Attacks
  • Understand System Resilience and Fault Tolerance
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 15: Business Continuity Planning

  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Assessment
  • Continuity Planning
  • BCP Documentation
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 16: Disaster Recovery Planning

  • The Nature of Disaster
  • Recovery Strategy
  • Recovery Plan Development
  • Training and Documentation
  • Testing and Maintenance
  • Categories of Laws
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 17: Laws, Regulations, and Compliance

  • Laws
  • Compliance
  • Contracting and Procurement
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 18: Incidents and Ethics

  • Investigations
  • Major Categories of Computer Crime
  • Incident Handling
  • Ethics
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 19: Physical Security Requirements

  • Site and Facility Design Considerations
  • Forms of Physical Access Controls
  • Technical Controls
  • Environment and Life Safety
  • Equipment Failure
  • Privacy Responsibilities and Legal Requirements
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Lesson 20: Appendix A

uCertify

uCertify provides courses, simulator, labs, test prep kits for IT certifications including Microsoft, Oracle, Cisco, CompTIA, CIW, PMI, ISC2, Linux, Zend, Google, IC3 , Adobe and many more.

© 2002-2017 uCertify. All Rights Reserved
app_store
google_play