CISSP : Shon Harris' All in One Course for the CISSP Exam

Shon Harris' All in One Course for the CISSP Exam
ISBN : 978-1-61691-728-9
Gain hands-on expertise in (ISC)² CISSP Certification Exam with MHE-CISSP course. The course covers all the objectives of (ISC)² CISSP Exam which includes security and risk management, security engineering, communications and network security, identity and access management, software development security and so on. The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks.


uCertify uses content from well known publishers, instructors, and subject matter experts. They have a minimum of 15 years of experience in their fields. uCertify brings these textbooks to life. It is full of interactive activities that keep the learner engaged. uCertify brings all available learning resources for a topic in one place so that the learner can efficiently learn without going to multiple places. Challenge questions are also embedded in the chapters so learners can attempt those while they are learning about that particular topic. This helps them grasp the concepts better because they can go over it again right away which improves learning. At the end of every lesson, uCertify courses guide the learners on the path they should follow.

uCertify platform supports 50+ different types of interactive activities, connect the idea, or try it yourself lab activities embedded throughout its course. These interactive activities keep learners engaged and make learning fun.

Here's What You Get

Exercises Flashcards Quizzes Glossary

Each lesson comes with Exercises, Flashcards & Quizzes. There is no limit to the number of times learners can attempt these. Exercises come with detailed remediation, which ensures that learners are confident on the topic before proceeding. Flashcards help master the key concepts. Glossary defines the key terms.

Exercise Questions
Glossary of terms

Test Prep & Practice Questions

uCertify provides full length practice tests. These tests closely follow the exam objectives and are designed to simulate real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure that learners are prepared for the certification exam.

Here's What You Get

Pre-assessments Questions
Full Length Tests


Full Remediation

Each question comes with detailed remediation explaining not only why an answer option is correct but also why the incorrect answer options are incorrect.

Unlimited Practice

Each test can be taken unlimited number of times until the learner feels they are prepared. Learner can review the test and read detailed remediation. Detailed test history is also available.

Learn, Test and Review Mode

Each test set comes with learn, test and review modes. In learn mode, learners will attempt a question and will get immediate feedback and complete remediation as they move on to the next question. In test mode, learners can take a timed test simulating the actual exam conditions. In review mode, learners can read through one item at a time without attempting it.

Exam Information

The Certified Information Systems Security Professional (CISSP) certification is a standalone certification from (ISC)² with the exam code CISSP. This exam is for security professionals and it validates working knowledge of information technology security. The exam covers 10 domains of knowledge, including access control, business continuity, and security architecture.

Prepare for the following certification

Career Prospects
  • Security Auditor
  • Security Analyst
  • Security Manager
  • Security Architect
  • Network Architect
  • Director of Security
  • Security Consultant
  • IT Director/Manager
  • Security Systems Engineer
  • Chief Information Security Officer
Exam FAQs
What is the exam registration fee?
USD 599
Where do I take the exam?
What is the format of the exam?
Multiple choice questions and advanced innovative questions
How many questions are asked in the exam?
The exam contains 250 questions.
What is the duration of the exam?
360 minutes
What is the passing score?

(on a scale of 700-1000)

What is the exam's retake policy?
(ISC)²’s policy for retaking the exam via CBT states that after the first unsuccessful exam attempt, candidates will have 3 more attempts to take the exam. For 2nd attempt the candidate must wait for 30 days before next exam attempt. For 3rd attempt he needs to wait for 90 days and for 4th attempt the wait period is 180 days. Candidates are eligible to sit for (ISC)² examinations a maximum of 3 times within a calendar year.
Where can I find more information about this exam?
To know more about the MHE-CISSP, click here.

Table of Content

Here's What you will Learn

Lesson 1: Security and Risk Management

  • Fundamental Principles of Security
  • Security Definitions
  • Control Types
  • Security Frameworks
  • The Crux of Computer Crime Laws
  • Complexities in Cybercrime
  • Intellectual Property Laws
  • Privacy
  • Data Breaches
  • Policies, Standards, Baselines, Guidelines, and Procedures
  • Risk Management
  • Threat Modeling
  • Risk Assessment and Analysis
  • Risk Management Frameworks
  • Business Continuity and Disaster Recovery
  • Personnel Security
  • Security Governance
  • Ethics
  • Summary
  • Quick Tips

Lesson 2: Asset Security

  • Information Life Cycle
  • Information Classification
  • Layers of Responsibility
  • Retention Policies
  • Protecting Privacy
  • Protecting Assets
  • Data Leakage
  • Protecting Other Assets
  • Summary
  • Quick Tips

Lesson 3: Security Engineering

  • System Architecture
  • Computer Architecture
  • Operating Systems
  • System Security Architecture
  • Security Models
  • Systems Evaluation
  • Certification vs. Accreditation
  • Open vs. Closed Systems
  • Distributed System Security
  • A Few Threats to Review
  • Cryptography in Context
  • Cryptography Definitions and Concepts
  • Types of Ciphers
  • Methods of Encryption
  • Types of Symmetric Systems
  • Types of Asymmetric Systems
  • Message Integrity
  • Public Key Infrastructure
  • Key Management
  • Trusted Platform Module
  • Attacks on Cryptography
  • Site and Facility Security
  • The Site Planning Process
  • Protecting Assets
  • Internal Support Systems
  • Summary
  • Quick Tips

Lesson 4: Communication and Network Security

  • Telecommunications
  • Open Systems Interconnection Reference Model
  • TCP/IP Model
  • Types of Transmission
  • Cabling
  • Networking Foundations
  • Networking Devices
  • Intranets and Extranets
  • Metropolitan Area Networks
  • Wide Area Networks
  • Remote Connectivity
  • Wireless Networks
  • Network Encryption
  • Network Attacks
  • Summary
  • Quick Tips

Lesson 5: Identity and Access Management

  • Security Principles
  • Identification, Authentication, Authorization, and Accountability
  • Access Control Models
  • Access Control Techniques and Technologies
  • Access Control Administration
  • Access Control Methods
  • Accountability
  • Access Control Practices
  • Access Control Monitoring
  • Threats to Access Control
  • Summary
  • Quick Tips

Lesson 6: Security Assessment and Testing

  • Audit Strategies
  • Auditing Technical Controls
  • Auditing Administrative Controls
  • Reporting
  • Management Review
  • Summary
  • Quick Tips

Lesson 7: Security Operations

  • The Role of the Operations Department
  • Administrative Management
  • Assurance Levels
  • Operational Responsibilities
  • Configuration Management
  • Physical Security
  • Secure Resource Provisioning
  • Network and Resource Availability
  • Preventative Measures
  • The Incident Management Process
  • Disaster Recovery
  • Insurance
  • Recovery and Restoration
  • Investigations
  • Liability and Its Ramifications
  • Compliance
  • Personal Safety Concerns
  • Summary
  • Quick Tips

Lesson 8: Software Development Security

  • Building Good Code
  • Where Do We Place Security?
  • Software Development Life Cycle
  • Secure Software Development Best Practices
  • Software Development Models
  • Integrated Product Team
  • Capability Maturity Model Integration
  • Change Control
  • Programming Languages and Concepts
  • Distributed Computing
  • Mobile Code
  • Web Security
  • Database Management
  • Malicious Software (Malware)
  • Assessing the Security of Acquired Software
  • Summary
  • Quick Tips

Customer Testimonials

Thanks for having this course available. I passed with 821 with about 3 weeks of really focused activity. The PrepEngine is fantastic. Makes you drill those facts into your head. I would recommend this to anyone that is planning on taking the test.
Kim Lindblom

uCertify provides courses, simulator, labs, test prep kits for IT certifications including Microsoft, Oracle, Cisco, CompTIA, CIW, PMI, ISC2, Linux, Zend, Google, IC3 , Adobe and many more.

© 2002-2017 uCertify. All Rights Reserved