Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
ISC2 CISSP - Certified Information Systems Security Professional
The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security market. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization. The broad spectrum of topics included in the CISSP Common Body of Knowledge (CBK®) ensure its relevancy across all disciplines in the field of information security.
Course Overview
- CISSP candidates must meet specific requirements, as established by (ISC)2 — see: https://www.isc2.org/cissp/default.aspx
- Those without the required experience can take the exam to become an Associate of (ISC)² while working toward the experience needed for full certification.
- CISSPs are required by (ISC)2 to earn 120 Continuing Professional Education (CPE) credits every three years.
8890 McGaw Road
Suite 200
Columbia, MD 21045
625 W Adams Street
Chicago, IL 60661
5908 Headquarters Drive
Suite 400
Plano, TX 75024
201 N Franklin St
Floor 37
Tampa, FL 33602
40 E. Rio Salado Parkway
Suite 200
Tempe, AZ 85281
- Providers
- Courses
- Course and Provider Quantity
Learning Objectives
- Apply concepts of confidentiality, integrity, availability, and security governance principles and compliance.
- Align overall organizational operational goals with security functions and implementation.
- Determine how to protect assets of the organization as they go through their lifecycle.
- Leverage the concepts, principles, structures, and standards used to design, implement, monitor and secure operating systems, equipment, networks, applications etc.
- Apply security design principles to select appropriate mitigations for vulnerabilities present in common information system types and architecture.
- Explain the importance of cryptography and the security services it can provide in today’s digital and information age.
- Evaluate the physical security elements relative to information system needs.
- Evaluate the elements that comprise communication and network security relative to information security needs.
- Leverage the concepts and architecture that define the associated technology and implementation systems and protocols.
- Determine appropriate access control models to meet business security requirements.
- Apply physical and logical access controls models to meet information security needs.
- Differentiate between primary methods for designing and validating test and audit strategies that support information security requirements.
- Apply appropriate security controls and countermeasures to optimize an organization’s operation function and capacity. •Assess information systems risks to an organization’s operational endeavors.
- Determine appropriate controls to mitigate specific threats and vulnerabilities.
- Apply information systems security concepts to mitigate the risk of software and systems vulnerabilities through the systems’ lifecycles.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.