Contact

Certified Information Systems Security Professional (CISSP)

CISSP
Projectmanagement
Hulp of advies nodig?
Stuur een mail
088 – 428 48 48

De CISSP-certificering is internationaal erkend en gericht op ervaren securityprofessionals. De training behandelt zowel technische als beleidsmatige aspecten van informatiebeveiliging. Ideaal voor wie strategisch, tactisch of technisch actief is binnen IT-security.

Leerdoelen

  • Inzicht krijgen in de acht domeinen van de CISSP Common Body of Knowledge (CBK)
  • Risico’s herkennen en passende beveiligingsmaatregelen bepalen
  • Beveiligingsbeleid en -processen opstellen en beoordelen
  • Relevante wet- en regelgeving toepassen binnen securitybeheer
  • Voorbereiden op het officiële CISSP-examen van (ISC)²
  • Securityprofessionals die CISSP-certificering nodig hebben voor hun functie
  • IT’ers die willen doorgroeien binnen security of willen overstappen naar een securityrol

Minimaal vijf jaar werkervaring in twee of meer domeinen van het CISSP CBK

  • Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)
  • Understand and Apply Concepts of Confidentiality, Integrity, and Availability
  • Apply Security Governance Principles
  • Compliance
  • Understand Legal and Regulatory Issues that Pertain to Information Security in a Global Context
  • Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines
  • Understand Business Continuity Requirements
  • Contribute to Personnel Security Policies
  • Understand and Apply Risk Management Concepts
  • Understand and Apply Threat Modeling
  • Integrate Security Risk Considerations into Acquisitions Strategy and Practice
  • Establish and Manage Security Education, Training, and Awareness
  • Asset Security (Protecting Security of Assets)Classify Information and Supporting Assets
    • Determine and Maintain Ownership
    • Protect Privacy
    • Ensure Appropriate Retention
    • Determine Data Security Controls
    • Establish Handling Requirements
  • Security Engineering (Engineering and Management of Security)
    • Implement and Manage an Engineering Life Cycle Using Security Design Principles
    • Understand Fundamental Concepts of Security Models
    • Select Controls and Countermeasures Based Upon Information Systems Security Standards
    • Understand the Security Capabilities of Information SystemsAssess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
    • Assess and Mitigate Vulnerabilities in Web-based Systems
    • Assess and Mitigate Vulnerabilities in Mobile Systems
    • Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
    • Apply Cryptography
    • Apply Secure Principles to Site and Facility Design
    • Design and Implement Facility Security
  • Communications and Network Security (Designing and Protecting Network Security)
    • Apply Secure Design Principles to Network Architecture
    • Securing Network Components
    • Design and Establish Secure Communication Channels
    • Prevent or Mitigate Network Attacks
  • Identity and Access Management (Controlling Access and Managing Identity)
    • Control Physical and Logical Access to Assets
    • Manage Identification and Authentication of People and Devices
    • Integrate Identity as a Service (IDaaS)
    • Integrate Third-Party Identity Services
    • Implement and Manage Authorization Mechanisms
    • Prevent or Mitigate Access Control Attacks
    • Manage the Identity and Access Provisioning Life Cycle
    • Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
    • Design and Validate Assessment and Test Strategies
    • Conduct Security Control Testing
    • Collect Security Process DataConduct or Facilitate Internal and Third-Party Audits
  • Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
    • Understand and Support Investigations
    • Understand Requirements for Investigation Types
    • Conduct Logging and Monitoring Activities
    • Secure the Provisioning of Resources through Configuration Management
    • Understand and Apply Foundational Security Operations Concepts
    • Employ Resource Protection Techniques
    • Conduct Incident Response
    • Operate and Maintain Preventative Measures
    • Implement and Support Patch and Vulnerability Management
    • Participate in and Understand Change Management Processes
    • Implement Recovery Strategies
    • Implement Disaster Recovery ProcessesTest Disaster Recovery Plan
    • Participate in Business Continuity Plannng
    • Implement and Manage Physical Security
    • Participate in Personnel Safety
  • Software Development Security (Understanding, Applying, and Enforcing Software Security)
    • Understand and Apply Security in the Software Development Life Cycle
    • Enforce Security Controls in the Development Environment
    • Assess the Effectiveness of Software SecurityAssess Software Acquisition Security