Certified Information Systems Security Officer (CISSO) – Outline

Detailed Course Outline

Course Introduction

  • Module 1 – Risk Management a. Risk Definitions b. Risk Management c. Risk Assessment d. Responding to Risk
  • Module 2 – Security Management a. Understanding Security b. Information Security Management System c. Roles and Responsibility d. Security Frameworks e. Human Resources
  • Module 3 – Identification and Authentication a. Identity Management b. Authentication Techniques c. Single Sign-on d. Access Control Monitoring
  • Module 4 – Access Control a. Access Control Types and Characteristics b. Information Classification c. Access Control Models and Techniques d. Access Control Methods
  • Module 5 – security Models and Evaluation Criteria a. Trusted Computing Base b. Protection Mechanisms c. Security Models d. Evaluation Criteria
  • Module 6 – Operations Security a. Administrative Management Responsibilities b. Product Implementation Management c. Redundancy and Fault Tolerance d. Operational Issues and Responses e. Threats to Operations
  • Module 7 – Symmetric Cryptography and Hashing a. Cryptography Terms b. Historical Uses of Cryptography c. Cryptography Foundations d. Modern Cryptography e. Hashing
  • Module 8 – Asymmetric Cryptography and PKI a. Asymmetric Cryptography b. Hybrid Crypto and Digital Signatures c. Public Key Infrastructure d. Cryptography in Use e. Attacks on Cryptography
  • Module 9 – Network Connections a. Network and Communications Security b. Topologies c. Cabling d. LAN and WAN
  • Module 10 – Network Protocols and Devices a. OSI Model b. Network Devices c. Network Security Sentries d. Ports, Protocols and Services
  • Module 11 – Telephony, VPNs and Wireless a. Telephony b. VPNs c. Wireless d. Network Based Attacks
  • Module 12 – Security Architecture and Attacks a. Security Architecture b. Architectural Models c. System Threats
  • Module 13 – Software Development Security a. Software Security Concerns b. Software Lifecycle Development Processes c. Web Application Security d. PCI-DSS Compliance
  • Module 14 – Database Security a. Database Models &Terminology b. Database Security Issues c. Artificial Intelligence
  • Module 15 – Malware and Attacks
  • Module 16 – Business Continuity a. Project Initiation b. Business Impact Analysis c. Determining Recovery Strategies d. Writing the Plan e. Preparing for a Disaster f. Introduction to Business Continuity Management
  • Module 17 – Incident Management, Law and Ethics a. Incident Management b. Law c. Computer Crime d. Evidence Handling e. Privacy Legislations f. Ethics
  • Module 18 – Physical Security a. Facility Location and Construction b. Risks, Threats and Countermeasures c. Perimeter Protection d. Electrical Power Issues e. Fire Prevention, Detection and Suppression.