CISSP - Certified Information Systems Security Professional
CISSP hazırlık eğitimi ile bilgi güvenliği alanında uluslararası sertifika sahibi olabilmek için hazırlanmış eğitim programıdır.
- Genel Bilgiler
- Eğitim İçeriği (Müfredat)
DOMAIN 1: SECURITY AND RISK MANAGEMENT
-
1Understand and apply concepts of confidentiality, integrity and availability
-
2Apply security governance principles
-
3Compliance
-
4Understand legal and regulatory issues that pertain to information security in a global context
-
5Understand professional ethics
-
6Develop and implement documented security policy, standards, procedures, and guidelines
-
7Understand business continuity requirements
-
8Contribute to personnel security policies
-
9Understand and apply risk management concepts
-
10Understand and apply threat modelling
-
11Integrate security risk considerations into acquisition strategy and practice
-
12Establish and manage information security education, training, and awareness
DOMAIN 2: ASSET SECURITY
DOMAIN 3: SECURITY ENGINEERING
-
19Implement and manage engineering processes using secure design principles
-
20Understand the fundamental concepts of security models
-
21Select controls and countermeasures based upon systems security evaluation models
-
22Understand security capabilities of information systems
-
23Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
-
24Assess and mitigate the vulnerabilities in web-based systems
-
25Assess and mitigate vulnerabilities in mobile systems
-
26Assess and mitigate vulnerabilities in embedded devices and cyber-physical systems
-
27Apply cryptography
-
28Apply secure principles to site and facility design
-
29Design and implement physical security
DOMAIN 4: COMMUNICATION & NETWORK SECURITY
DOMAIN 5: IDENTITY & ACCESS MANAGEMENT
-
34Control physical and logical access to assets
-
35Manage identification and authentication of people and devices
-
36Integrate identity as a service
-
37Integrate third-party identity services
-
38Implement and manage authorization mechanisms
-
39Prevent or mitigate access control attacks
-
40Manage the identity and access provisioning lifecycle
DOMAIN 6: SECURITY ASSESMENT & TESTING
DOMAIN 7: SECURITY OPERATIONS
-
46Understand and support investigations
-
47Understand requirements for investigation types
-
48Conduct logging and monitoring activities
-
49Secure the provisioning of resources
-
50Understand and apply foundational security operations concepts
-
51Employ resource protection techniques
-
52Conduct incident management
-
53Operate and maintain preventative measures