Course
Digicomp Code SSP
ISC2 Certified Information Systems Security Professional® (CISSP®) («SSP»)
Course facts
- Learning how to plan, implement, and manage information security programs in accordance with international standards (e.g., ISO 27001, NIST, CIS)
- Applying security and risk management methods to identify, assess, and treat risks
- Designing secure IT architectures and system designs, taking into account cryptography, network security, and physical protection measures
- Implementing identity and access management (IAM) and defining secure authentication and authorization procedures
- Analyzing and testing existing security controls, performing audits, tests, and vulnerability analyses
- Planning and controlling operational security processes such as incident response, monitoring, business continuity, and disaster recovery
- Evaluating software development processes and integrating security aspects into the entire software lifecycle
- Preparing for the CISSP® exam through structured review, case studies, and exam strategies for optimal knowledge application
Domains – (ISC)² CISSP®Certified Information Systems Security Professional®:
1 Security and Risk Management
- Fundamentals of security and risk management, legal and regulatory requirements, compliance, and strategies for business continuity and governance.
2 Asset Security
- Protection and management of information assets – from data classification and ownership rights to secure storage and disposal of sensitive information.
3 Security Architecture and Engineering
- Design and operation of secure architectures and systems, understanding of security models, cryptography, hardware and network security.
4 Communications and Network Security
- Planning, setting up and securing networks, protecting communication channels and using secure protocols against internal and external threats.
5 Identity and Access Management (IAM)
- Management of user identities and access rights, authentication mechanisms, lifecycle management, and principles such as least privilege or separation of duties.
6 Security Assessment and Testing
- Planning and execution of security assessments, audits, penetration tests, and continuous monitoring to ensure the effectiveness of security measures.
7 Security Operations
- Operation and control of security-related processes – including incident response, monitoring, forensic analysis, recovery, and emergency management.
8 Software Development Security
- Integration of security principles into the software development process, secure programming, testing methods, and control of software security risks.
CISSP® certification is aimed at professionals and managers who actively contribute to shaping a secure digital world, such as security consultants, analysts, managers, auditors, and architects. CISSP® certification is particularly valuable for anyone seeking a responsible role in IT security, up to and including the position of Chief Information Security Officer (CISO).
To participate in the course, we recommend expertise in the field of information security/cyber security.
To be eligible for the CISSP® exam, you must have at least five years of practical experience (or four years with a university degree) in one of the eight areas of the CBK (Common Body of Knowledge). The 8 CBKs are:
- Security and Risk Management
- Asset Security
- Security Engineering
- Communications and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security
Experience in telecommunications and networks is an advantage, and a good understanding of English is required. Further information can be found on the ISC2.org website.
Exam information
- Exam duration: 3 hours
- Number of questions: 100 to 150
- Format: Multiple choice
- Pass rate: 70% (700/1000 points)
- Language: English, Chinese, German, Japanese, Spanish
- Exam content: The 8 domains
- Domain 1: Security and Risk Management – 16%
- Domain 2: Asset Security – 10%
- Domain 3: Security Architecture and Engineering – 13%
- Domain 4: Communication and Network Security – 13%
- Domain 5: Identity and Access Management (IAM) – 13%
- Domain 6: Security Assessment and Testing – 12%
- Domain 7: Security Operations – 13%
- Domain 8: Software Development Security – 10%
Exam fees and registration
We recommend that you allow additional preparation time after the course to ensure you are fully prepared for the exam. Exam fees are not included in the course price. You can register for the CISSP® exam online at PearsonVUE. Alternatively, you can take the CISSP® exam on site at Helidux.
Applying for certification
Once you have passed the CISSP® exam, you can apply for the official (ISC)² certificate. To do so, you must sign the (ISC)² Code of Ethics and have your professional experience verified by an actively certified (ISC)² professional. Certification must be completed within nine months of the exam date. If you are unable to find a suitable person, (ISC)² will assist you in validating your application.
Recertification
The CISSP certificate is valid for three years. To maintain your certification, you must provide proof of continuing professional education (CPE) and pay the annual maintenance fee (AMF) to (ISC)². This ensures that your expertise remains up to date and your status as a Certified Professional remains active.