CISSP training

Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open-ended questions from the instructor to the students, matching and poll questions, group activities, open/closed questions, and group discussions. This interactive learning technique is based on sound adult learning theories.

1. Understand and apply the concepts of risk assessment, risk analysis, data classification and security awareness and implement risk management and the principles used to support it (risk avoidance, risk acceptance, risk mitigation, risk transference).
2. Apply a comprehensive and rigorous method for describing a current and/or future structure and behaviour for an organisation's security processes, information security systems, personnel, and organisational sub-units so these practices and processes align with the organisation's core goals and strategic direction and address the frameworks and policies, concepts, principles, structures and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organisation’s information assets.
3. Apply a comprehensive and rigorous method for describing a current and/or future structure and behaviour for an organisation's security processes, information security systems, personnel, and organisational sub-units so that these practices and processes align with the organisation's core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality and authenticity.
4. Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity and availability for transmissions over private and public communications networks and media, and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise.
5. Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organisations to have a better understanding of the state of their security posture.
6. Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process.
7. Protect and control information processing assets in centralised and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently.
8. Understand the software development life cycle and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security.