In this CISSP Domain 1 video training course, I will provide you the knowledge, experience and practical skills you need to pass the CISSP certification. In addition, you will get my years of experience (Over 18 years) as I translate CISSP training requirements into real-world examples.
Included in this course:
Full CISSP Domain 1 Videos
12 Sections - 31 Videos
Slides available to download for Domain 1
10 CISSP practice questions
The curriculum in this course covers the content that will be on the most current CISSP exam (April 2018). Each objective that is required for the CISSP exam will be covered in varying degrees of complexity and competency. The next upgrade to the CISSP curriculum/exam will occur in 2021.
In Domain 1 we will cover:
Introduction
Introduction
Purpose
ISC2
Understand and apply concepts of confidentiality, integrity and availability
Confidentiality
Integrity
Availability
Evaluate and apply security governance principles
Alignment of security function to business strategy, goals, mission, and objectives
Organizational processes (e.g., acquisitions, divestitures, governance committees
Organizational roles and responsibilities
Security control frameworks
Due care/due diligence
Determine compliance requirements
Contractual, legal, industry standards, and regulatory requirements
Privacy requirements
Understand legal and regulatory issues that pertain to information security in a global context
Cyber crimes and data breaches
Licensing and intellectual property requirements
Import/export controls
Trans-border data flow
Privacy
Understand, adhere to, and promote professional ethics
(ISC)² Code of Professional Ethics
Organizational code of ethics
Develop, document, and implement security policy, standards, procedures, and guidelines
Identify, analyze, and prioritize Business Continuity (BC) requirement
Develop and document scope and plan
Business Impact Analysis (BIA)
Contribute to and enforce personnel security policies and procedures
Candidate screening and hiring
Employment agreements and policies
Onboarding and termination processes
Vendor, consultant, and contractor agreements and controls
Compliance policy requirements
Privacy policy requirements
Understand and apply risk management concepts
Identify threats and vulnerabilities
Risk assessment/analysis
Risk response
Countermeasure selection and implementation
Applicable types of controls (e.g., preventive, detective, corrective)
Security Control Assessment (SCA)
Monitoring and measurement
Asset valuation
Reporting
Continuous improvement
Risk frameworks
Understand and apply threat modeling concepts and methodologies
Threat modeling methodologies
Threat modeling concepts
Apply risk-based management concepts to the supply chain
Risks associated with hardware, software, and services
Third-party assessment and monitoring
Minimum security requirements
Service-level requirements
Establish and maintain a security awareness, education, and training program
Methods and techniques to present awareness and training
Periodic content reviews
Program effectiveness evaluation
Notes / Disclaimers:
In order for you to pass the CISSP test you need to have the substantial knowledge through experience and knowledge.
The test was originally written in English, but there are other language versions available
Answering the questions you need to consider the "perfect world" scenario and that work around options may be technically correct, but they may not meet (ISC)2 point of view
You need to be able to spot the keywords (DR, BCP, Policy, Standards, etc.) as well as the indicators (First, Best, Last, Least, Most)
Understand and answer every question from the Manager, CISO, or Risk Advisers Point of View (PoV). Answering the questions from a CIO or technical perspective will place your thinking too high or down in the weeds too far.
Understand that you are to answer the questions based on being proactive within your environment. Enable a Vulnerability Management Program before you have vulnerability issues.
The English version of the CISSP exam, utilizes the Computerized Adaptive Testing (CAT) format and is 3 hours long with 100-150 questions
Most people studying for CISSP certification will various media sources, test banks, and various books to enhance their test taking experience.
Don’t rely on one source to teach you all that you need to know for the CISSP….Invest in multiple training opportunities. The future payoff is worth the time and energy.