CISSP Certification: Domain 1 (Video Training Course) - 2019

In this CISSP Domain 1 video training course, I will provide you the knowledge, experience and practical skills you need to pass the CISSP certification. In addition, you will get my years of experience (Over 18 years) as I translate CISSP training requirements into real-world examples.

Included in this course:

• Full CISSP Domain 1 Videos

  • 12 Sections - 31 Videos

• Slides available to download for Domain 1

• 10 CISSP practice questions

The curriculum in this course covers the content that will be on the most current CISSP exam (April 2018). Each objective that is required for the CISSP exam will be covered in varying degrees of complexity and competency. The next upgrade to the CISSP curriculum/exam will occur in 2021.

In Domain 1 we will cover:

• Introduction

  • Introduction

  • Purpose

  • ISC2

• Understand and apply concepts of confidentiality, integrity and availability

  • Confidentiality

  • Integrity

  • Availability

• Evaluate and apply security governance principles

  • Alignment of security function to business strategy, goals, mission, and objectives

  • Organizational processes (e.g., acquisitions, divestitures, governance committees

  • Organizational roles and responsibilities

  • Security control frameworks

  • Due care/due diligence

• Determine compliance requirements

  • Contractual, legal, industry standards, and regulatory requirements

  • Privacy requirements

• Understand legal and regulatory issues that pertain to information security in a global context

  • Cyber crimes and data breaches

  • Licensing and intellectual property requirements

  • Import/export controls

  • Trans-border data flow

  • Privacy

• Understand, adhere to, and promote professional ethics

  • (ISC)² Code of Professional Ethics

  • Organizational code of ethics

• Develop, document, and implement security policy, standards, procedures, and guidelines

• Identify, analyze, and prioritize Business Continuity (BC) requirement

  • Develop and document scope and plan

  • Business Impact Analysis (BIA)

• Contribute to and enforce personnel security policies and procedures

  • Candidate screening and hiring

  • Employment agreements and policies

  • Onboarding and termination processes

  • Vendor, consultant, and contractor agreements and controls

  • Compliance policy requirements

  • Privacy policy requirements

• Understand and apply risk management concepts

  • Identify threats and vulnerabilities

  • Risk assessment/analysis

  • Risk response

  • Countermeasure selection and implementation

  • Applicable types of controls (e.g., preventive, detective, corrective)

  • Security Control Assessment (SCA)

  • Monitoring and measurement

  • Asset valuation

  • Reporting

  • Continuous improvement

  • Risk frameworks

• Understand and apply threat modeling concepts and methodologies

  • Threat modeling methodologies

  • Threat modeling concepts

• Apply risk-based management concepts to the supply chain

  • Risks associated with hardware, software, and services

  • Third-party assessment and monitoring

  • Minimum security requirements

  • Service-level requirements

• Establish and maintain a security awareness, education, and training program

  • Methods and techniques to present awareness and training

  • Periodic content reviews

  • Program effectiveness evaluation

Notes / Disclaimers:

• In order for you to pass the CISSP test you need to have the substantial knowledge through experience and knowledge.

• The test was originally written in English, but there are other language versions available

• Answering the questions you need to consider the "perfect world" scenario and that work around options may be technically correct, but they may not meet (ISC)2 point of view

• You need to be able to spot the keywords (DR, BCP, Policy, Standards, etc.) as well as the indicators (First, Best, Last, Least, Most)

• Understand and answer every question from the Manager, CISO, or Risk Advisers Point of View (PoV). Answering the questions from a CIO or technical perspective will place your thinking too high or down in the weeds too far.

• Understand that you are to answer the questions based on being proactive within your environment. Enable a Vulnerability Management Program before you have vulnerability issues.

• The English version of the CISSP exam, utilizes the Computerized Adaptive Testing (CAT) format and is 3 hours long with 100-150 questions

• Most people studying for CISSP certification will various media sources, test banks, and various books to enhance their test taking experience.

• Don’t rely on one source to teach you all that you need to know for the CISSP….Invest in multiple training opportunities. The future payoff is worth the time and energy.