یکی از دوره هایی که میتواند کمکم زیادی به افزایش سطح دانش شما در زمینه امنیت کند ، دوره CISSP می باشد. این دوره توسط مدرسین کمپانی CBT آقایان Keith Barker و Ben Finkel منتشر شده است. دوره CISSP به وظایف و مسئولیت های لازم برای طراحی موثر ، مهندسی و مدیریت کلی وضعیت امنیتی یک سازمان ، می پردازد.
هشت مبحث عمده در این دوره شامل امنیت و مدیریت ریسک ، ارزیابی امنیت ، مهندسی امنیت ، امنیت شبکه و ارتباطات ، مدیریت دسترسی ، تست امنیت ، عملیات های امنیت ، امنیت توسعه نرم افزار می باشد. در ادامه سرفصل های این دوره را مشاهده میکنید:
- Welcome to CISSP 2018
- CIA Concepts
- Cyber Crime Terms and Vocabulary
- 27000 Series Framework
- Due Care Due Diligence
- Inside Threats and Ethics
- Policies Start with Senior Management
- Defining Risk
- Control Types
- Compliance Requirements
- DR, BC, and BIA
- Security Awareness Training
- Intellectual Property and Licensing
- Policy Life Cycle
- Threat Modeling
- Supply Chain Risk Management
- Classifying Assets and Information
- Stewards and Custodians of Assets and Information
- Protecting Privacy
- Data Retention
- Determining Security Controls
- Data State and Resources for Security Control Frameworks
- Information and Asset Handling Policies
- Designing with Security in Mind
- Security Model Fundamentals
- System Security Requirements
- Hardware and Firmware Security Capabilities
- Assessing Vulnerabilities
- Vulnerabilities
- Facility Design and Controls
- Symmetric Encryption Concepts
- Asymmetric Encryption Concepts
- Digital Signature Concepts
- Hashing for Integrity
- Asymmetrical Encryption with Email
- PKI uses and Revoking Certs
- Power Considerations
- OSI and IP Models
- IP Networking
- Wi-Fi Security Considerations
- Network Component Security
- Virtualized Network Security Considerations
- Securing Communications Channels
- Identity Management (IdM)
- AAA as Part of Our Controls
- Centralized Authentication with RADIUS
- Using LDAP with Directory Services
- Multi-Factor Authentication Categories
- Biometric Accept-Reject Rates
- Options for Biometric Authentication
- DAC and MAC and RBAC
- - IAM Provisioning Lifecycle
- Testing, Auditing, and Assessment Overview
- Penetration Testing
- Vulnerability Scans and Assessments
- Reviewing and Testing Code
- Security-Related Data Collection
- Continuous Monitoring
- Supporting Investigations
- Types of Evidence
- Chain of Custody
- The Forensics Process
- Separation of Duties
- Media Management
- Backups
- Logging with Separation of Duties
- RAID Concepts
- Incident Response Overview
- Phases of Incident Handling
- Improving Security with Configuration Management
- Patch Management
- Change Management
- Comparing IDS and IPS
- IDS and IPS Detection Methods
- Network vs Host-Based IDS and IPS
- IDS and IPS Alarms
- Traditional and Next-Generation Firewalls
- Categorizing Vulnerabilities with CVSS
- Calculating Vulnerability Scores
- Honeypots
- Fault Tolerance for Availability
- DR and Alternate Sites
- H W and S W Planning for DR
- Directing and Communicating DR
- Personnel Safety and Security
- Software Development
- Change Management
- Software Capability Maturity Model (CMMI)
- Programming
- Common Software Vulnerabilities
- Web Software Vulnerabilities
پیش نیازها:
- این دوره مخصوص متخصصین شبکه می باشد که دارای سابقه کاری حداقل دو سال به عنوان کارشناس شبکه را دارند.
گواهی نامه های مرتبط:
فرصت های شغلی:
- کارشناس امنیت شبکه
- طراحی و تحلیل امنیت
CBT Nuggets trainers Keith Barker and Ben Finkel recently released their new (ISC)2 CISSP 2018 course, which covers tasks, duties, and responsibilities needed to effectively design, engineer, and manage the overall security posture of an organization
This course addresses the eight security domains on the certification exam:
- Security and risk management
- Asset security
- Security architecture and engineering
- Communication and network security
- Identity and access management
- Security assessment and testing
- Security operations
- Software development security
Keith teaches the first seven domains, and Ben draws from his software development background to cover the final domain material.
About the (ISC)2 exam
While there are no prerequisites to take the CISSP exam, though test takers must document five years of relevant work experience to obtain the certification. A four-year college degree or equivalent can reduce the requirement by 1 year. See the ISC(2) website for full details. Additionally, CISSP applicants must either be endorsed by an (ISC)2 sponsor or submit an application for endorsement by (ISC)2.
The exam also meets the requirement for DODD 8750 and/or DODD 8140 baseline certifications for IAT Level III, and IAM Level II and III.
This course includes:
- 9 hours of training
- 95 videos
- In-video quizzes
Keith Barker has been a CBT Nuggets trainer since 2012 and holds numerous certifications, including Cisco CCIE Routing and Switching, Cisco CCIE Security, (ISC)2 CISSP, VMware VCP, Palo Alto PCNSE, and others.
Ben Finkel has worked in software development since 1996. Before joining CBT Nuggets in 2014, he was a software engineer in the banking industry. He is a Google Certified Trainer. His areas of expertise include Microsoft Azure, Google Cloud, and various programming frameworks.
Study Media