Training‎ > ‎

CISSP Boot Camp

Course titleCISSP Certified Information Systems Security Professional
Delivery methodClassroomClassroom
CostPlease Contact
Days/Duration4/5 days

CISSP Certification - A Five Day Seminar

CISSP certification is highly valued and considered as one of the elite information security courses in the IT industry. The CISSP training & certification course is significant for IT professionals those who are involved in developing information security policies, standards and procedures and managing their implementation across the organization.
The classroom session in CISSP training course include instructor-led training, where the students learn about:

  1. Access Control
  2. Telecommunications and Network Security
  3. Information Security Governance and Risk Management
  4. Software Development Security
  5. Cryptography 
  6. Security Architecture and Design 
  7.  Operations Security
  8. Business Continuity and Disaster Recovery Planning 
  9. Legal, Regulations, Investigations and Compliance
  10. Physical (Environmental) Security 


Aimed at security professionals, this course surveys the entire information security landscape and the technologies involved. The course addresses the ten knowledge domains that comprise the common body of knowledge (CBK) for information systems security professionals and will help delegates prepare for CISSP certification.

The course offers a theory based approach to the security process, with opportunities to discuss the immediate application of concepts and techniques described in the CBK to the real world. It can be considered as providing a good introduction to security management, architecture and engineering.

The course comprises of ten sessions that map directly to the (CBK), each one is theory based with instructor led discussions; there are no hands on labs.


  • This course will assist delegates preparing for the following exam: CISSP Certified Information Systems Security Professional.

  • (ISC)² have implemented Computer-Based Testing (CBT) for CISSP exams to create a better user experience for a larger pool of candidates and greater global exam accessibility. Candidates can register for Computer-Based Testing (CBT) for CISSP, CISSP concentrations and the SSCP certification exams via CBT worldwide beginning June 1, 2012, with the ability to sit for an exam as early as the next day. (We recommend booking a month in advance to guarantee the date you want.)

  • To book the new CBT exam requires the candidate to acquire a Pearson VUE testing voucher. Please note, the price of the voucher is not included in the Training Fees of this course


Who Should Attend:

If you plan to build a career in information security CISSP is the gold standard certification to attain.

  • The course can run in two formats, the standard public event or as a boot camp. The boot camp allows the customer to specify longer working hours which allows a deeper and more detailed discussion of the technologies involved.
  • A public event would typically run 9.30 till 5 pm.
  • Boot camps can run 9 am to 5.30 pm or 9 am to 8 pm, depending on your preference.
  • A boot camp also traditionally finishes with a test prep exam, which takes place after lunch on the last day. This allows the delegates to approach the topics covered in a question and answer format, and then discuss their answers with the trainer and class.


Delegates should have experience in at least two of the domains in the (CBK), for 5 years or more (4 years if they have achieved relevant industry or degree level certifications) to achieve full certification. Associate status can be achieved without the full 4/5 years experience; full certification will be assigned when the correct amount of experience is obtained.

  • We recommend delegates have some knowledge of all CBK domains and are encouraged to read one or two of the books on the Reading List at
  • QA will provide a CISSP guide book as pre-reading

We recommend that work completed in the classroom is complimented by extra reading to ensure success in the exam. The amount of extra reading required will depend on the amount of experience the delegate has. The 'mile wide, inch deep' description indicates the challenge to most delegates, not all will have 'hands on' experience spanning all 10 domains of the CBK.

Delegates will be provided with pre-course reading two weeks prior to attending the course. The success on the course will be enhanced by close attention to the pre-reading materials. If you have not received your pre-reading material within one week of the start of your course, please contact your Account Manager. You do not need to bring the pre-reading materials to the course.

Course Outline.

Module 1: Access Control

  • Identification, Authentication, Authorisation and Accounting
  • Digital Identities
  • SSO
  • DAC, MAC and RBAC
  • Accountability
  • Data Classification
  • Access Control Attacks

Module 2: Security Architecture and Design

  • Computer Hardware
  • Operating System Architecture
  • Trusted Computing Base
  • OS Modes and Protection Rings
  • System Architecture Design
  • Security Models
  • Secure Modes of Operation
  • System Evaluation

Module 3: Telecommunications and Network Security

  • Network Attacks
  • IP and TCP headers
  • Firewalls
  • DNS
  • IPS and IDS
  • VPN's
  • Wireless
  • Data Communications

Module 4: Cryptography

  • Hashing
  • Symmetric Encipher
  • Asymmetric Encipher
  • Certificates
  • Signatures
  • PKI Public Key Cryptography
  • Stream and Block Ciphers
  • Cryptographic attacks

Module 5: Information Security Governance and Risk Management

  • Security Management
  • Risk Management
  • Information Security Policies
  • Controls
  • Awareness
  • Governance

Module 6: Software Development Security

  • Design
  • Software Development Lifecycle
  • Development Methodologies
  • System Modeling
  • Coding Methodologies
  • Application Infrastructure
  • Application Design Best Practices
  • Databases
  • Web Applications

Module 7: Operations Security

  • Operations
  • Roles
  • Monitoring
  • Auditing
  • Server Management
  • Configuration Management
  • Storage Media
  • Data Leaks

Module 8: Physical Security

  • Physical Threats
  • Access Control
  • Fire
  • Comm.'s Room
  • Locks and Keys
  • Utilities

Module 9: Business Continuity and Disaster Recovery Planning

  • Project Plan
  • Recovery and Continuity Planning
  • Business Impact Analysis
  • Disaster Recovery and Continuity
  • Backup and DR Sites
  • Drills and Tests
  • Crisis
  • High Availability
  • Lifecycle of Recovery

Module 10: Legal, Regulations, Compliance and Investigation

  • Types of Law
  • Data Protection Act
  • Privacy
  • Intellectual Property
  • Investigations
  • Hackers
  • Ethics
  • PCI