Certified Information Systems Security Professional (CISSP)

Certified Information Systems Security Professional (CISSP)

位教师：Bill Rosenthal

访问权限由 Coursera Learning Team 提供

9个模块

深入了解一个主题并学习基础知识。

5 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

9个模块

深入了解一个主题并学习基础知识。

5 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

您将学到什么

You will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.

要了解的详细信息

可分享的证书

添加到您的领英档案

作业

1 项作业

授课语言：英语（English）

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

该课程共有9个模块

Welcome to Certified Information Systems Security Professional (CISSP®): Seventh Edition. With your completion of the prerequisites and necessary years of experience, you are firmly grounded in the knowledge requirements of today's security professional. This course will expand upon your knowledge by addressing the essential elements of the eight domains that comprise a Common Body of Knowledge (CBK®) for information systems security professionals. The course offers a job-related approach to the security process, while providing a framework to prepare for CISSP certification.

CISSP is the premier certification for today's information systems security professional. It remains the premier certification because the sponsoring organization, the International Information Systems Security Certification Consortium, Inc. (ISC)2®, regularly updates the test by using subject matter experts (SMEs) to make sure the material and the questions are relevant in today's security environment. By defining eight security domains that comprise a CBK, industry standards for the information systems security professional have been established. The skills and knowledge you gain in this course will help you master the eight CISSP domains and ensure your credibility and success within the information systems security field. This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. This course targets the 2024 version of the CISSP exam. In this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK. You will: • Analyze components of the Security and Risk Management domain. • Analyze components of the Asset Security domain. • Analyze components of the Security Architecture and Engineering domain. • Analyze components of the Communication and Network Security domain. • Analyze components of the Identity and Access Management domain. • Analyze components of the Security Assessment and Testing domain. • Analyze components of the Security Operations domain. • Analyze components of the Software Development Security domain You will need to have the following software installed: Microsoft Windows® and Adobe® Acrobat® Reader or an equivalent PDF viewer. The course setup instructions provided in the first module of the course go into more detail about the hardware and software requirements.

In this course, you will explore a broad range of security concepts and best practices designed to meet the demands of increasingly specialized information systems security. Before you address specific security areas or elements, it is important that you have a plan in place for the overall management of these processes and elements. In this lesson, you will understand what comprises successful security and risk management.

涵盖的内容

16个插件

16个插件总计460分钟

Getting Started with This Course30分钟
Lesson Introduction5分钟
Security Concepts30分钟
Security Governance Principles30分钟
Compliance30分钟
Professional Ethics30分钟
Security Documentation30分钟
Risk Management30分钟
Threat Modeling30分钟
Risk Response30分钟
Business Continuity Plan Fundamentals30分钟
Acquisition Strategy and Practice30分钟
Personnel Security Policies30分钟
Security Awareness and Training30分钟
Mastery Builder: Assessing Security and Risk Management60分钟
Lesson Summary5分钟

In the last lesson, you learned the importance of the CIA triad and risk assessment and management. Because data is such an important asset to an organization, many of these same concepts will need to be applied to it as well. As data needs become more critical and the need to access it even more real time, it has become even more difficult to protect it. Organizations have always needed to protect their physical data assets and now they need to protect their logical data assets as well. Additionally, your users are no longer willing to exclusively work at their desk; they want whenever, wherever access. This means protecting data on more devices in more places than ever before. Companies need to consider all the places they store and transmit data and look for ways to protect it.

涵盖的内容

9个插件

Now that you understand the relationship between assets, risks, and security, you can start to design cybersecurity for your organization.

涵盖的内容

15个插件

15个插件总计490分钟

Lesson Introduction5分钟
Security in the Engineering Lifecycle35分钟
System Component Security35分钟
Security Models35分钟
Controls and Countermeasures in Enterprise Security35分钟
Information System Security Capabilities35分钟
Design and Architecture Vulnerability Mitigation35分钟
Vulnerability Mitigation in Emerging Technologies35分钟
Cryptography Concepts35分钟
Cryptography Techniques35分钟
Cryptanalytic Attacks35分钟
Site and Facility Design for Physical Security35分钟
Physical Security Implementation in Sites and Facilities35分钟
Mastery Builder: Assessing Security Engineering60分钟
Lesson Summary5分钟

In the last lesson, you learned about mitigation against vulnerabilities in system components, multiple architectures, and physical security. Many of those topics are pervasive in the CISSP® material, and you will see many of them throughout the course. Topics like defense in depth, cryptography, and network design will present themselves in regards to communication and network security as well. The network is changing, which means additional security measures are necessary. Voice and video are now delivered across the network, where before those were separate networks. Because the network has become such an important part of the business, protecting it has become critical. In this lesson, you will learn about security for your network systems.

涵盖的内容

7个插件

A large part of maintaining the confidentiality, integrity, and availability of your data and your systems depends on identity and access control. By properly identifying the user or systems that are trying to gain access, you can determine how much, if any, control to grant them. This keeps unwanted entities out of your systems, while ensuring that the proper entities have exactly what they need, and no more. In this lesson, you will learn about identity and access management.

涵盖的内容

8个插件

Now that you have an awareness of the importance of identification and access management, you will learn the importance of security assessments and testing to verify the security of your organization. It is only when you have done a thorough risk assessment of both your physical and logical assets that you can begin the work of protecting the organization. This lesson will delve further into vulnerability assessments, penetration testing, log reviews, all around testing, and validating your security.

涵盖的内容

7个插件

Security operations is a concept that encompasses two basic ideas: to ensure that day-to-day activities that support the business are protected against risk and to deeply integrate security processes within those activities. Recognizing the importance of both of these ideas is a necessary step in ensuring the organization functions without any impairment. In this lesson, you will learn about the integral link between security and your day-to-day business operations.

涵盖的内容

15个插件

15个插件总计490分钟

Lesson Introduction5分钟
Security Operations Concepts35分钟
Change Management35分钟
Physical Security35分钟
Personnel Security35分钟
Detective and Preventive Measures35分钟
Patch and Vulnerability Management35分钟
Logging and Monitoring35分钟
Incident Response35分钟
Investigations35分钟
Disaster Recovery Planning35分钟
Disaster Recovery Strategies35分钟
Disaster Recovery Implementation35分钟
Mastery Builder: Assessing Security Operations60分钟
Lesson Summary5分钟

In the last lesson, you learned about security operations. Many organizations not only manage their network infrastructure and systems, but also develop software. This can be for in-house use, or to sell to customers. In this final lesson, you will learn about developing software securely.