Scroll to top button

CISSP - Certified Information Systems Security Professional 2015 (Course & Labs)

ISBN : 9781616917197

Gain hands-on expertise in CISSP certification exam by CISSP-2015 course and performance based labs. Performance based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. CISSP certification is vendor-neutral credential designed for IT security practitioners to validate their technical and managerial skills, credibility and, experience. CISSP exam is designed to engineer, implement, and manage the overall information security program to protect organizations from growing sophisticated attacks.


The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks.

Glossary of terms
Pre Assessment Questions
Post Assessment Questions
Performance lab
Video tutorials
Exam related FAQs
What is the exam registration fee? USD 599
How many questions are asked in the exam? The exam contains 250 questions.
What is the duration of the exam? 6 minutes
What is the passing score? 700

(on a scale of 0-1000)

What is the exam's retake policy?

Test takers who do not pass the exam the first time will be able to retest after 30 days.  Test takers that fail a second time will need to wait 90 days prior to sitting for the exam again.  In the unfortunate event that a candidate fails a third time, the next available time to sit for the exam will be 180 days after the most recent exam attempt.  Candidates are eligible to sit for (ISC)² exams a maximum of 3 times within a calendar year.

What are the career opportunities after passing this exam?

  • Security analyst
  • Director of security
  • Security auditor

  • Access Control Overview
  • Identification and Authentication Techniques
  • Access Control Techniques
  • Authorization Mechanisms
  • Identity and Access Provisioning Life Cycle
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Understanding Access Control Attacks
  • Preventing Access Control Attacks
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • OSI Model
  • Secure Network Components
  • Cabling, Wireless, Topology, and Communications Technology
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Network and Protocol Security Mechanisms
  • Virtual Private Network
  • Remote Access Security Management
  • Network Address Translation
  • Switching Technologies
  • WAN Technologies
  • Virtualization
  • Miscellaneous Security Control Characteristics
  • Manage Email Security
  • Secure Voice Communications
  • Security Boundaries
  • Network Attacks and Countermeasures
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Security Management Planning
  • Security Governance
  • Security Roles and Responsibilities
  • Protection Mechanisms
  • Privacy Requirements Compliance
  • Control Frameworks: Planning to Plan
  • Security Management Concepts and Principles
  • Develop and Implement Security Policy
  • Change Control/Management
  • Data Classification
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Manage Third-Party Governance
  • Risk Management
  • Manage Personnel Security
  • Develop and Manage Security Education, Training, and Awareness
  • Manage the Security Function
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Application Issues
  • Databases and Data Warehousing
  • Data/Information Storage
  • Knowledge-Based Systems
  • Systems Development Controls
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Malicious Code
  • Password Attacks
  • Application Attacks
  • Web Application Security
  • Reconnaissance Attacks
  • Masquerading Attacks
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Historical Milestones in Cryptography
  • Cryptographic Basics
  • Modern Cryptography
  • Symmetric Cryptography
  • Cryptographic Life Cycle
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Asymmetric Cryptography
  • Hash Functions
  • Digital Signatures
  • Public Key Infrastructure
  • Asymmetric Key Management
  • Applied Cryptography
  • Cryptographic Attacks
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Understand the Fundamental Concepts of Security Models
  • Objects and Subjects
  • Understand the Components of Information Systems Security Evaluation Models
  • Understand Security Capabilities Of Information Systems
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Computer Architecture
  • Avoiding Single Points of Failure
  • Distributed Architecture
  • Security Protection Mechanisms
  • Common Flaws and Security Issues
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Security Operations Concepts
  • Resource Protection
  • Patch and Vulnerability Management
  • Change and Configuration Management
  • Security Audits and Reviews
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Managing Incident Response
  • Implement Preventive Measures Against Attacks
  • Understand System Resilience and Fault Tolerance
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Assessment
  • Continuity Planning
  • BCP Documentation
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • The Nature of Disaster
  • Recovery Strategy
  • Recovery Plan Development
  • Training and Documentation
  • Testing and Maintenance
  • Categories of Laws
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Laws
  • Compliance
  • Contracting and Procurement
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Investigations
  • Major Categories of Computer Crime
  • Incident Handling
  • Ethics
  • Summary
  • Exam Essentials
  • Review All the Key Topics
  • Site and Facility Design Considerations
  • Forms of Physical Access Controls
  • Technical Controls
  • Environment and Life Safety
  • Equipment Failure
  • Privacy Responsibilities and Legal Requirements
  • Summary
  • Exam Essentials
  • Review All the Key Topics

Hands on Activities (Labs)

  • Identifying access control types
  • Disabling a service
  • Identifying drawbacks of Kerberos authentication
  • Identifying components of the Kerberos authentication protocol
  • Identifying authentication services
  • Creating a password for account
  • Configuring password policies
  • Enabling and disabling password expiration
  • Configuring NPS to provide RADIUS authentication
  • Configuring NPS network policy
  • Configuring the server
  • Creating and configuring a network
  • Identifying authorization mechanisms
  • Identifying responsibilities
  • Identifying types of system attack
  • Identifying attacks
  • Identifying social engineering attacks
  • Filtering entries in Event Viewer
  • Viewing password hashes
  • Configuring audit policies
  • Viewing different event details
  • Identifying log types
  • Identifying OSI layer functions
  • Identifying OSI layers
  • Identifying connectionless communication
  • Identifying abbreviations for various Internet layer protocols
  • Identifying TCP/IP protocol layers
  • Identifying TCP/IP layers
  • Configuring IPv4 address
  • Identifying application layer protocols
  • Identifying steps in the encapsulation/decapsulation process
  • Identifying flag bit designator
  • Identifying gateway firewalls
  • Identifying hardware devices
  • Connecting Systems to the Internet Through a Firewall Router
  • Identifying firewall techniques
  • Identifying types of cable
  • Identifying components of a coaxial cable
  • Configuring Windows 7 wireless settings
  • Configuring SSID
  • Identifying network topologies
  • Identifying UTP categories
  • Identifying steps in CSMA technology
  • Identifying LAN sub technologies
  • Identifying secure communication protocols
  • Identifying authentication protocols
  • Creating a remote access VPN connection
  • Identifying VPN protocols
  • Connecting to a server using Remote Desktop Connection
  • Creating a dial-up connection
  • Understanding NAT
  • Identifying switching technology properties
  • Installing Windows Virtual PC
  • Identifying specialized protocols
  • Creating a virtual PC machine
  • Understanding transparency
  • Identifying security solutions
  • Identifying phreaker tools
  • Understanding security boundaries
  • Identifying types of Denial of Service attacks
  • Identifying security management plans
  • Identifying protection mechanisms
  • Identifying steps in a classification scheme
  • Identifying risk actions
  • Understanding elements of risk
  • Identifying steps in quantitative risk analysis
  • Identifying types of malware
  • Understanding agents
  • Identifying keys in a database
  • Identifying storage types
  • Identifying stages in a waterfall lifecycle model
  • Identifying generations of languages
  • Understanding object-oriented programming terms
  • Identifying levels in Software Capability Maturity Model
  • Identifying testing methods
  • Identifying primary phases of SDLC
  • Identifying types of viruses
  • Understanding application attacks
  • Identifying types of viruses
  • Installing the AVG antivirus and scanning a drive
  • Checking the integrity of messages through MAC values
  • Identifying asymmetric algorithms
  • Identifying cryptographic attacks
  • Identifying sequence of sender's process in digital signature system
  • Backing up an encryption certificate and key
  • Understanding PKCS standards
  • Identifying Information models
  • Identifying TCSEC categories
  • Identifying computer activities
  • Disabling the COM and parallel ports
  • Installing SDRAM and DDR memory modules
  • Connecting speakers to a computer
  • Connecting a keyboard, mouse, and monitor to a computer
  • Understanding process scheduler
  • Identifying RAID levels
  • Identifying service associated with cloud computing
  • Identifying terms associated with data destruction
  • Identifying steps within an effective patch management program
  • Identifying security reviews
  • Identifying steps in incident response management
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • Working with a host-based IDS
  • Identifying malicious attacks
  • Identifying RAID level characteristics
  • Identifying phases in BCP process
  • Identifying man-made threats
  • Identifying processing sites in disaster recovery plan
  • Identifying disaster recovery plan tests
  • Identifying CFAA provisions
  • Identifying computer crime types
  • Identifying physical access control mechanisms
  • Identifying terms associated with power issues
  • Identifying primary stages of fire