(ISC)²

Certified Information Systems Security Professional (CISSP)

Learn to design and implement the best cybersecurity systems and increase your chances of securing the CISSP certification.

(CISSP.AE2) / ISBN : 978-1-64459-595-4
Lessons
Lab
TestPrep
Get A Free Trial

About This Course

Looking to pass the CISSP exam and level up your cybersecurity career? Join our CISSP online course to prepare well and develop polished cybersecurity skills. 

This self-paced, interactive course follows the latest ISC2 CISSP exam domains, covering everything from risk management to network security and identity access management. 

Whether you're an IT professional, security consultant, or manager, this training gives you the knowledge and skills to ace the exam and step into high-paying security roles.

Skills You’ll Get

  • Learn security management, risk assessment, compliance, and governance to protect critical assets.
  • Secure networks, prevent cyberattacks, and implement firewalls, VPNs, and IDS/IPS. 
  • Manage user access with multi-factor authentication, RBAC, and SSO. 
  • Perform security operations to detect, analyze, and respond to cybersecurity threats in real-time. 
  • Protect sensitive data with encryption, hashing, and cryptographic key management. 
  • Identify vulnerabilities, conduct penetration testing, and ensure compliance with security assessment and testing. 
  • Ensure software development security and implement secure coding practices to protect applications from cyber threats.
Download Course Outline

1

Introduction

  • Overview of the CISSP Exam
  • The Elements of This Study Guide
  • Study Guide Exam Objectives
  • Objective Map
2

Security Governance Through Principles and Policies

  • Security 101
  • Understand and Apply Security Concepts
  • Security Boundaries
  • Evaluate and Apply Security Governance Principles
  • Manage the Security Function
  • Security Policy, Standards, Procedures, and Guidelines
  • Threat Modeling
  • Supply Chain Risk Management
  • Summary
  • Study Essentials
3

Personnel Security and Risk Management Concepts

  • Personnel Security Policies and Procedures
  • Understand and Apply Risk Management Concepts
  • Social Engineering
  • Establish and Maintain a Security Awareness, Education, and Training Program
  • Summary
  • Study Essentials
4

Business Continuity Planning

  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Analysis
  • Continuity Planning
  • Plan Approval and Implementation
  • Summary
  • Study Essentials
5

Laws, Regulations, and Compliance

  • Categories of Laws
  • Laws
  • State Privacy Laws
  • Compliance
  • Contracting and Procurement
  • Summary
  • Study Essentials
6

Protecting Security of Assets

  • Identifying and Classifying Information and Assets
  • Establishing Information and Asset Handling Requirements
  • Data Protection Methods
  • Understanding Data Roles
  • Using Security Baselines
  • Summary
  • Study Essentials
7

Cryptography and Symmetric Key Algorithms

  • Cryptographic Foundations
  • Modern Cryptography
  • Symmetric Cryptography
  • Cryptographic Life Cycle
  • Summary
  • Study Essentials
8

PKI and Cryptographic Applications

  • Asymmetric Cryptography
  • Hash Functions
  • Digital Signatures
  • Public Key Infrastructure
  • Asymmetric Key Management
  • Hybrid Cryptography
  • Applied Cryptography
  • Cryptographic Attacks
  • Summary
  • Study Essentials
9

Principles of Security Models, Design, and Capabilities

  • Secure Design Principles
  • Techniques for Ensuring CIA
  • Understand the Fundamental Concepts of Security Models
  • Select Controls Based on Systems Security Requirements
  • Understand Security Capabilities of Information Systems
  • Summary
  • Study Essentials
10

Security Vulnerabilities, Threats, and Countermeasures

  • Shared Responsibility
  • Data Localization and Data Sovereignty
  • Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
  • Client-Based Systems
  • Server-Based Systems
  • Industrial Control Systems
  • Distributed Systems
  • High-Performance Computing (HPC) Systems
  • Real-Time Operating Systems
  • Internet of Things
  • Edge and Fog Computing
  • Embedded Devices and Cyber-Physical Systems
  • Microservices
  • Infrastructure as Code
  • Immutable Architecture
  • Virtualized Systems
  • Containerization
  • Mobile Devices
  • Essential Security Protection Mechanisms
  • Common Security Architecture Flaws and Issues
  • Summary
  • Study Essentials
11

Physical Security Requirements

  • Apply Security Principles to Site and Facility Design
  • Implement Site and Facility Security Controls
  • Implement and Manage Physical Security
  • Summary
  • Study Essentials
12

Secure Network Architecture and Components

  • OSI Model
  • TCP/IP Model
  • Analyzing Network Traffic
  • Common Application Layer Protocols
  • Transport Layer Protocols
  • Domain Name System
  • Internet Protocol (IP) Networking
  • ARP Concerns
  • Secure Communication Protocols
  • Implications of Multilayer Protocols
  • Segmentation
  • Edge Networks
  • Wireless Networks
  • Satellite Communications
  • Cellular Networks
  • Content Distribution Networks (CDNs)
  • Secure Network Components
  • Summary
  • Study Essentials
13

Secure Communications and Network Attacks

  • Protocol Security Mechanisms
  • Secure Voice Communications
  • Remote Access Security Management
  • Multimedia Collaboration
  • Monitoring and Management
  • Load Balancing
  • Manage Email Security
  • Virtual Private Network
  • Switching and Virtual LANs
  • Network Address Translation
  • Third-Party Connectivity
  • Switching Technologies
  • WAN Technologies
  • Fiber-Optic Links
  • Prevent or Mitigate Network Attacks
  • Summary
  • Study Essentials
14

Managing Identity and Authentication

  • Controlling Access to Assets
  • The AAA Model
  • Implementing Identity Management
  • Managing the Identity and Access Provisioning Life Cycle
  • Summary
  • Study Essentials
15

Controlling and Monitoring Access

  • Comparing Access Control Models
  • Implementing Authentication Systems
  • Zero-Trust Access Policy Enforcement
  • Understanding Access Control Attacks
  • Summary
  • Study Essentials
16

Security Assessment and Testing

  • Building a Security Assessment and Testing Program
  • Performing Vulnerability Assessments
  • Testing Your Software
  • Training and Exercises
  • Implementing Security Management Processes and Collecting Security Process Data
  • Summary
  • Exam Essentials
17

Managing Security Operations

  • Apply Foundational Security Operations Concepts
  • Address Personnel Safety and Security
  • Provision Information and Assets Securely
  • Apply Resource Protection
  • Managed Services in the Cloud
  • Perform Configuration Management (CM)
  • Manage Change
  • Manage Patches and Reduce Vulnerabilities
  • Summary
  • Study Essentials
18

Preventing and Responding to Incidents

  • Conducting Incident Management
  • Implementing Detection and Preventive Measures
  • Logging and Monitoring
  • Automating Incident Response
  • Summary
  • Study Essentials
19

Disaster Recovery Planning

  • The Nature of Disaster
  • Understand System Resilience, High Availability, and Fault Tolerance
  • Recovery Strategy
  • Recovery Plan Development
  • Training, Awareness, and Documentation
  • Testing and Maintenance
  • Summary
  • Study Essentials
20

Investigations and Ethics

  • Investigations
  • Major Categories of Computer Crime
  • Ethics
  • Summary
  • Study Essentials
21

Software Development Security

  • Introducing Systems Development Controls
  • Establishing Databases and Data Warehousing
  • Storage Threats
  • Understanding Knowledge-Based Systems
  • Summary
  • Study Essentials
22

Malicious Code and Application Attacks

  • Malware
  • Malware Prevention
  • Application Attacks
  • Injection Vulnerabilities
  • Exploiting Authorization Vulnerabilities
  • Exploiting Web Application Vulnerabilities
  • Application Security Controls
  • Secure Coding Practices
  • Summary
  • Study Essentials

Any questions?
Check out the FAQs

Read answers to commonly asked questions about this certification exam.

Contact Us Now

Certified Information Systems Security Professional certificate (CISSP) is a globally recognized cybersecurity certification that validates your expertise in security management, risk assessment, and network security. It’s highly valued by employers and can open doors to high-paying security roles.

To be eligible for Certified Information Systems Security Professional certification: 

  • You need to have at least five years of work experience as a security analyst or similar role. 
  • Full-time paid work in at least two of the eight domains covered in the CISSP.

Yes, you can clear the exam in 3 months of preparation, all you need is a consistent study routine and structured study materials with practice tests. With uCertify, you’ll get proper course content with hands-on labs, real-world scenarios, and practice tests that will enhance both your theoretical and practical knowledge.

Consider your own career goals: 

  • If your goal is to become a cybersecurity professional, CISSP is the best choice.
  • If you are interested in IT auditing and governance, CISA is the ideal choice. 

After passing, you need to:

  • Submit an endorsement application – This must be signed by an ISC2-certified professional who can verify your work experience.
  • Agree to the ISC2 Code of Ethics – You must commit to ISC2’s professional ethics guidelines.
  • Pay the Annual Maintenance Fee (AMF) of $125 to maintain your certification status.
  • Once approved, you officially become a CISSP-certified professional!