Leave your message to get our Quick response
edoxi automated message icon
Select a Location
flag
Select Location
request a call back icon
Request a Callback

Please Fill to Request A Call back

Contact Number Icon
+971 43801666
Home
Cyber Security
Security Testing
CISSP

CISSP Training

Man in suit interacting with futuristic digital interface on a transparent screen.
Edoxi’s 30-Hour Certified Information Systems Security Professional (CISSP) Online Training prepares you for the CISSP Certification exam. Our training will help you gain in-depth knowledge of 8 key areas of IT security. You will master security frameworks like NIST, ISO 27001, and COBIT.  We help you become an expert in deploying SIEM platforms, IDS/IPS systems, and UEBA solutions for effective security monitoring. Our curriculum covers cloud security, zero-trust architecture, and AI-driven security solutions. Our web-based login environment provides pre-configured lab scenarios with clear instructions for hands-on training. Start your exam preparation journey with Edoxi. Enrol now! 
Course Duration
30 Hours
Corporate Days
5 Days
Learners Enrolled
25+
Modules
8
Download Brochure download-icon

Please Fill to Download Brochure

Request Course Infodownload-icon

Please Fill to Request A Call back

star-rating-icon1
star-rating-icon2
star-rating-icon3
Course Rating
4.9
star-rating-4.9
Mode of Delivery
Online
Certification by
  • -accreditation-logo

What You'll Learn from the CISSP Course?

Security and Risk Management through Industry Frameworks
You will master ISC2's security principles and frameworks like NIST, ISO 27001, and COBIT.
Asset Security and Information Classification
You will gain expertise in data protection using DRM, DLP, and CASB technologies.
Zero Trust Architecture and Engineering
You will learn to apply Zero Trust and SASE architectures for secure design.
TCP/IP and Network Security Implementation
You will learn to design secure systems using the OSI and TCP/IP models and implement protocols like IPSec, SSL/TLS, and VPNs.
Advanced IAM Frameworks
You will learn to implement authentication frameworks such as OAuth, SAML, and federated identity solutions.
SecOps and Assessment
You will learn to conduct vulnerability assessments using tools like Nmap, Wireshark, and Metasploit.

About Our CISSP Course 

Edoxi’s 30-hour CISSP Online Course combines theoretical knowledge with practical applications to help you prepare for the CISSP Certification exam. We help you develop the expertise to design and implement enterprise-level security solutions. You will engage in vulnerability assessments, penetration testing simulations, and security architecture design through our dedicated lab environment. 

Our hands-on training provides expertise in applying security principles across diverse sectors. You will receive practical exposure in using tools like Nmap, Wireshark, and Metasploit. We have designed a curriculum that aligns with ISC2's latest examination requirements. Towards the end of the training, you will master 8 key domains in the CISSP Certification exam. 

Our CISSP training methodology emphasises real-world applications of CISSP concepts to deal with complex security challenges. Our exam-oriented coaching helps you with the smooth preparation of the CISSP Certification exam.

CISSP Exam Format

The table below provides you with complete details of the CISSP exam.
 
Exam Criteria Details
Exam Name Certified Information Systems Security Professional (CISSP)
Duration 3 hours (Computerised Adaptive Testing)
Question Format 100-150 questions, including MCQs and advanced innovative items
Passing Score 700 out of 1000 points
Exam Fee USD 749 for the Middle East Region (Standard Registration)
Certification Validity 3 years
Exam Authority ISC2 Authorized PPC and PVTC Select Pearson VUE Testing Centers
 

CISSP Course Features

Web-Based Lab Environment

Get access to pre-configured security environments for all CISSP domains. Practice real vulnerabilities and security scenarios in a controlled, hands-on setting.

Comprehensive Security Toolset

Gain hands-on experience with industry tools such as Kali Linux for security testing, OpenVAS for vulnerability assessments, and Snort for intrusion detection.

Interactive Domain Workshops

Join group discussions and problem-solving sessions and devise strategies to tackle real-world security challenges across all eight CISSP domains.

ISC2 Official Study Resources

Utilise the official ISC2 CISSP book and detailed presentation materials. Prepare for the ISC2 Official certification exam using practice questions and domain-specific mock tests.

Security Assessment Labs

Perform vulnerability scanning, penetration testing, and security assessments using industry-standard methodologies aligned with CISSP exam objectives.

Practical Implementation Exercises

Complete structured exercises after each domain module to develop skills like security policy development, risk assessment, and incident response planning.

Who Can Join Our CISSP Course?

IT Security Professionals

Experienced IT professionals aiming to enhance their cybersecurity expertise with the ISC2 CISSP certification.

System and Network Administrators

Infrastructure specialists and administrators responsible for security architecture, implementation, and security management skills.

Security Consultants and Analysts

Practicing security professionals in consulting or analytical roles aiming for senior-level positions.

Network Security Engineers

Network Security Engineers who want to upgrade their skills in Cybersecurity to reach a higher position.

Request Course Information

CISSP Course Modules

Module 1: Security and Risk Management (Domain 1)

  • Chapter 1.1: Understand, adhere to, and promote professional ethics

    • Lesson 1.1.1: ISC2 Code of Professional Ethics
    • Lesson 1.1.2: Organizational Code of Ethics

  • Chapter 1.2: Understand and apply security concepts

    • Lesson 1.2.1: Confidentiality, Integrity, and Availability (CIA)
    • Lesson 1.2.2: Authenticity and Nonrepudiation (5 Pillars of Information Security)

  • Chapter 1.3: Evaluate and apply security governance principles

    • Lesson 1.3.1: Alignment of the Security Function to Business Strategy, Goals, Mission, and Objectives
    • Lesson 1.3.2: Organizational Processes (e.g., Acquisitions, Divestitures, Governance Committees)
    • Lesson 1.3.3: Organizational Roles and Responsibilities
    • Lesson 1.3.4: Security Control Frameworks (e.g., ISO, NIST, COBIT, SABSA, PCI, FedRAMP)
    • Lesson 1.3.5: Due Care/Due Diligence

  • Chapter 1.4: Understand legal, regulatory, and compliance issues that pertain to information security in a holistic context

    • Lesson 1.4.1: Cybercrimes and Data Breaches
    • Lesson 1.4.2: Licensing and Intellectual Property Requirements
    • Lesson 1.4.3: Import/Export Controls
    • Lesson 1.4.4: Transborder Data Flow
    • Lesson 1.4.5: Issues Related to Privacy (e.g., GDPR, CCPA, POPIA)
    • Lesson 1.4.6: Contractual, Legal, Industry Standards, and Regulatory Requirements

  • Chapter 1.5: Understand requirements for investigation types

    • Lesson 1.5.1: Administrative Investigations
    • Lesson 1.5.2: Criminal Investigations
    • Lesson 1.5.3: Civil Investigations
    • Lesson 1.5.4: Regulatory and Industry Standards Investigations

  • Chapter 1.6: Develop, document, and implement security policy, standards, procedures, and guidelines

    • Lesson 1.6.1: Alignment of Security Function to Organizational Strategy
    • Lesson 1.6.2: Security Control Frameworks and Governance
    • Lesson 1.6.3: Development of Policies, Standards, Procedures, and Guidelines

  • Chapter 1.7: Identify, analyze, assess, prioritize, and implement Business Continuity (BC) requirements

    • Lesson 1.7.1: Business Impact Analysis (BIA)
    • Lesson 1.7.2: External Dependencies

  • Chapter 1.8: Contribute to and enforce personnel security policies and procedures

    • Lesson 1.8.1: Candidate Screening and Hiring
    • Lesson 1.8.2: Employment Agreements and Policy-Driven Requirements
    • Lesson 1.8.3: Onboarding, Transfers, and Termination Processes
    • Lesson 1.8.4: Vendor, Consultant, and Contractor Agreements and Controls

  • Chapter 1.9: Understand and apply risk management concepts

    • Lesson 1.9.1: Threat and Vulnerability Identification
    • Lesson 1.9.2: Risk Analysis, Assessment, and Scope
    • Lesson 1.9.3: Risk Response and Treatment (e.g., Cybersecurity Insurance)
    • Lesson 1.9.4: Types of Controls (e.g., Preventive, Detection, Corrective)
    • Lesson 1.9.5: Control Assessments and Continuous Monitoring
    • Lesson 1.9.6: Reporting and Continuous Improvement
    • Lesson 1.9.7: Risk Frameworks (e.g., ISO, NIST, COBIT, SABSA, PCI)

  • Chapter 1.10: Understand and apply threat modeling concepts and methodologies

    • Lesson 1.10.1: Threat Identification
    • Lesson 1.10.2: Threat Modeling Techniques and Tools

  • Chapter 1.11: Apply Supply Chain Risk Management (SCRM) Concepts

    • Lesson 1.11.1: Risks in Product and Service Acquisition (e.g., Counterfeits, Tampering)
    • Lesson 1.11.2: Risk Mitigation Strategies (e.g., Third-Party Assessment, Minimum Security Requirements)

  • Chapter 1.12: Establish and maintain a security awareness, education, and training program

    • Lesson 1.12.1: Methods to Increase Awareness (e.g., Social Engineering, Phishing, Security Champions)
    • Lesson 1.12.2: Periodic Content Reviews (e.g., Emerging Technologies, AI, Blockchain)
    • Lesson 1.12.3: Program Effectiveness Evaluation
Module 2: Asset Security (Domain 2)

  • Chapter 2.1: Identify and classify information and assets

    • Lesson 2.1.1: Data Classification
    • Lesson 2.1.2: Asset Classification

  • Chapter 2.2: Establish information and asset handling requirements

    • Lesson 2.2.1: Handling Sensitive Information
    • Lesson 2.2.2: Secure Asset Management Practices

  • Chapter 2.3: Provision of information and Assets securely

    • Lesson 2.3.1: Information and Asset Ownership
    • Lesson 2.3.2: Asset Inventory (e.g., Tangible and Intangible Assets)
    • Lesson 2.3.3: Asset Management Strategies

  • Chapter 2.4: Manage data lifecycle

    • Lesson 2.4.1: Data Roles (e.g., Owners, Controllers, Custodians, Processors, Users/Subjects)
    • Lesson 2.4.2: Data Collection and Location
    • Lesson 2.4.3: Data Maintenance and Retention
    • Lesson 2.4.4: Data Remanence and Destruction

  • Chapter 2.5: Ensure appropriate asset retention

    • Lesson 2.5.1: End of Life (EOL) Management
    • Lesson 2.5.2: End of Support Strategies

  • Chapter 2.6: Determine data security controls and compliance requirements

    • Lesson 2.6.1: Data States (e.g., In Use, In Transit, At Rest)
    • Lesson 2.6.2: Scoping and Tailoring Security Requirements
    • Lesson 2.6.3: Standards Selection and Compliance
    • Lesson 2.6.4: Data Protection Methods (e.g., DRM, DLP, CASB)
Module 3: Security Architecture and Engineering (Domain 3)

  • Chapter 3.1: Research, implement, and manage engineering processes using secure design principles

    • Lesson 3.1.1: Threat Modeling
    • Lesson 3.1.2: Least Privilege
    • Lesson 3.1.3: Defense in Depth
    • Lesson 3.1.4: Secure Defaults
    • Lesson 3.1.5: Fail Securely
    • Lesson 3.1.6: Segregation of Duties (SoD)
    • Lesson 3.1.7: Zero Trust or Trust but Verify
    • Lesson 3.1.8: Privacy by Design
    • Lesson 3.1.9: Secure Access Service Edge (SASE)

  • Chapter 3.2: Understand the fundamental concepts of security models

    • Lesson 3.2.1: Biba Model
    • Lesson 3.2.2: Bell-LaPadula Model
    • Lesson 3.2.3: Star Model

  • Chapter 3.3: Select controls based on system security requirements

    • Lesson 3.3.1: System Security Requirements and Corresponding Controls
    • Lesson 3.3.2: Control Selection and Implementation

  • Chapter 3.4: Understand the security capabilities of Information Systems (IS)

    • Lesson 3.4.1: Memory Protection
    • Lesson 3.4.2: Trusted Platform Module (TPM)
    • Lesson 3.4.3: Encryption and Decryption

  • Chapter 3.5: Assess and mitigate vulnerabilities of security architectures and solution elements

    • Lesson 3.5.1: Client-Based Systems
    • Lesson 3.5.2: Server-Based Systems
    • Lesson 3.5.3: Database Systems
    • Lesson 3.5.4: Cryptographic Systems
    • Lesson 3.5.5: Cloud-Based Systems (e.g., SaaS, IaaS, PaaS)
    • Lesson 3.5.6: Internet of Things (IoT) and Microservices
    • Lesson 3.5.7: Containerization and Serverless Systems
    • Lesson 3.5.8: Edge Computing and Virtualized Systems

  • Chapter 3.6: Select and determine cryptographic solutions

    • Lesson 3.6.1: Cryptographic Lifecycle (e.g., Key Management, Algorithm Selection)
    • Lesson 3.6.2: Cryptographic Methods (e.g., Symmetric, Asymmetric, Elliptic Curve, Quantum)
    • Lesson 3.6.3: Public Key Infrastructure (PKI) and Quantum Key Distribution

  • Chapter 3.7: Understand methods of cryptanalytic attacks

    • Lesson 3.7.1: Brute Force
    • Lesson 3.7.2: Known Plaintext and Ciphertext Only Attacks
    • Lesson 3.7.3: Frequency Analysis and Chosen Ciphertext Attacks
    • Lesson 3.7.4: Side-Channel and Timing Attacks
    • Lesson 3.7.5: Man-in-the-Middle (MITM) and Ransomware Attacks

  • Chapter 3.8: Apply security principles to site and facility design

    • Lesson 3.8.1: Security Design Principles for Facilities
    • Lesson 3.8.2: Access Control and Surveillance Integration

  • Chapter 3.9: Design site and facility security controls

    • Lesson 3.9.1: Data Centers and Server Room Controls
    • Lesson 3.9.2: Media and Evidence Storage
    • Lesson 3.9.3: Environmental Issues and Fire Prevention
    • Lesson 3.9.4: Power Management (e.g., Redundant and Backup Systems)

  • Chapter 3.10: Manage the information system lifecycle

    • Lesson 3.10.1: Stakeholder Needs and Requirements
    • Lesson 3.10.2: Architectural Design and Implementation
    • Lesson 3.10.3: Verification, Transition, and Operations
    • Lesson 3.10.4: Retirement and Disposal Processes
Module 4: Communication and Network Security (Domain 4)

  • Chapter 4.1: Apply secure design principles in network architectures

    • Lesson 4.1.1: Open System Interconnection (OSI) and TCP/IP Models
    • Lesson 4.1.2: IPv4 and IPv6 (e.g., Unicast, Broadcast, Multicast, Anycast)
    • Lesson 4.1.3: Secure Protocols (e.g., IPSec, SSH, SSL/TLS)
    • Lesson 4.1.4: Implications of Multilayer Protocols
    • Lesson 4.1.5: Converged Protocols (e.g., iSCSI, VoIP, InfiniBand)
    • Lesson 4.1.6: Transport Architecture (e.g., Topology, Data/Control/Management Planes)
    • Lesson 4.1.7: Traffic Flows (e.g., North-South, East-West)
    • Lesson 4.1.8: Physical Segmentation (e.g., Air-Gapped Networks)
    • Lesson 4.1.9: Logical Segmentation (e.g., VLANs, VPNs, Virtual Routing)
    • Lesson 4.1.10: Micro-Segmentation (e.g., Distributed Firewalls, Zero Trust)
    • Lesson 4.1.11: Wireless Networks (e.g., Wi-Fi, Zigbee, Satellite)
    • Lesson 4.1.12: Software-Defined Networks (SDN) and Virtual Private Cloud (VPC)
    • Lesson 4.1.13: Monitoring and Management (e.g., Network Observability, Traffic Flow Management)

  • Chapter 4.2: Secure Network Components

    • Lesson 4.2.1: Operation of Network Infrastructure (e.g., Redundant Power, Warranty, Support)
    • Lesson 4.2.2: Transmission Media Security (e.g., Signal Propagation Quality)
    • Lesson 4.2.3: Network Access Control (NAC) Systems
    • Lesson 4.2.4: Endpoint Security Solutions

  • Chapter 4.3: Implement secure communication channels according to design

    • Lesson 4.3.1: Voice, Video, and Collaboration Security
    • Lesson 4.3.2: Secure Remote Access
    • Lesson 4.3.3: Securing Data Communications (e.g., Backhaul Networks, Satellite)
    • Lesson 4.3.4: Third-Party Connectivity (e.g., Telecom Providers, Hardware Support)
Module 5: Identity and Access Management (IAM) (Domain 5)

  • Chapter 5.1: Control physical and logical access to assets

    • Lesson 5.1.1: Control Access to Information
    • Lesson 5.1.2: Control Access to Systems and Devices
    • Lesson 5.1.3: Control Access to Facilities and Applications
    • Lesson 5.1.4: Control Access to Services

  • Chapter 5.2: Design identification and authentication strategy

    • Lesson 5.2.1: Groups and Roles
    • Lesson 5.2.2: Authentication, Authorization, and Accounting (AAA)
    • Lesson 5.2.3: Multi-Factor Authentication (MFA) and Passwordless Authentication
    • Lesson 5.2.4: Session Management
    • Lesson 5.2.5: Registration, Proofing, and Establishment of Identity
    • Lesson 5.2.6: Federated Identity Management (FIM)
    • Lesson 5.2.7: Credential Management Systems (e.g., Password Vaults)
    • Lesson 5.2.8: Single Sign-On (SSO) and Just-In-Time Access

  • Chapter 5.3: Federated identity with a third-party service

    • Lesson 5.3.1: On-Premise Federated Identity
    • Lesson 5.3.2: Cloud-Based Federated Identity
    • Lesson 5.3.3: Hybrid Federated Identity Solutions

  • Chapter 5.4: Implement and manage authorization mechanisms

    • Lesson 5.4.1: Role-Based Access Control (RBAC)
    • Lesson 5.4.2: Rule-Based Access Control
    • Lesson 5.4.3: Mandatory Access Control (MAC)
    • Lesson 5.4.4: Discretionary Access Control (DAC)
    • Lesson 5.4.5: Attribute-Based Access Control (ABAC)
    • Lesson 5.4.6: Risk-Based Access Control
    • Lesson 5.4.7: Access Policy Enforcement (e.g., Policy Decision Point, Policy Enforcement Point)

  • Chapter 5.5: Manage the identity and access provisioning lifecycle

    • Lesson 5.5.1: Account Access Reviews (e.g., User, System, Service)
    • Lesson 5.5.2: Provisioning and de-provisioning (e.g., Onboarding, Transfers, Termination)
    • Lesson 5.5.3: Role Definition and Transition Management
    • Lesson 5.5.4: Privilege Escalation Auditing (e.g., Sudo Usage)
    • Lesson 5.5.5: Service Accounts Management

  • Chapter 5.6: Implement authentication systems

    • Lesson 5.6.1: Authentication Protocols and Methods
    • Lesson 5.6.2: Emerging Authentication Technologies
    • Lesson 5.6.3: Securing Authentication Systems
Module 6: Security Assessment and Testing (Domain 6)

  • Chapter 6.1: Design and validate assessment, test, and audit strategies

    • Lesson 6.1.1: Internal Assessments and Audits
    • Lesson 6.1.2: External Assessments and Audits
    • Lesson 6.1.3: Third-Party Audits
    • Lesson 6.1.4: Location Considerations (e.g., On-Premises, Cloud, Hybrid)

  • Chapter 6.2: Conduct security control testing

    • Lesson 6.2.1: Vulnerability Assessment
    • Lesson 6.2.2: Penetration Testing (e.g., Red, Blue, and Purple Team Exercises)
    • Lesson 6.2.3: Log Reviews and Synthetic Transactions
    • Lesson 6.2.4: Code Review and Testing
    • Lesson 6.2.5: Misuse Case Testing
    • Lesson 6.2.6: Coverage Analysis
    • Lesson 6.2.7: Interface Testing (e.g., User Interface, Network Interface, API)
    • Lesson 6.2.8: Breach Attack Simulations
    • Lesson 6.2.9: Compliance Checks

  • Chapter 6.3: Collect security process data

    • Lesson 6.3.1: Account Management Data
    • Lesson 6.3.2: Management Review and Approval Records
    • Lesson 6.3.3: Key Performance and Risk Indicators
    • Lesson 6.3.4: Backup Verification Data
    • Lesson 6.3.5: Training and Awareness Records
    • Lesson 6.3.6: Disaster Recovery (DR) and Business Continuity (BC) Documentation.

  • Chapter 6.4: Analyze test output and generate reports

    • Lesson 6.4.1: Identifying and Prioritizing Remediation Steps
    • Lesson 6.4.2: Handling Exceptions
    • Lesson 6.4.3: Ethical Disclosure of Findings

  • Chapter 6.5: Conduct or facilitate security audits

    • Lesson 6.5.1: Internal Audits
    • Lesson 6.5.2: External Audits
    • Lesson 6.5.3: Third-Party Audits
    • Lesson 6.5.4: Audits for Different Locations (e.g., On-Premises, Cloud, Hybrid)
Module 7: Security Operations (Domain 7)

  • Chapter 7.1: Understand and comply with investigations

    • Lesson 7.1.1: Evidence Collection and Handling
    • Lesson 7.1.2: Reporting and Documentation
    • Lesson 7.1.3: Investigative Techniques
    • Lesson 7.1.4: Digital Forensics Tools, Tactics, and Procedures
    • Lesson 7.1.5: Forensic Artifacts (e.g., Data, Computer, Network, Mobile Device)

  • Chapter 7.2: Conduct logging and monitoring activities

    • Lesson 7.2.1: Intrusion Detection and Prevention Systems (IDPS)
    • Lesson 7.2.2: Security Information and Event Management (SIEM)
    • Lesson 7.2.3: Continuous Monitoring and Tuning
    • Lesson 7.2.4: Egress Monitoring
    • Lesson 7.2.5: Log Management and Analysis
    • Lesson 7.2.6: Threat Intelligence and Threat Hunting
    • Lesson 7.2.7: User and Entity Behavior Analytics (UEBA)

  • Chapter 7.3: Perform Configuration Management (CM)

    • Lesson 7.3.1: Provisioning and Baselining
    • Lesson 7.3.2: Automation and Secure Configuration Management

  • Chapter 7.4: Apply foundational security operations concepts

    • Lesson 7.4.1: Need-to-Know and Least Privilege Principles
    • Lesson 7.4.2: Separation of Duties (SoD)
    • Lesson 7.4.3: Privileged Account Management
    • Lesson 7.4.4: Job Rotation
    • Lesson 7.4.5: Service-Level Agreements (SLA)

  • Chapter 7.5: Apply Resource Protection

    • Lesson 7.5.1: Media Management and Protection Techniques
    • Lesson 7.5.2: Protecting Data at Rest and Data in Transit

  • Chapter 7.6: Conduct incident management

    • Lesson 7.6.1: Incident Detection
    • Lesson 7.6.2: Incident Response and Mitigation
    • Lesson 7.6.3: Incident Reporting and Recovery
    • Lesson 7.6.4: Remediation and Lessons Learned

  • Chapter 7.7: Operate and maintain detection and preventative measures

    • Lesson 7.7.1: Firewalls (e.g., Next-Generation, Web Application, Network)
    • Lesson 7.7.2: Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
    • Lesson 7.7.3: Sandboxing and Honeypots
    • Lesson 7.7.4: Anti-Malware Solutions
    • Lesson 7.7.5: Machine Learning and AI-Based Security Tools

  • Chapter 7.8: Implement and support patch and vulnerability management

    • Lesson 7.8.1: Patch Management Processes
    • Lesson 7.8.2: Vulnerability Assessment and Remediation

  • Chapter 7.9: Understand and participate in change management processes

    • Lesson 7.9.1: Change Control Principles
    • Lesson 7.9.2: Change Review and Documentation

  • Chapter 7.10: Implement recovery strategies

    • Lesson 7.10.1: Backup Storage Strategies (e.g., Cloud Storage, Onsite, Offsite)
    • Lesson 7.10.2: Recovery Site Strategies (e.g., Cold, Warm, Hot Sites)
    • Lesson 7.10.3: System Resilience, High Availability (HA), and Fault Tolerance

  • Chapter 7.11: Implement Disaster Recovery (DR) Processes

    • Lesson 7.11.1: Response and Personnel Coordination
    • Lesson 7.11.2: Communication Methods During a Disaster
    • Lesson 7.11.3: Restoration and Training
    • Lesson 7.11.4: Lessons Learned from DR Events

  • Chapter 7.12: Test Disaster Recovery Plans (DRP)

    • Lesson 7.12.1: Read-Through and Tabletop Exercises
    • Lesson 7.12.2: Simulation and Parallel Testing
    • Lesson 7.12.3: Full Interruption Tests
    • Lesson 7.12.4: Stakeholder Communication During Testing

  • Chapter 7.13: Participate in Business Continuity (BC) planning and exercises

    • Lesson 7.13.1: Business Continuity Planning (BCP) Roles and Responsibilities
    • Lesson 7.13.2: Conducting BC Exercises

  • Chapter 7.14: Implement and manage physical security

    • Lesson 7.14.1: Perimeter Security Controls
    • Lesson 7.14.2: Internal Security Controls (e.g., Access Cards, Biometrics)

  • Chapter 7.15: Address personnel safety and security concerns

    • Lesson 7.15.1: Travel Safety Guidelines
    • Lesson 7.15.2: Security Training and Awareness (e.g., Insider Threats, Social Media Impacts)
    • Lesson 7.15.3: Emergency Management and Duress Procedures
Module 8: Software Development Security (Domain 8)

  • Chapter 8.1: Understand and integrate security in the Software Development Life Cycle (SDLC)

    • Lesson 8.1.1: Development Methodologies (e.g., Agile, Waterfall, DevOps, DevSecOps, SAFe)
    • Lesson 8.1.2: Maturity Models (e.g., Capability Maturity Model (CMM), Software Assurance Maturity Model (SAMM))
    • Lesson 8.1.3: Operation and Maintenance in SDLC
    • Lesson 8.1.4: Change Management Processes
    • Lesson 8.1.5: Integrated Product Teams (IPT)

  • Chapter 8.2: Identify and apply security controls in software development ecosystems

    • Lesson 8.2.1: Secure Programming Languages
    • Lesson 8.2.2: Library and Toolset Security
    • Lesson 8.2.3: Integrated Development Environments (IDEs)
    • Lesson 8.2.4: Runtime Security
    • Lesson 8.2.5: Continuous Integration/Continuous Delivery (CI/CD)
    • Lesson 8.2.6: Software Configuration Management (CM)
    • Lesson 8.2.7: Code Repositories and Version Control
    • Lesson 8.2.8: Application Security Testing (e.g., SAST, DAST, IAST, Software Composition Analysis)

  • Chapter 8.3: Assess the effectiveness of software security

    • Lesson 8.3.1: Auditing and Logging Changes
    • Lesson 8.3.2: Risk Analysis and Mitigation
    • Lesson 8.3.3: Security Metrics and Reporting

  • Chapter 8.4: Assess the security impact of acquired software

    • Lesson 8.4.1: Commercial-Off-The-Shelf (COTS) Software
    • Lesson 8.4.2: Open-Source Software Security
    • Lesson 8.4.3: Third-Party and Managed Services Security
    • Lesson 8.4.4: Cloud Services Security (e.g., SaaS, IaaS, PaaS)

  • Chapter 8.5: Define and apply secure coding guidelines and standards

    • Lesson 8.5.1: Source Code Security (e.g., Identifying Weaknesses and Vulnerabilities)
    • Lesson 8.5.2: Secure Application Programming Interfaces (API)
    • Lesson 8.5.3: Best Practices for Secure Coding
    • Lesson 8.5.4: Software-Defined Security Principles

Download CISSP Course Brochure

Real-World Projects and Case Studies in Our CISSP Course

You will work extensively with Kali Linux for security testing, OpenVAS for vulnerability scanning, and Snort for intrusion detection. The following are a few projects and case studies you will be involved in;

Projects

  • Security Policy Development

    You will develop comprehensive cybersecurity policies addressing organizational security requirements, focusing on the practical implementation of security frameworks.

  • Vulnerability Assessment and Testing

    You will perform vulnerability assessments and penetration testing simulations, practicing real-world security testing methodologies.

  • Risk Assessment Implementation

    You will conduct thorough risk assessments for critical IT infrastructure, applying the principles and methodologies covered in the course curriculum.

Case Studies

  • Incident Response Planning

    You will design and create incident response plans for various security scenarios, incorporating practical response and mitigation strategies.

CISSP Course Outcome and Career Path Opportunities

The CISSP certification opens diverse career opportunities in Dubai's growing cybersecurity sector. Here are a few CISSP training outcomes that you can expect after completing our course;

Course Outcome Image
You will gain in-depth knowledge of information security principles such as confidentiality, integrity, and availability.
You will gain expertise in developing and implementing security policies, standards, and procedures.
You will learn to manage risks effectively by identifying, analyzing, and mitigating potential security threats.
You will become proficient in designing secure design principles to protect systems and data.
You will gain in-depth knowledge of legal, regulatory, and ethical requirements related to information security.
You will be well-prepared for the ISC2-Certified Information Systems Security Professional (CISSP) exam.

Job Roles After Completing the CISSP Course

  • Information Security Analyst
  • Network Security Engineer
  • Cybersecurity Analyst
  • Cybersecurity Engineer
  • Security Operations Center (SOC) Analyst
  • Penetration Tester
  • Chief Information Security Officer (CISO)
  • Security Architect
  • Senior Incident Response Analyst

CISSP Training Options

Live Online Training

  • 30-hour online CISSP training

  • Real-time virtual learning with a certified instructor

  • Access to cloud-based lab infrastructure

  • Interactive tool demonstrations and practical sessions

  • Flexible scheduling options for working professionals

  • Recordings of sessions for future reference

  • Training in small batch size

Corporate Training

  • 5-day intensive training suited to organizational needs

  • Customizable modules and delivery formats (on-site, online, or hybrid)

  • Training delivered at A Star Hotel, Client premises or Edoxi

  • Food and refreshments provided for corporate teams

  • Group pricing benefits for team enrollments

  • Post-training support and certification guidance

Do You Want a Customised Training for CISSP?

Get expert assistance in getting your CISSP Course customised!

How To Get Your CISSP Certification?

Here’s a four-step guide to becoming a certified CISSP professional.

  • Enrol in Edoxi’s 30-hour CISSP Training
  • Attend the CISSP training from our expert trainers
  • Complete the CISSP training & pass the CISSP exam
  • Get Edoxi’s Course Completion Certification
  • slider
  • certificate1

Do You Want to be a Certified Professional in CISSP?

Join Edoxi’s CISSP Course

Why Choose Edoxi for CISSP Training?

Here’s why cybersecurity professionals choose Edoxi for CISSP Training,

Certified Professional Trainers

Our CISSP Course is led by certified instructors with advanced cybersecurity certifications and extensive teaching experience.

Personalized Attention

We offer CISSP training in small batches to ensure personalized attention.

Dedicated Certification Guidance

During our CISSP certification course, we provide comprehensive support for registration, experience documentation, endorsement, and eligibility verification.

Practical Security Labs

You will receive hands-on labs using Kali Linux, OpenVAS, and Snort for vulnerability assessments and security testing.

Flexible Learning Options

We offer online and corporate training with custom schedules and recorded sessions for learners.

Exam Preparation

We conduct mock tests and practice sessions that help you with the CISSP certification.

students-image

Edoxi is Recommended by 95% of our Students

Meet Our Mentor

Our mentors are leaders and experts in their fields. They can challenge and guide you on your road to success!

mentor-image

Maria Mehwish

Maria Mehwish is a forward-thinking and knowledgeable information security leader with a strong background in building, updating, and maintaining digital protections for various organisations. As a certified CEH, CCSP, CCT, and CISSP Trainer, Maria has a proven track record of delivering innovative and immersive coursework, enhancing learning experiences for cyber threats, ethical hacking, security policy, DevSecOps, and cloud security. With excellent verbal and written communication skills, she is also adept at troubleshooting problems and building successful solutions.

Maria is a self-motivated individual with a strong sense of personal responsibility, capable of managing projects from start to finish. Her expertise in Amazon Web Services, Java/Go/Python/C++, DevSecOps, computer security, Linux, penetration testing, and risk analysis, among others, makes her a valuable asset to any organisation. Maria, a British national, is a native English speaker and has intermediate proficiency in Urdu.

Locations Where Edoxi Offers CISSP Course

Here is the list of other major locations where Edoxi offers CISSP Course

FAQ

What training formats does Edoxi offer for CISSP preparation?
Edoxi provides 3 training formats: instructor-led classroom sessions, live online training with access to web-based labs and recorded sessions, and customizable 5-day corporate training programs.
What practical experience will I gain through the CISSP course?
Our CISSP course includes domain-specific hands-on labs in a web-based environment. You'll work with essential security tools, including Kali Linux for security testing, OpenVAS for vulnerability scanning, and Snort for intrusion detection.
How do I maintain my CISSP certification?
The certification remains valid for three years. Certification holders must maintain active employment in any CISSP domain, provide proof of ongoing security practice, and follow ISC2's Code of Professional Ethics.
What support does Edoxi provide for the certification process?
We provide guidance through exam registration, support with experience documentation, assistance with endorsement requirements, and help with eligibility verification.
What is the average salary of a Certified Information Systems Security Professional?
The average salary of a Certified Information Systems Security Professional is $140,000 Per Annum.