
Explore the organizational and (ISC)² code of professional ethics, including the preamble and four canons—protect society, act honorably, provide diligent service to principals, and advance and protect the profession.
Select an appropriate security framework, tailor a policy via risk, vulnerability assessments, and testing, and balance the CIA triad—confidentiality, integrity, availability—with legal defensibility and cost effectiveness.
Explore four protection mechanisms—layering (defense in depth), parallel controls, abstraction, and data hiding—and how they complement security principles and security controls to safeguard information.
We explain how a data center is segmented into logical boundaries, including a DMZ, an internet boundary, and a management zone, using firewalls, a jump post, and two-factor authentication.
Use a top-down security management planning approach to translate the information security policy into standards, baselines, guidelines, and procedures, with senior and middle management guiding implementation.
Understand how organizational processes, such as acquisitions, merger, and divestiture, along with third-party governance, shape security policy, risk, and governance across roles from senior managers to custodians and auditors.
Trace the history of data privacy from the fourth amendment to modern laws. Highlight acts like privacy act 1974, ferpa, hipaa, calea, copa, glba, patriot act, hitech, and ccp.
Explore software licensing types—contractual, shrink-wrap, click-through, and cloud service licenses—highlighting consent methods, cost implications, and corporate risk management.
Examine the GDPR and cross-border data sharing, detailing lawful processing, purpose limitation, data minimization, accuracy, storage limits, security, accountability, and the role of standard contractual clauses and binding corporate rules.
Explore the five-step process of business continuity planning, from project initiation and senior-management approval to business impact assessment, continuity planning, approval and implementation, and ongoing education, maintenance, and testing.
Outline the five-step BCP process and explain how project initiation defines scope and planning, covering business organization analysis, BCP team selection, and resource and legal considerations.
Present a complete cycle of business continuity planning, from project scope and BIA to risk assessment, continuity strategy, implementation, testing, and emergency guidance.
Explore business continuity management foundations, including BCP and DRP, and the four-step process: scope, BIA, continuity planning, approval—plus RPO, RTO, ALE, and vital records.
Do you feel CISSP certification is difficult?
This course will make CISSP certification fun and easy. This module of "Concepts of CISSP" series will cover domain1. We will be releasing separate domains as separate modules.
Welcome to CISSP. CISSP is one of the most reputable courses in the world of information security. The CISSP covers the fundamental elements of the entire cybersecurity field – from security and risk management to communication and network security to security testing and operations. The CISSP is designed for security professionals who have spent a few years in the industry, are currently in an information security position, and want to study cybersecurity leadership and operations.
We will cover CISSP syllabus here and will focus on topics to explore core concepts, looking at the wider landscape and see tips and tricks for exams questions.
I will be presenting drawings and whiteboard sessions to better engage with you and make the entire journey fun. The main goal of my course is to make the material as vivid as possible.
Please note that the CISSP exam outline documented on CISSP website may not appear exactly same in my video discussions. The reason is because some of the topics are already discussed in the videos and we have overlapping situations. Please comment on if there is something missing or need more explanations. I will be happy to improvise by adding new content to the module.
I'm hoping you'll find this training useful and enjoyable. If you happen to have any questions and further suggestions, feel free to reach out.