Before Class

Comprehensive Materials

Training Camp sets you up for success by ensuring you’re well-prepared before class begins. We provide comprehensive pre-course materials, including study guides, e-learning modules, and practice questions, to help you familiarize yourself with key CISSP concepts and assess your current knowledge.

Instructor Access

You will also receive a detailed course roadmap and access to our expert instructors for any pre-class questions. This preparation ensures you arrive ready to fully engage in the intensive training, maximizing your learning experience and boosting your confidence for exam day.

Why It Matters

Starting your CISSP journey with thorough preparation significantly enhances your learning experience and sets you up for success. Engaging with our pre-course materials and connecting with expert instructors before the class allows you to familiarize yourself with key concepts, identify areas for improvement, and arrive ready to fully immerse yourself in the intensive training.

Day 1: Security and Risk Management

Morning

  • Welcome and Introduction to CISSP Boot Camp
  • Overview of CISSP Exam Format and Study Strategy
  • Domain 1 Introduction: Security and Risk Management

Afternoon

  • Security Governance Principles, Compliance, and Legal Issues
  • Professional Ethics, Risk Management Concepts, Threat Modeling, and Security Awareness
  • Case Study: Risk Assessment and Management for a Financial Institution
  • Theory Lab: Creating a Security Policy Framework

Why It Matters

Mastering risk management enables you to identify threats, manage vulnerabilities, and implement risk mitigation strategies critical to ensuring the security and success of your organization.

Day 2: Asset Security; Architecture & Engineering

Morning

  • Domain 2: Asset Security
  • Information and Asset Classification, Data Security Controls, and Compliance Requirements
  • Case Study: Data Classification and Handling in a Healthcare Organization
  • Evaluate data classification policies and suggest secure data handling and disposal methods.

Afternoon

  • Domain 3: Security Architecture and Engineering
  • Secure Design Principles, Security Models and Architectures, Cryptography Principles, and Site Security
  • Theory Lab: Designing a Secure Enterprise Architecture
  • Design a secure architecture integrating security models, secure hardware, and software principles.
  • Theory Lab: Cryptography and PKI Implementation
  • Implement a basic PKI using tools like OpenSSL and manage digital certificates.

Why It Matters

Understanding how to classify and protect assets will help you ensure data security and privacy, fundamental to protecting sensitive information in any organization.

Day 3: Communication & Network Security; IAM

Morning

  • Domain 4: Communication and Network Security
  • Secure Network Architecture, Secure Network Components, and Communication Channels
  • Case Study: Securing a Multi-Site Network for a Global Enterprise
  • Develop a plan to secure a multi-site network using VPNs, firewalls, IDS, and segmentation.

Afternoon

  • Domain 5: Identity and Access Management (IAM)
  • Identity Management, Access Control Models, Authentication, Authorization, and Accountability
  • Theory Lab: Implementing Identity and Access Management (IAM)
  • Configure IAM policies using AWS IAM or Microsoft Active Directory, focusing on RBAC, Least Privilege, and MFA.

Why It Matters

IAM systems are critical for ensuring that only authorized individuals have access to sensitive data, helping to prevent breaches and maintain compliance.

Day 4: Security Assessment & Testing; Security Operations

Morning

  • Domain 6: Security Assessment and Testing
  • Assessment Strategies, Security Control Testing, and Test Outputs
  • Theory Lab: Conducting a Vulnerability Assessment
  • Use tools like Nessus or OpenVAS to perform a vulnerability assessment and interpret the results.

Afternoon

  • Domain 7: Security Operations
  • Security Operations Principles, Incident Management, Disaster Recovery, and Business Continuity Planning
  • Case Study: Incident Response for a Data Breach
  • Develop an incident response plan for a simulated data breach scenario.
  • Theory Lab: Business Continuity and Disaster Recovery Planning
  • Create a Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) for a fictional company.

Why It Matters

Being able to assess your systems’ security allows you to identify and fix vulnerabilities before attackers can exploit them, ensuring long-term stability and protection.

Day 5: Software Development Security; Domain Recap

Morning

  • Domain 8: Software Development Security
  • Secure Software Development Life Cycle (SDLC), Application Security Controls, and Software Security Effectiveness
  • Case Study: Securing the Software Development Life Cycle (SDLC)
  • Analyze SDLC processes and recommend improvements for secure coding and testing.

Afternoon

  • Theory Lab: Secure Code Review and Vulnerability Remediation
  • Review sample code for vulnerabilities (e.g., SQL Injection, XSS) and perform remediation.
  • Final Theory Lab: CISSP Practice Exam and Review
  • Conduct a mock CISSP exam with practice questions from all domains, followed by a review and discussion.
  • Q&A Session and Final Wrap-Up

Why It Matters

Secure software development is a cornerstone of modern cybersecurity. By integrating security practices into development, you can help reduce vulnerabilities in applications before they’re deployed.

Day 6: The Ultimate Exam Cram

Morning

  • Review of Key Concepts
  • Mock Exams

Afternoon

  • Exam Tips and Strategies
  • Final Q&A

Why It Matters

Day 6 is dedicated to ensuring you are fully prepared for the CISSP exam. This final day helps solidify your understanding and improves your chances of passing.