Module 1: Security and risk management
- Understand governance, compliance, and legal frameworks
- Apply principles of confidentiality, integrity, and availability
- Explore professional ethics and organisational responsibility
- Analyse risk management concepts and methodologies
- Evaluate regulatory and contractual requirements
Module 2: Asset security
- Classify and categorise information assets
- Manage data lifecycle and ownership responsibilities
- Apply data protection methods across different states
- Select and implement appropriate security controls
- Align data handling with compliance requirements
Module 3: Security architecture and engineering
- Apply secure design principles to IT systems
- Evaluate security models and frameworks
- Implement cryptographic solutions and key management
- Assess vulnerabilities in hardware, firmware, and systems
- Design secure architectures aligned with business needs
Module 4: Communication and network security
- Analyse secure network architecture and design
- Understand OSI model layers and associated risks
- Secure network components and communication channels
- Evaluate wireless and remote access security
- Assess emerging technologies such as SDN and virtualisation
Module 5: Identity and access management
- Implement identity lifecycle management
- Compare access control models and mechanisms
- Apply authentication, authorisation, and accountability
- Secure identity stores and credential management
- Integrate IAM into organisational security strategies
Module 6: Security assessment and testing
- Design and implement security testing strategies
- Conduct vulnerability assessments and penetration testing
- Apply ethical and professional standards in testing
- Interpret results to support risk-based decision making
- Manage internal and external audit processes
Module 7: Security operations
- Monitor and analyse security events and data
- Implement incident response processes and procedures
- Apply change and configuration management controls
- Ensure business continuity and disaster recovery readiness
- Manage operational security controls and environments
Module 8: Software development security
- Identify vulnerabilities in software and applications
- Apply secure coding practices and standards
- Integrate security into development lifecycles
- Evaluate database and application security risks
- Implement testing and mitigation strategies
Module 9: Integrated security practices
- Align governance with operational security controls
- Conduct digital forensic investigations
- Strengthen organisational awareness and training programmes
- Manage supply chain and third-party risks
- Integrate security across all business functions
What's included
- Expert-led instruction delivered by an authorised ISC2 instructor
- Official ISC2 student training guide
- Scenario-based learning with applied activities
- Facilitated discussions to encourage peer engagement
- Hands-on activities including six case studies
- End-of-chapter quizzes with detailed explanations
- Official ISC2 CISSP exam voucher
Exams and assessments
This course includes a comprehensive range of assessments designed to reinforce learning, validate understanding, and prepare learners for the CISSP certification exam.
- Official ISC2 CISSP exam is included at no additional cost, taken post class
- Exam duration of three hours
- Computer adaptive testing format with 100 to 150 questions
- Question styles include multiple-choice and advanced item types
- Passing score set at 700 out of 1000
Learners will leave the course with a clear understanding of their strengths and areas for further study, ensuring a focused and effective approach to exam readiness.
Hands-on learning
This course emphasises practical application through immersive, scenario-based learning designed to reflect real-world cybersecurity challenges.
- A comprehensive applied scenario spanning the course with nine structured activities
- Realistic exercises simulating tasks performed by practising security professionals
- Interactive flashcards to support active recall and knowledge reinforcement
- Guided problem-solving activities across all eight CISSP domains
- Case studies exploring security incidents, risk management, and control implementation
- Instructor-led walkthroughs of complex security concepts and solutions
- Peer discussions to explore different approaches to security challenges
