Mob: +254 721 130 397, +254 780 342 333 | Email:


Course Description

The Certified Information Systems Security Professional Certification course from ISC2 is one of the most sought-after certification courses in the Cybersecurity domain. There is an increase in security breaches on a daily basis irrespective of the size of an organization. Be it SMBs, Large MNCs, or Government Institutions, hacking, malware, phishing is completely tarnishing the image of the company, and business-critical data is no more secure.

CISSP Certification was clearly developed to address these cybersecurity threats and provide a secure environment by using widely-recognized information security standards. Participants taking part in this CISSP training will get a copy of the course material that is completely aligned with ISC2 CISSP Common Body of Knowledge (2018) and will receive a course completion certificate from an ISC2 Official Training Provider.


Participants who take part in the Certified Information Systems Security Professional (CISSP) training will learn about:

• A holistic understanding of information security aspects in an organization

• Defining the architecture, design, and management of IT security

• Necessary skills required to become a CISSP certified professional

• Gain a thorough understanding of all the 8 domains prescribed in the ISC2 CISSP Common Body of Knowledge (CBK)

• Optimizing security operations in an enterprise

• Access control systems and various methodologies that complement IT Security and governance for an enterprise

Target Audience

Job roles that can take up CISSP training include, but are not limited to:

• Network Architects

• Security Consultants

• Security Architects

• Security Auditors

• Security Managers

• CIOs

• Directory of Security

• Security Analysts

• Security Systems Engineers

• Anybody who wants to gain knowledge of globally-recognized CISSP information security standards

• Anybody who is looking to clear their CISSP Certification Exam


• Candidates who wish to take up the Certified Information Systems Security Professional (CISSP) training have a minimum 5 years of work experience in two or more of the 8 domains prescribed by ISC2 in their CISSP Common Body of Knowledge (CBK)

• There can be a waiver of 1 year from the required 5-year experience if the candidate has a 4-year college degree or any additional certification credential from ISC2 approved course list.


• 40 Hours

Course Outline

Lesson 1: Security and Risk Management Topic

A: Security Governance Principles

B: Compliance 

C: Professional Ethics 

D: Security Documentation 

E: Risk Management 

F: Threat Modeling 

G: Business Continuity Plan Fundamentals 

H: Acquisition Strategy and Practice 

I: Personnel Security Policies 

J: Security Awareness and Training

Lesson 2: Asset Security Topic

A: Asset Classification 

B: Privacy Protection 

C: Asset Retention 

D: Data Security Controls

E: Secure Data Handling

Lesson 3: Security Architecture and Engineering Topic

A: Security in the Engineering Lifecycle 

B: System Component Security 

C: Security Models 

D: Controls and Countermeasures in Enterprise Security 

E: Information System Security Capabilities 

F: Design and Architecture Vulnerability Mitigation

G: Vulnerability Mitigation in Mobile, IoT, Embedded, and Web-Based Systems

H: Cryptography Concepts

I: Cryptography Techniques 

J: Site and Facility Design for Physical Security 

K: Physical Security Implementation in Sites and Facilities

Lesson 4: Communication and Network Security Topic

A: Network Protocol Security

B: Network Components Security 

C: Communication Channel Security 

D: Network Attack Mitigation

Lesson 5: Identity and Access Management Topic

A: Physical and Logical Access Control 

B: Identification, Authentication, and Authorization 

C: Identity as a Service 

D: Authorization Mechanisms 

E: Access Control Attack Mitigation

Lesson 6: Security Assessment and Testing Topic

A: System Security Control Testing 

B: Software Security Control Testing

Topic C: Security Process Data Collection 

D: Audits

Lesson 7: Security Operations 

A: Security Operations Concepts

B: Physical Security 

C: Personnel Security 

D: Logging and Monitoring

E: Preventative Measures 

F: Resource Provisioning and Protection 

G: Patch and Vulnerability Management 

H: Change Management 

I: Incident Response

J: Investigations

K: Disaster Recovery Planning 

L: Disaster Recovery Strategies 

M: Disaster Recovery Implementation

Lesson 8: Software Development Security

A: Security Principles in the System Lifecycle 

B: Security Principles in the Software Development Lifecycle

C: Database Security in Software Development

D: Security Controls in the Development Environment T

E: Software Security Effectiveness Assessment




Contact Information

Eco Bank Towers, 4th Floor Muindi Mbingu Street
P. O. Box 21857 - 00100 Nairobi

Mob: +254 780 342 333, +254 202 246145, 2246154 

Copyright © 2022 Learnovate Technologies Limited. All rights reserved