CISSP Bootcamp
Published by O'Reilly Media, Inc.
Preparing for the 2024 exam +AI
Every job that touches a computer has a cybersecurity component. Every business owner must make informed decisions and choices in cybersecurity computing. The Certified Information Systems Security Professional (CISSP) is the gold standard of vendor-neutral cybersecurity certifications. Earning it proves you understand cybersecurity from a management viewpoint—a requirement if your organization is subject to PCI, GDPR, HIPAA, SOX, ISO 27001, or any of the host of other regulations.
Each of the eight CISSP domains represents an entire life’s work. Everyone tries to brute-force the exam, but most fail because it requires finesse, familiarity with a CISSP management way of thinking, and a clear study plan. In other words, to successfully prepare for the exam, what you need is a system.
Expert Dean Bushmiller has you covered, outlining a plan that will help you collect, practice, and verify your knowledge. Join him to explore the most current topics just ahead of the release of the new version of the CISSP exam, get hands-on with best practices, and, most importantly, learn how to utilize these skills in real-life situations—all in a fast, fun bootcamp.
What you’ll learn and how you can apply it
By the end of this live online course, you’ll understand:
- How to engineer and plan solutions to CISSP problems
- How to recognize what a CISSP exam question is asking
- How to prepare for the exam
And you’ll be able to:
- Avoid cybersecurity technical brute-force traps
- Build a plan for growing your managerial decision-making process
- Engineer trustworthy secure systems
This live event is for you because...
- You need a plan to prepare for the CISSP exam so you can pass on the first try.
- You’re a security designer, administrator, or engineer.
Prerequisites
- Familiarity with (ISC)2’s CISSP experience requirements
- A working knowledge of networking, operating systems, and administration
Recommended preparation:
- Review the course GitHub repository
Recommended follow-up:
- Take CISSP (Pearson Practice Test 2024 Update)
- Watch CISSP Certification Domain 1: Security and Risk Management Video Boot Camp 2019 (video, 1h 45m)
Schedule
The time frames are only estimates and may vary according to how the class is progressing.
Day 1
Overview of the exam (30 minutes)
- Presentation: Why you should listen to me; setting up your tools for passing the exam—GitHub; exam question-and-answer strategy
- Hands-on exercise: Navigate useful exam content on O’Reilly online learning
Domain: Risk assessment and management (25 minutes)
- Presentation: Steps in the Risk Management Framework
- Hands-on exercise: Risk I heard translation
- Q&A
Break (5 minutes)
Governance (30 minutes)
- Presentation: Governance paperwork
- Q&A
Domain: Security engineering architecture (25 minutes)
- Presentation: Security engineering architecture
- Hands-on exercise: Process a failed engineering project
- Q&A
Break (5 minutes)
Change and vulnerability management (30 minutes)
- Presentation: Change and vulnerability management
- Q&A
Domain: Communications and network security (25 minutes)
- Presentation: Communications and network security
- Hands-on exercise: Threats and controls
- Q&A
Break (5 minutes)
Domain: Security operations (30 minutes)
- Presentation: Security operations
- Hands-on exercise: Threats and controls
- Q&A
What’s new on the exam? (30 minutes)
- Presentation: What’s new on the exam?
- Q&A
Day 2
Domain: Identity and access management (30 minutes)
- Presentation: Identity and access management
- Hands-on exercise: Threats and control
- Q&A
MAC, DAC, RBAC, and ABAC models (25 minutes)
- Presentation: MAC, DAC, RBAC, and ABAC models
- Q&A
Break (5 minutes)
Domain: Knowledge asset security (30 minutes)
- Presentation: Knowledge asset security
- Hands-on exercise: Risk I heard
- Q&A
Business continuity (25 minutes)
- Presentation: Business continuity
- Hands-on exercise: Explore a case study
- Q&A
Break (5 minutes)
Domain: Security assessment and testing (30 minutes)
- Presentation: Security assessment and testing
- Hands-on exercise: Audit to a standard
- Q&A
Domain: Software development security (25 minutes)
- Presentation: Domain software development security
- Hands-on exercise: Process SDLC steps
- Q&A
Break (5 minutes)
Putting it together (30 minutes)
- Hands-on exercise: Threats and controls; explore a case study; risk I heard
- Q&A
Wrap-up and Q&A (30 minutes)
- Presentation: Exam practice—how to succeed; study tools that make sense for everyone
Your Instructor
Dean Bushmiller
Dean Bushmiller is a virtual CISO, a penetration tester, and a global incident responder. His work with the Z9M9Z think tank impacts many Fortune 500 companies. As an instructor, he won O’Reilly’s Engager Award for 2023, so be ready to learn and have fun. He’s been teaching cybersecurity since 1999 and has achieved more than 34 major cybersecurity certifications and passed over 100 certification exams. Though Dean is nonmilitary, he has had the honor to train the US military since 1999. In recognition of his outstanding service in the Information Assurance field, he has received eight mission coins.