Differences

This shows you the differences between two versions of the page.

--- products:ict:security:cissp:cissp_course_outline [2024/03/30 16:06] – [2. **Asset Security:**] wikiadmin
+++ products:ict:security:cissp:cissp_course_outline [2024/03/30 20:20] (current) – [5. Identity and Access Management (IAM):] wikiadmin
@@ Line 4: / Line 4: @@
 The Certified Information Systems Security Professional (CISSP) certification is one of the most recognized and prestigious certifications in the field of cybersecurity. The CISSP exam covers a broad range of topics related to information security, and CISSP courses typically follow an extensive curriculum to prepare candidates for the exam. Here's a typical course outline for a CISSP training program:
-===== 1. **Introduction to Information Security and Risk Management:** =====
+===== 1. Introduction to Information Security and Risk Management: =====
@@ Line 75: / Line 75: @@
 .1. **Security Models and Frameworks:**
-   - Overview of common security models (e.g., Bell-LaPadula, Biba, Clark-Wilson).
-   - Understanding security frameworks such as the OSI model, TCP/IP model, and NIST Cybersecurity Framework.
+[[products:ict:security:overview_of_common_security_models|Overview of common security models (e.g., Bell-LaPadula, Biba, Clark-Wilson).]]
-   - Role-based access control (RBAC) and attribute-based access control (ABAC) models.
-   - Frameworks for designing and implementing security controls (e.g., COBIT, ITIL, ISO 27001/27002).
+[[products:ict:security:an_overview_of_each_of_the_osi_model_and_the_nist_security_framework|Understanding security frameworks such as the OSI model, TCP/IP model, and NIST Cybersecurity Framework.]]
+[[products:ict:security:role-based_access_control_rbac_and_attribute-based_access_control_abac_models|Role-based access control (RBAC) and attribute-based access control (ABAC) models.]]
+[[products:ict:security:frameworks_for_designing_and_implementing_security_controls_cobit_itil_iso_27001_27002|Frameworks for designing and implementing security controls (e.g., COBIT, ITIL, ISO 27001/27002).]]
 .2. **Security Engineering Principles:**
@@ Line 111: / Line 116: @@
-. **Network Architecture and Design:**
+.1. **Network Architecture and Design:**
    - Understanding network architecture principles and components.
    - Different types of network topologies (e.g., star, mesh, ring).
@@ Line 119: / Line 124: @@
    - Virtual private network (VPN) architectures and implementations.
-. **Secure Communication Channels:**
+.2. **Secure Communication Channels:**
-   - Secure communication protocols (e.g., SSL/TLS, HTTPS, SSH) and their role in ensuring confidentiality, integrity, and authenticity of data in transit.
-   - Implementing secure email protocols (e.g., S/MIME, PGP) for secure email communication.
-   - Secure file transfer protocols (e.g., SFTP, FTPS) for secure file transfers.
-   - Principles of secure instant messaging and collaboration tools.
-. **Network Security Protocols:**
+[[products:ict:security:secure_communication_protocols|Secure communication protocols (e.g., SSL/TLS, HTTPS, SSH) and their role in ensuring confidentiality, integrity, and authenticity of data in transit.]]
+[[products:ict:security:implementing_secure_email_protocols|Implementing secure email protocols (e.g., S/MIME, PGP) for secure email communication.]]
+[[products:ict:security:secure_file_transfer_protocols|Secure file transfer protocols (e.g., SFTP, FTPS) for secure file transfers.]]
+[[products:ict:security:principles_of_secure_instant_messaging_and_collaboration_tools|Principles of secure instant messaging and collaboration tools.]]
+.3. **Network Security Protocols:**
    - Common network security protocols (e.g., IPsec, SSL/TLS, SNMP, SSH) and their roles in securing network communication and management.
    - Understanding the purpose and implementation of intrusion detection and prevention systems (IDS/IPS).
@@ Line 132: / Line 142: @@
    - Secure DNS (Domain Name System) protocols and techniques.
-. **Wireless Security:**
+.4. **Wireless Security:**
    - Wireless networking fundamentals (e.g., Wi-Fi standards, frequency bands).
    - Wireless security threats and vulnerabilities.
@@ Line 162: / Line 172: @@
 . **Authentication and Authorization Mechanisms:**
    - Authentication fundamentals (e.g., factors of authentication - something you know, something you have, something you are).
-   - Authentication methods (e.g., passwords, biometrics, tokens, multi-factor authentication).
+[[products:ict:security:authentication_fundamentals|Authentication methods (e.g., passwords, biometrics, tokens, multi-factor authentication).]]
    - Single-factor vs. multi-factor authentication.
    - Federation and trust models for authentication (e.g., SAML, OAuth, OpenID Connect).
@@ Line 168: / Line 180: @@
 . **Identity Federation and Single Sign-On:**
-   - Understanding identity federation concepts and architectures.
-   - Single sign-on (SSO) principles and benefits.
+[[products:ict:security:understanding_identity_federation_concepts_and_architectures|Understanding identity federation concepts and architectures.]]
-   - Federation standards and protocols (e.g., SAML, OAuth, OpenID Connect).
-   - Implementing SSO solutions across multiple domains and applications.
+[[products:ict:security:implementing_sso_solutions_across_multiple_domains_and_applications|Single sign-on (SSO) principles and benefits.]]
-   - Federated identity management considerations for cloud-based services and hybrid environments.
+[[products:ict:security:federation_standards_and_protocols|Federation standards and protocols (e.g., SAML, OAuth, OpenID Connect).]]
+[[products:ict:security:implementing_sso_solutions_across_multiple_domains_and_applications|Implementing SSO solutions across multiple domains and applications.]]
+[[products:ict:security:federated_identity_management_considerations_for_cloud_based_services_and_hybrid_environments|Federated identity management considerations for cloud-based services and hybrid environments.]]
 This section covers key concepts and practices related to identity and access management, including access control fundamentals, identity management, authentication mechanisms, and federation technologies. It provides candidates with the knowledge and skills needed to design, implement, and manage robust IAM solutions to ensure secure access to resources and applications while maintaining compliance with organizational policies and regulatory requirements.