NICF – (ISC)2 CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) (SF)

NICF – (ISC)2 CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) (SF)

Funded

Course Duration

40.0 hr(s)

Mode of Assessment

Students will be required to complete an assessment during class. There are 2 assessment modes in this module:

  • Written Assessment
  • Case Study

Who Should Attend

The CISSP is ideal for experienced security practitioners or managers and executives that want to get into the field of information security. It recognizes the information security leaders who understand cybersecurity strategy and hands-on implementation and proves professionals have the knowledge and experience to design, develop and manage an organization’s overall security. Some of the job roles that the CISSP can perform include Chief Information Security Officer, Chief Information Officer, IT Director/Manager, Security Director, Security Manager, Security Auditor, Security Systems Engineer, Security/Network Architect, Security Consultant/Analyst. 


 

The participants for this programme are likely to be: 

  • Cybersecurity specialists 
  • Security consultants 
  • Security managers 
  • Cybersecurity engineers 
  • Security analysts 
  • Cybersecurity architects 
  • Chief information security officers 
  • Security auditors 

Targeted sector: Cybersecurity is a key support function that cuts across the horizontal section of all industry sectors. The role, accountable for establishing and driving cybersecurity strategies, policies, standards and guidelines according to organisation's needs and legislation. 

What's In It for Me

After signing up for this 5-day courses, you will be issued with:

1. CISSP Official (ISC)2 Student Guide (Digital, 1 year license)

2. CISSP Official (ISC)2 Student Guide (Complimentary, Physical textbook)

3. Practice Assessments with Answer Keys

 

The Official (ISC)2 Student Guide (both digital and physical editions) is the courseware used during the Official Training.

The Official (ISC)2 Student Guide is included, and exclusively available, with NTUC LearningHub's Official (ISC)2 training courses and cannot be purchased elsewhere. The Student Guide is used as a reference to compliment a candidate’s training course which provides a comprehensive review of information systems security concepts and industry best practices detailed in the CBK (common body of knowledge). The Student Guide contains the same post-course assessment that is included within the LMS system.

The Official (ISC)2 CBK (common body of knowledge) is the authoritative resource for information security professionals and covers domains with the depth necessary to apply them in the daily practice of information security.

What do you learn from this 5-day course?

  • Learn about the Information Security Environment 
  • Learn about Asset Security 
  • Learn about Identity and Access Management 
  • Learn about Security Architecture and Engineering 
  • Learn about Communication and Network Security 
  • Learn about Software Development Security  
  • Learn about Security Assessment and Testing 
  • Learn about Security Operations 
  • Prepare for the (ISC)2 CISSP certification examination  
  • Better career opportunities in the Information Security industry 

 


 

Course Overview

NTUC LearningHub Course Code: NICF151

TP Gateway Code: TGS-2022017352

 

The five-days course will cover information security concepts and principles and how these can be aligned to business objectives to help organizations improve their cyber security posture. Proactive identifying cyber security risks and applying the appropriate security controls will help to reduce the impact to business operations.  Implementation of appropriate security guidelines and protocols that is aligned to corporate security policies will be covered. 


 

NTUC LearningHub have signed with (ISC)² as the official training provider in Singapore for all (ISC)2 courses. This partnership will allow NTUC LearningHub and (ISC)² to enhance the professional pipeline and quality of the cybersecurity workforce, and to raise awareness about the need for continuous improvement for specialized cybersecurity competencies in Singapore. 

Course Schedule

Next available schedule

See All Schedules

Course Objectives

  • Relate confidentiality, integrity, availability, non-repudiation, authenticity, privacy and safety to due care and due diligence 

  • Identify and select security assessment approaches, frameworks and standards 

  • Relate information security governance to organizational business strategies, goals, missions and objectives 

  • Identify the different types and categories of information security controls and their use. 

  • Compare and contrast the security operations characteristics of different types of governance and administrative controls 

  • Develop incident response policies and plans. Link incident response to needs for security controls and their operational use 

  • Understand internal, external and third party assessment and testing 

  • Explain how governance frameworks and processes relate to the operational use of information security controls 

 


 

Pre-requisites

Knowledge, Skills & Experience  

Practicing security, ICT professional or anyone that has the necessary IT qualifications that wants to enter the field of Information Security. 

If you are taking the course just for knowledge it is not mandatory to possess the external exam accreditation requirements.

*Find out more about getting certified (https://www.isc2.org/Certifications/CISSP/experience-requirements) 


 

To be eligibe to become a CISSP after successfully passing the official IS2 CISSP exam, candidates must have a minimum of five years cumulative paid work experience in two or more of the eight domains of the CISSP CBK. Earning a four-year college degree or regional equivalent or an additional credential from the (ISC)² approved list will satisfy one year of the required experience. Education credit will only satisfy one year of experience. 

A candidate who doesn’t have the required experience to become a CISSP may become an Associate of (ISC)² by successfully passing the CISSP examination. The Associate of (ISC)² will then have six years to earn the five years required experience. 

 

Work Experience 

Your work experience must fall within two or more of the eight domains of the (ISC)² CISSP CBK

  • Domain 1. Security and Risk Management 

  • Domain 2. Asset Security 

  • Domain 3. Security Architecture and Engineering 

  • Domain 4. Communication and Network Security 

  • Domain 5. Identity and Access Management (IAM) 

  • Domain 6. Security Assessment and Testing 

  • Domain 7. Security Operations 

  • Domain 8. Software Development Security 

Full-Time Experience: Your work experience is accrued monthly. Thus, you must have worked a minimum of 35 hours/week for four weeks in order to accrue one month of work experience. 

Part-Time Experience: Your part-time experience cannot be less than 20 hours a week and no more than 34 hours a week. 

  • 1040 hours of part-time = 6 months of full time experience 

  • 2080 hours of part-time = 12 months of full time experience 

Internship: Paid or unpaid internship is acceptable. You will need documentation on company/organization letterhead confirming your position as an intern. If you are interning at a school, the document can be on the registrar’s stationery. 

Course Outline

  • Chapter 1 (Information Security Environment)
    • Understand, adhere to and Promote Professional Ethics
    • Understand and Apply Security Concepts
    • Evaluate and Apply Security Concepts
    • Legal Environment
    • Basic Secure Design Principles
  • Chapter 2 (Information Asset Security)
    • Information Assets
    • Manage the data security life cycle
    • Determine Data security controls and compliance requirements
  • Chapter 3 (Identity and Access Management)
    • Manage the Identity and Access Provisioning Lifecycle
    • Implement and Manage Access Control Models and Mechanisms
    • Managing People and Operations
    • Control Physical and Logical Access to Assets
    • Manage Identification and Authentication of People, Devices and Services
    • Implement Authentication and Authorization Systems
  • Chapter 4 (Security Architecture and Engineering)
    • Assess and mitigate the vulnerabilities of Security Architectures, Design and Solution Elements
    • Cryptographic Systems
    • Hybrid Systems and the Public Key Infrastructure (PKI)
    • Cryptographic Systems Hygiene: Operation and Maintenance
    • Cryptanalysis – Methods of Cryptanalytic Attacks
  • Chapter 5 (Communication and Network Security)
    • Open Systems Interconnection (OSI) and Transmission Control Protocol (TCP) over Internet Protocol (TCP/IP) models
    • OSI Layer 1 (Physical Layer)
    • OSI Layer 2 (Data Link Layer)
    • OSI Layer 3 (Network Layer)
    • OSI Layer 4 (Transport Layer)
    • OSI Layer 5 (Session Layer)
    • OSI Layer 6 (Presentation Layer)
    • OSI Layer 7 (Application Layer)
    • Secure Design Principles in Network Architecture
    • Secure Network Components
    • Implementing Secure Communications Channels According to Design
  • Chapter 6 (Software Development Security)
    • Why so many software systems are Unsecure
    • Security Weaknesses at the source code level: Why so much software is unsecure
    • Why Databases can be unsecure
    • Why websites can be unsecure
    • Malware, ransomware, and Ransom Attacks: The software perspective
    • “Baking in “ Security: Development Management Choices
    • Security Controls in Software Development Ecosystems
    • Risk Analysis and Mitigation for Software Apps and Systems
  • Chapter 7 (Security Assessment and Testing)
    • Design and validate Assessment, Test and Audit Strategies
    • Conduct Security Control Assessment
    • Collect Security Process Data
    • Analyze and report on Organization Performance
  • Chapter 8 (Security Operations)
    • Conduct Logging and Monitoring Activities
    • Perform Change Management
    • Basic Incident Response Concepts
    • Conduct Incident Management
    • Operate and maintain Detective and Preventative Measures
    • Implement Backup and Recovery Strategies
    • Apply Security Design Principles to Site and Facility Design
    • Site and Facility Security Controls
    • Personnel Safety and Security Controls


 

Certificate Obtained and Conferred by

Awarded SF Statement of Attainment (SOA) 

Upon completion of the course and assessment, students will also be awarded with these SF SOA: 

  • ICT-SNA-4020-1.1 Security Governance 

Candidate who successfully completed the course with    

a.     75 % attendance    

b.     Pass the assessment (Pass rate: 100%)   

Will be awarded NTUC Learning Hub Certificate of Completion   

 

Official (ISC)2 CISSP certification exam 

To purchase ISC2 exam vouchers please click on this link: https://www.ntuclearninghub.com/g/-isc-2

After students pass the external official exam, they will receive a Certified Information Systems Security Professional certificate from International Information Systems Security Certification Consortium ((ISC)2). 

Additional Details

Medium of Instruction: English

Trainer: Trainee ratio is 1:25

Courseware: Digital Copy (1 year license) + Physical copy (complimentary)

Price

Course Fee:

For Classes commencing on or after 1st Jan 2023
 

Individual Sponsored Trainee

Company Sponsored Trainee
 

Before GST

With GST

Before GST

With GST

For International Students (Full Course Fee)

$3,600.00

$3,888.00

$3,600.00

$3,888.00

For Singapore Citizens and PRs
(after 50% funding)

$1,800.00

$2,088.00

$1,800.00

$2,088.00

For Singapore Citizens aged 40 years and above
(after 70% funding)

$1,080.00

$1,368.00

$1,080.00

$1,368.00

*After 70% ­­­­funding for SME-sponsored Singaporeans and PRs under Enhanced Training Support for SMEs (ETSS) scheme

Funding Eligibility Criteria:

Individual Sponsored Trainee

Company Sponsored Trainee
  • Singapore Citizens or Singapore Permanent Residents
  • Trainee must achieve at least 75% attendance
  • Trainee must pass all prescribed tests / assessments, and attain 100% competency
  • NTUC LearningHub reserves the right to claw back the funded amount from trainee if he/she did not meet the eligibility criteria
  • Singapore Citizens or Singapore Permanent Residents
  • Trainee must achieve at least 75% attendance
  • Trainee must pass all prescribed tests / assessments, and attain 100% competency
  • NTUC LearningHub reserves the right to claw back the funded amount from the employer if trainee did not meet the eligibility criteria

Remarks:

Individual Sponsored Trainee

Company Sponsored Trainee

SkillsFuture Credit:

  • Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fee payable after funding

PSEA:

  • Eligible Singapore Citizens can use their Post-Secondary Education Account (PSEA) funds to offset course fee payable after funding (does not apply to all courses)

UTAP:

  • NTUC Members can enjoy up to 50% funding (capped at $250 per year) under Union Training Assistance Programme (UTAP)

Absentee Payroll (AP) Funding:

  • $4.50 per hour, capped at $100,000 per enterprise per calendar year
  • AP funding will be computed based on the actual number of training hours attended by the trainee
  • Note: Courses / Modules under Professional Conversion Programme (PCP) will not be eligible for AP funding claim.

Terms and conditions apply. NTUC LearningHub reserve the right to make changes or improvements to any of the products described in this document without prior notice.

Prices are subject to other LHUB miscelleanous fees.

What Others Also Enrolled In

Funded

(ISC)2 CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) (SF)

View detail
Before Funding $4,050.00
View detail
Funded

(ISC)2 CERTIFIED CLOUD SECURITY PROFESSIONAL (CCSP) (SF)

View detail
Before Funding $3,900.00
View detail
Funded

NICF – (ISC)2 CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) (SF)

View detail
Before Funding $3,600.00
View detail
Funded

(ISC)2 CERTIFIED IN CYBERSECURITY (CC)

View detail
Before Funding $990.00
View detail