Overview

The CISSP practice lab covers 8 targeted domains ranging from operations security, telecommunications, network and internet security, access control systems and methodology and business continuity planning.

If you are looking to validate your competence in information security and want to differentiate yourself from other security professionals in the job market, this is the ideal skill enhancement tool for you.

In an increasingly complex cyber landscape, there is a growing need for information security leaders who possess the depth of expertise needed to establish capable security programs and protect an organizations' critical information assets. The CISSP is the proven standard of that knowledge.

Not only will this lab allow you to gain hands-on skills needed as a proficient security professional, but it will also prepare you to confidently ace the Certified Information Systems Security Professional (CISSP) certification exam.

Obtaining your CISSP certification signifies that you possess the ability to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks.

Exercises Included in the Lab:

  • Introduction to CISSP

  • Security and Risk Management

  • Encryption and Hashing

  • SCCM Configuration Items and Baselines

  • Implement OpenPGP

  • Two factor Authenication with SSH

  • Implement SSL VPN using ASA Device Manager

  • Configure and Verify IPv4 and IPv6 Access Lists for Traffic Filtering

  • Configuring IPtables : In progress

  • Windows Command Line Tools

  • Administering and Deploying Endpoint Protection

  • Bitlocker on Portable Media

  • Managing Remote Desktop

  • Manage Role-based Security

  • Configuring MBSA Scanner

  • Compliance Patching

  • Passive Topology Discovery

  • Scanning and Remediating Vulnerabilities with OpenVAS

  • Installing Kali

  • Implement Backup and Recovery

  • Installation and Verification of Snort

  • Configuring and Securing IIS

  • Upgrading and Securing SSH Connection

  • DVWA - Manual SQL Injection and Password Cracking

Learning Objectives of This Lab Include:

Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)

  • Confidentiality, integrity, and availability concepts

  • Security governance principles

  • Compliance

  • Legal and regulatory issues

  • Professional ethic

  • Security policies, standards, procedures and guidelines

Asset Security (Protecting Security of Assets)

  • Information and asset classification

  • Ownership (e.g. data owners, system owners)

  • Protect privacy

  • Appropriate retention

  • Data security controls

  • Handling requirements (e.g. markings, labels, storage)

Security Engineering (Engineering and Management of Security)

  • Engineering processes using secure design principles

  • Security models fundamental concepts

  • Security evaluation models

  • Security capabilities of information systems

  • Security architectures, designs, and solution elements vulnerabilities

  • Web-based systems vulnerabilities

  • Mobile systems vulnerabilities

  • Embedded devices and cyber-physical systems vulnerabilities

  • Cryptography

  • Site and facility design secure principles

  • Physical security

Communication and Network Security (Designing and Protecting Network Security)

  • Secure network architecture design (e.g. IP and non-IP protocols, segmentation)

  • Secure network components

  • Secure communication channels

  • Network attacks

Identity and Access Management (Controlling Access and Managing Identity)

  • Physical and logical assets control

  • Identification and authentication of people and devices

  • Identity as a service (e.g. cloud identity)

  • Third-party identity services(e.g. on-premise)

  • Access control attacks

  • Identity and access provisioning lifecycle (e.g. provisioning review)

Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

  • Assessment and test strategies

  • Security process data (e.g. management and operational controls)

  • Security control testing

  • Test outputs (e.g. automated, manual)

  • Security architectures vulnerabilities

Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery)

  • Investigations support and requirements

  • Logging and monitoring activities

  • Provisioning of resources

  • Foundational security operations concepts

  • Resource protection techniques

  • Incident management

  • Preventative measures

  • Patch and vulnerability management

  • Change management processes

  • Recovery strategies

  • Disaster recovery processes and plans

  • Business continuity planning and exercises

  • Physical security

  • Personnel safety concerns

Software Development Security (Understanding, Applying, and Enforcing Software Security)

  • Security in the software development lifecycle

  • Development environment security controls

  • Software security effectiveness

  • Acquired software security impact

Practice Lab Specifications

Practice Labs are pre-configured hardware layouts with accompanying lab guides for fast, convenient access that make studying for an exam or learning new technologies an engaging experience. Develop your comprehensive IT skills in a safe, working environment without the need to invest in your own hardware and software.

  • Practical Training on the Latest Industry Technology

  • Real Equipment, No Simulations

  • 6 Month Unified Access Available on Any Device

  • No Hardware or Licensing Costs

System Requirements

Recommended Hardware:

  • Screen dimensions: 1920px x 1080px or higher (full HD or higher)

  • Processor speed: 2Ghz / multi-core

  • Broadband / Internet access requirements: 5mb download, 1mb upload

Minimum Hardware:

  • Screen dimensions: 1280px x 1024px

  • Processor speed: 1.5Ghz

  • Broadband / Internet access requirements: 2mb download, 256kpbs upload

Operating Systems:

  • Microsoft Windows XP with SP2/Vista/7/8/8.1/10

  • Microsoft Windows Server 2003/2008/2013

  • Linux Red Hat, Fedora, SUSE, Ubuntu

  • Apple Mac OS X

Networking:

  • Internet connection minimum of 512Kbs

  • HTTPS Access (Port 443)

  • HTTP Access (Port 80)

Software:

  • Oracle Java version 1.7+ (If using our Java client)

Browser:

HTML 5 Client

  • Microsoft Edge 13 or later

  • Microsoft Internet Explorer 10 or later

  • Chrome 29 or later

  • Firefox 45 or later

  • Apple Safari 9.1 or later

Java Client

  • Internet Explorer 10 or later

Note: For both client technologies, if you have a Pop up blocker enabled on your computer

you will need to allow popups from *.practice-labs.com as an exception.