Technical staff and security consultants, security managers, networks or system administrators and in general everyone that wants to certify its knowledge in the security area.

Experience in any field in IT Security as the requirements established by the (ISC)².

Also could be obtained the certification Associate of (ISC)², although the experience necessary is not possessed, that, once reached, become CISSP.

Have the necessary knowledge in 10 Common Body of Knowlegde (CBK).

To sign to the (ISC) ² code of ethics.

Everybody who wants to be a CISSP needs to have knowledge in some areas that ISC calls as 10 domains of knowledge and that is what (ISC)² asks from the candidate. These 10 domains are the following ones:

1. Practices of Management of the Security: Identification of the assets of an organization and development, documentation and implementation of political, standards, procedures and guides:
• Concepts and aims.
• Management of the risk.
• Procedures and political.
• Classification of the information.
• Responsibilities and roles in the security of the information.
• Awakening in the security of the information.
2. Architecture and Models of Security: Concepts, principles, structures and standards used to design, to monitor and to assure systems, teams, networkss, applications and controls used to reinforce the diverse levels of the availability, integrity and confidentiality:
• Concepts of control and security.
• Security models.
• Criterions of evaluation.
• Security in environments client / server and host.
• Security and architecture of networks.
• Architecture of the security IP.
3. Systems and Methodology of Control of Access: Set of mechanisms that allow to create a sure architecture to protect the assets of the systems of information:
• Concepts and topics.
• Identification and authentication.
• Team of e-security.
• Single sign-on.
• Centralized access / decentralized / distributed.
• Methodologies of control.
• Monitoring and technologies of control of access.
4. Security in the Development of Applications and Systems: Define the environment where one designs and develops the software and includes the critical importance of the software inside the security of the systems of information:
• Definitions.
• Threats and security goals.
• Cycle of life.
• Sure architectures.
• Control of changes.
• Security measures and development of applications.
• Databases and byline warehousing.
• Knowledge-based systems.
5. Security of the Operations: Used to identify the controls on the hardware, means and the operators and manager with privileges of access to some type of resource:
• Resources.
• Privileges.
• Mechanisms of control.
• Potential abuses.
• Appropriate controls.
• Beginning.
  
6. Cryptography: The beginning, means and protection methods of the information to assure its integrity, confidentiality and genuineness:
• History and definitions.
• Applications and uses of the cryptography.
• Protocols and standards.
• Basic technologies.
• Systems of incription.
• Symmetrical cryptography / asymmetric.
• Digital signature.
• Security in the e-mail and Internet using incription.
• Management of keys.
• Public key infrastructure (PKI).
• Assaults and criptoanalisys.
• Legal questions in the exportation of cryptography.
7. Physical Security: Protection technologies of facilities, including the resources of the systems of information:
• Management of the facilities.
• Security of the personnel.
• Defense in depth.
• Physical controls.
8. Security in Internet, Networks and Telecommunications: Include the devices of the network, the methods of transmission, formats of transport, security measures and authentication:
• Management of the security in the comunications.
• Protocols of network.
• Identification and authentication.
• Communication of information.
• Internet Security and Web.
• Methods of assault.
• Security in Multimedia.
9. Recovery before Disasters and Planning of the Continuity of the Business: Direct the preservation of the business in case of situations of stop taking place for the restoration of the operations:
• Concepts of recovery before disasters and of business.
• Processes of planning of the recovery.
• Management of the software.
• Analysis of Vulnerabilities.
• Development, maintenance and testing of plans.
• Prevention of disasters.
10. Laws, investigations and Ethics: Include the laws and regulations of the computer crimes, the technologies and measures of investigation, recovery of evidences and codes of ethics:
• Laws and regulations.
• Management of incidents.
• Management of the response before incidents.
• Conduction of investigations.
• Ethics in the security of the information.
• Code of ethics of the (ISC) ².

40 hours + 6 hours for the exam.

Madrid

• Course: September 29-October 3, 2008 (9:00-18:00).
• Exam: October 18, 2008 (9:00-16:00).

The teacher of the CBK Seminar are official teachers from the (ISC)².

The course is conducted in english.

The exam could be done in english (using bilingual dictionary) or in english + spanish (without dictionary).

ESNE - Madrid | C. Moscatelar, 10-12 | Metro Arturo Soria y Esperanza.

Course:

• Early inscription (deadline date inscription on August 13th, 2008): 2.336 € (VAT not included).
• Noraml inscription: 2.595 € (VAT not included) .

Exam: 460 € (early inscription 16 days before exam date), 560 € (normal inscription) .

The cost includes:

• Official Book of the CISSP Seminar.
• Coffee break and lunch.

Deadline date inscriptions to the Andorra seminar on 12th September 2008.

More information and inscriptions in the telephone +34 93 305 13 18 or e-mail

The inscription for the exam must be done directly in the (ISC)² website.