LDR414: SANS Training Program for CISSP® Certification

In this first section, LDR414 introduces the specific requirements needed to obtain CISSP® certification. The 2024 exam update will be discussed in detail. We will cover the general security principles needed to understand the 8 domains of knowledge, with specific examples for each domain.

This section covers data classification across sectors, ownership roles, and secure data retention and destruction. It also introduces key topics from Security Engineering, including Data Loss Prevention (DLP), Cloud Access Security Brokers (CASB), microservices, containerization, serverless computing, and High-Performance Computing (HPC).

This section covers core cryptographic concepts and physical security, including new topics like SASE and quantum cryptography. It then shifts to Communication and Network Security, focusing on protocols, devices, and emerging technologies such as VXLAN, SD-WAN, and NFV.

This section focuses on secure methods of identification, authentication, and authorization. It highlights modern approaches like multi-factor authentication, federated identity, and third-party services such as SAML, OIDC, and OAuth. The section also addresses credential management and access control models like RBAC and ABAC.

This section covers Domain 6 (Security Assessment) and Domain 7 (Security Operations), focusing on evaluating and maintaining security controls. It includes testing strategies, vulnerability assessments, monitoring, and incident response. The section also explores advanced topics like AI-driven tools, cloud security, and disaster recovery planning.

This section covers Domain 8 (Software Development Security), focusing on building security into the software development lifecycle. We review traditional and modern development methodologies, secure coding practices, and emerging topics like DevSecOps, IAST, and CI/CD. We also address vulnerability management and software security testing techniques.