[AfrICANN-discuss] security professional training - cissp cbk - in lome togo from july 4 to july 8

Jean-Robert Hountomey hrobert at iservices.tg
Tue May 31 23:00:51 SAST 2011

The new Information Security and Assurance Training Center funded by ISOC,
Iservices and other partners is planning to host a CISSP CBK in Lome - Togo
with ISC2 from July 4 to July 8. If you are interested ping me before

The CISSP curriculum covers subject matter in a variety of Information
Security topics. The CISSP examination is based on what (ISC) ² terms the
Common Body of Knowledge (or CBK). According to (ISC)², "the CISSP CBK is a
taxonomy -- a collection of topics relevant to information security
professionals around the world. The CISSP CBK establishes a common framework
of information security terms and principles that allow information security
professionals worldwide to discuss debate and resolve matters pertaining to
the profession with a common understanding."[7]

The CISSP CBK is fundamentally based on the CIA triad, the core information
security and assurance tenets: confidentiality, integrity and
availability,[7] and attempts to balance the three across ten areas of
interest, which are also called domains. The ten CBK domains are:[8]

    * Access Control
          o Categories and Controls
          o Control Threats and countermeasures
    * Application Development Security
          o Software Based Controls
          o Software Development Lifecycle and Principles
    * Business Continuity and Disaster Recovery Planning
          o Response and Recovery Plans
          o Restoration Activities
    * Cryptography
          o Basic Concepts and Algorithms
          o Cryptography standards and algorithms
          o Signatures and Certification
          o Cryptanalysis
    * Information Security Governance and Risk Management
          o Policies, Standards, Guidelines and Procedures
          o Risk Management Tools and Practices
          o Planning and Organization
    * Legal, Regulations, Investigations and Compliance
          o Major Legal Systems
          o Common and Civil Law
          o Regulations, Laws and Information Security
    * Operations Security
          o Media, Backups and Change Control Management
          o Controls Categories
    * Physical (Environmental) Security
          o Layered Physical Defense and Entry Points
          o Site Location Principles
    * Security Architecture and Design
          o Principles and Benefits
          o Trusted Systems and Computing Base
          o System and Enterprise Architecture
    * Telecommunications and Network Security
          o Network Security Concepts and Risks
          o Business Goals and Network Security

Jean Robert Hountomey

More information about the AfrICANN mailing list