From the course: ISC2 Information Systems Security Engineering Professional (ISSEP) Cert Prep

Course overview

From the course: ISC2 Information Systems Security Engineering Professional (ISSEP) Cert Prep

Start my 1-month free trial Buy for my team

Course overview

- [Brad] Welcome back to Cybrary's ISSEP course. I'm your instructor, Brad Rhodes. Let's get started with module one of 10. So we got 10 modules which we're going to talk about here. And we're going to jump into the overview. This is the overview of the course. So welcome to the course overview. In this video we're going to look at our module objectives. We're going to look at the course objectives. And we're going to look at the course outline in a little more detail so you know what you're getting into. So here is the module objectives. And so in this first module, this is sort of your first taste, your first introduction into this thing we call ISSEP. So we're going to look at the CISSP concentrations themselves so you know what they are. The CISSP concentrations are a unique set of three concentrations you can get to show and demonstrate subject matter expertise, which I'll talk about in a second. We're going to review the CISSP domains, the Certified Information System Security Professional domains. Why? Because if you are going to pursue the ISSEP concentration as a professional cert, as an add-on to your CISSP, then you need to understand that those domains are very important. That's the basis of a lot of things with ISSEP. And oh, by the way, if you took your CISSP 10 years ago, the domains have changed. So you're going to want to go back and review those, probably even get a new CISSP book. Then we'll talk about the ISSEP domains specifically to give you an introduction there, 'cause we got five of those we have to go through. And that is the bulk of this course. And then we're going to talk specifically about information system security engineer or ISSE role. So what jobs might you look at or get if you hold the ISSEP concentration? So our course objectives for the Cybrary ISSEP course are pretty straightforward. We are going to work together to discover the ISSEP domains. We're going to look at the skillset sets that an ISSE needs. And this is really important. I want you to be able to walk out of here after spending a chunk of your time going through this course, A, prepared for the exam and knowing what to study for the exam. But B, having developed some of those ISSE skills and knowing where to find the information that you need to perform as an ISSE. We're going to talk specifically about the ISSE process. And so that was defined by NIST several years ago. And it is a great sort of flow when you think about how an ISSE does their job and where an ISSE gates in and what are the things an ISSE does. Obviously throughout the course we will be highlighting, and specifically we have a module on the NIST documentation, which is a bulk of the ISSE resources, although there's more. We're going to touch on one, the IATF, which if you've not heard of the IATF, we're going to talk about that a little bit later. That is a great book. It's old, but it is a great book for an ISSE to learn and understand. And then of course, obviously we want to prep for the ISSEP exam if you're here and you want to achieve that concentration. It's a tough one. I hold that concentration, and it was a great learning experience to get to that point where I felt comfortable walking in the door for that exam. And I hope that after this course you will feel the same level of comfort. So here's our course outline. So we're here in module one, and you're going to see this diagram come back several times, obviously, well, 10 times throughout the course. So the first five modules are focused on the ISSEP domains, and that's foundations, risk management, planning and design, implementation and operations. And we're going to talk specifically in each of those modules about the different pieces and parts, and really those focus areas of things you need to know in those modules. Then module seven is the ISSE process, so that's the Information System Security Engineer process. And that really references a lot of what we do out of NIST, and it talks through the entire flow and the products and documents and everything you should know as an ISSEP. Then we're going to talk about the software development lifecycle, which, or excuse me, the system development lifecycle, not the software development lifecycle. This is an important distinction. When we are doing systems engineering, right, we tend to be more deliberate. We tend to really focus on the requirements, the standards, the constraints, the cost, schedule, performance, which you're going to hear a lot about. We tend to focus on that in SDLC. Because if we're going to engineer a complex system, we have to get it right. Software is different, and yes, software runs the world. And yes, can you apply ISSE processes to software development? 100% correct, yes you can. But this is really focused on the systems engineering aspect of which software is only a small part. We'll talk specifically about the key NIST standards, so that's the National Institute of Standards and Technologies. One of the great things that ISC2, which is the organization that created CISSP and the different concentrations, is they looked at the standards that were out there and they didn't reinvent the wheel. And I appreciate that. I'm not a fan of reinventing the wheel if you don't have to. And then finally, we're going to talk about the concentration insights. And that's really going to be more focused on helping you to prepare for the exam, and what areas you really need to focus on and study. And of course, at the end of this you get your certificate of completion. So what did we cover in this video? We looked at the module objectives, we looked at the course objectives, and we covered the course outline in a little more detail. Hope to see you next time.

Contents