Please confirm if this course is available in current course offerings.

To express interest for a different date, please fill out the

Expression of Interest form

Contact information

For further information or to request a quotation, please contact the Professional Education Courses Unit on:

Enquiries Phone: 02 5114 5573

Enquiries Email: ProfEdCourses@adfa.edu.au

In-house delivery

UNSW Canberra Professional Education Courses may be available for in-house delivery at your organisation's premises. In-house courses allow maximum attendance without the additional travel costs. Courses can be developed to suit the specific staff development and training needs of your organisation. Recommended for groups of 10 or more.

Led by an (ISC)² authorised instructor, this training course provides a comprehensive review of information security concepts and industry best practices, covering the 8 domains of the Certified Information Systems Security Professional (CISSP) Common Body of Knowledge:

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communications and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security

This training course will help candidates review and refresh their information security knowledge and help identify areas they need to study for the CISSP exam (not included). The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organisations from growing sophisticated attacks. Backed by (ISC)², the globally recognised, not-for-profit organisation dedicated to advancing the information security field, the CISSP was the first credential in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024. 

UNSW Institute for Cyber Security

UNSW Institute for Cyber Security is a unique, cutting-edge, interdisciplinary research and teaching centre, working to develop the next generation of cyber security experts and leaders.

The centre is based in Canberra at the Australian Defence Force Academy and provides professional, undergraduate and post graduate education in cyber security. Our air-gapped, state of the art cyber range offers a secure environment where we deliver a number of technical and highly specialised learning opportunities.

Our courses are designed to give the next generation of cyber security professionals the skill sets needed to thrive in the industry. We can also create bespoke professional education programs tailored to your organisation's needs.

Contact us at cyber@adfa.edu.au to discuss how.

www.unsw.edu.au/cyber

    Course details

    The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organisations from growing sophisticated attacks. 

    Backed by (ISC)², the globally recognised, not-for-profit organisation dedicated to advancing the information security field, the CISSP was the first credential in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024. Not only is the CISSP an objective measure of excellence, but also a globally recognised standard of achievement.

    On completion of this course, participants should be able to:

    • Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness.
    • Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks.
    • Offer greater visibility into determining who or what may have altered data or system information.
    • Plan for technology development, including risk, and evaluate the system design against mission requirements.
    • Protect and control information processing assets in centralised and distributed environments.

    Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open ended questions from the instructor to the students, matching and poll questions, group activities, open/closed questions, and group discussions. This interactive learning technique is based on sound adult learning theories.

    1. Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference).
    2. Apply a comprehensive and rigorous method for describing a current and/or future structure and behaviour for an organisation's security processes, information security systems, personnel, and organisational sub-units so that these practices and processes align with the organisation's core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organisation’s information assets.
    3. Apply a comprehensive and rigorous method for describing a current and/or future structure and behaviour for an organisation's security processes, information security systems, personnel, and organisational sub-units so that these practices and processes align with the organisation's core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity.
    4. Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise.
    5. Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organisations to have a better understanding of the state of their security posture.
    6. Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process.
    7. Protect and control information processing assets in centralised and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently.
    8. Understand the Software Development Life Cycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security.

    This course maps to the following NICE Framework KSAs (Knowledge, Skills & Abilities):

    K0002: Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

    K0179: Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

    K0612: Knowledge of what constitutes a “threat” to a network. 

    S0034: Skill in discerning the protection needs (i.e., security controls) of information systems and networks.

    A0077: Ability to coordinate cyber operations with other organisation functions or support activities.

    A0123: Ability to apply cybersecurity and privacy principles to organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

    What is the NICE Framework?

    The National Initiative for Cybersecurity Education (NICE) Cyber Security Workforce Framework developed by the National Institute of Standards and Technology (NIST) establishes a taxonomy and common lexicon that describes cyber security work and job roles.

    To find out more about the NICE Framework, go to: niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

     

    Courses will be held subject to sufficient registrations. UNSW Canberra reserves the right to cancel a course up to five working days prior to commencement of the course. If a course is cancelled, you will have the opportunity to transfer your registration or be issued a full refund. If registrant cancels within 10 days of course commencement, a 50% registration fee will apply. UNSW Canberra is a registered ACT provider under ESOS Act 2000-CRICOS provider Code 00098G.