Start with 7 free days of training.

Gain instant access to our entire IT training library, free for your first week.
Train anytime on your desktop, tablet, or mobile devices.

Certified Information Systems Security Professional

This (ISC)2 CISSP training with Keith Barker is designed for those who are preparing for a CISSP certification in information security, including topics from eight security domains (based on the 2015 blueprint), that are tested in the CISSP certification exam....
This (ISC)2 CISSP training with Keith Barker is designed for those who are preparing for a CISSP certification in information security, including topics from eight security domains (based on the 2015 blueprint), that are tested in the CISSP certification exam.

The CISSP certification is one of the most respected certifications available and is currently in great demand by a wide variety organizations. From banking and financial institutions to government and public utilities, as well as high-tech and hospitality, the skills of a CISSP are needed by nearly every industry.

In this CISSP 2015 training, you focus on the eight security domains that are tested in the CISSP certification exam, based on the 2015 blueprint from (ISC)2. Benefits of being a CISSP include:
  • Demonstrated working knowledge of information security
  • Confirmed commitment to profession
  • A career differentiator, with enhanced credibility and marketability
Recommended Experience
  • At least 5 years of experience in two of the following domains, and exposure to the others: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security
Recommended Equipment
  • None
Related Certifications
  • CISSP® - Certified Information Systems Security Professional
Related Job Functions
  • Security consultant
  • Security analyst
  • Security manager
  • Security systems engineer
  • IT director
  • Chief information security officer
  • Security auditor
  • Security architect
  • Network architect
This exam also meets the requirements for DoD baseline certifications for IAT Level III, IAM Level II, IAM Level III, IASAE I, and IASAE II.

Keith Barker has been a CBT Nuggets trainer since 2012, and has nearly three decades of IT experience. He holds a variety of certifications from Cisco, CompTIA, and more. His expertise areas include networking and security.
All trademarks and copyrights are the property of their respective holders.
 show less
1. Welcome to CISSP (16 min)
2. CIA Concepts (4 min)
3. Policies (13 min)
4. Risk (13 min)
5. Control Types (17 min)
6. Security Awareness Training (6 min)
7. Ethical Hacking (13 min)
8. Symmetric Cryptography (19 min)
9. Asymmetric Cryptography (24 min)
10. Fire (16 min)
11. Physical Security (13 min)
12. Electric Power (12 min)
13. OSI Lower Layers (29 min)
14. OSI Upper Layers (24 min)
15. Firewalls (21 min)
16. VPNs (27 min)
17. Attacks (21 min)
18. Authentication Concepts (9 min)
19. Multifactor Authentication (15 min)
20. Centralized Management (17 min)
21. SSO and Security Threats (25 min)
22. Computing System Evaluations (15 min)
23. Security Model Details (11 min)
24. Availability and Integrity Design (14 min)
25. IDS and IPS (17 min)
26. Controls for Operational Security (19 min)
27. Separation of Duties (18 min)
28. Backups and Media (16 min)
29. DR and BC (20 min)
30. Malware (14 min)
31. Evidence (12 min)
32. Laws and Liability (10 min)
33. Incident Response (15 min)
34. System and Software Security (16 min)
35. Virtualization and Cloud (13 min)
36. 2700x (6 min)
37. Federated Identities (11 min)
38. EPA (16 min)
39. Monitoring and More (12 min)

Welcome to CISSP


[MUSIC PLAYING] Hello. My name is Keith Barker. And on behalf of the entire CBT Nuggets family, welcome to CISSP. Let's begin. I'd like to chat with you for a moment about how you and I can optimize our time and get the absolute most from this course as we go through it and enjoy it together.


The first thing we have to look at is time. (SINGING) Time keeps on slipping, slipping, slipping into the future. And it will continue to go forward. And what you and I want to do is schedule time, measurable time to go through this course together. So take a few minutes and sit down with whatever calendar system you use and carve out times-- maybe 15 or 20 minutes a day-- that you and I can go through these videos and enjoy them together.


Now one of the things that happens to me, and this is a fairly recent discovery. Probably within the last year, I discovered this. Is that if there's something I know I should do, there's a little dialogue that goes on in my head. For example, let's say it's 8 o'clock, and it's time to spend 15 minutes studying or going through something-- and what I see on my calendar is the meeting or the time, and then in my mind I have this little voice that says, I don't want to!


Or I don't have to! Or something like that. And we all have this little voice in our heads that's telling us or talking to us, almost all the time. Now, if you just thought to yourself, I don't have a little voice that talks to me all the time, that's the voice.


And here's what I like to do. If you find yourself and your scheduled for a study session and you know it's time-- I'd like you to pay attention to what your voice is telling you. Maybe it's saying, I don't have to, or I shouldn't, or I'll do it later.


And what I'd like you to do is go ahead and change that voice. Go ahead and use a voice that says something like, hey, you know what? It would probably be a really great idea to go ahead and study right now. So do it in your nicest voice possible. Or visualize the results of doing the study.


Visualize yourself having a great time going through the Nuggets, going through the videos. And oftentimes, if you're suffering from procrastination, that will help you. If you simply frame it better, or put a different voice to it, to go ahead and get started.


And I remember somebody saying-- I think it may have been Mary Poppins, I'm not sure-- who said, well begun is half done. I mean, once we start something, once we get into a Nugget together, it is a ton of fun. And so I'm looking forward to spending regular time with you as we enjoy this content together.


The other thing I'd have you do is visit ISC Squared's website to make sure that all the nitty gritty on their prerequisites and how many years of experience do you need to have and how many domains of security-- they've got all those details up on their site.


So make sure you visit that site and are clear on what their requirements are. And basically, they boil down to this. For a CISSP Certification, they want you to have five years of professional, real world experience in at least two of the eight domains in the current blueprint for the CISSP.


And they do have some waivers for one of those five years. So you could have four years' experience and some education in another area. And all those details are up at ISC Squared's website. Now we all come from different backgrounds and have different experiences, but we all learn very similar.


In fact, we learn through a lot of our senses. Through vision, through things we see visually or things that we touch or things that we hear. And its usually combinations of that. And the exciting thing I wanted to share with you right now is that we can get even more out of this training if you use a couple of techniques that will help us embed that learning and really internalize it.


And that involves visualization and imagination. For example, let's say we're discussing in a Nugget, we're talking about physical security. And we're talking about a man trap and the benefits of a man trap. And as we've discussed that topic, you may want to pause the video and just visualize for yourself, where would be a great place for a, quote unquote, mantrap?


Or where have I seen a man trap? Or in our building, do we have a man trap? And visualize somebody going through it. And what that will do for both of us, it will help reinforce the concept that, yeah, a man trap can help enforce physical security. It can help mitigate things like tailgating and piggybacking.


As it reinforces those concepts that we've learned together in the Nugget. So using visualization and your powerful imagination to reinforce what we're learning will help that information sink in. Not only will they assist you in doing well and your CISSP Certification exam.


They will also help you in the real world as we design and implement secure systems. One of the other secrets that has helped me over my life-- and I'd like to share with you and encourage you to join me in this-- is the ability to commit. When I commit to something, and I do it publicly-- for example, I'll tell my wife.


Or I'll tell my kids. Or I'll put it up on Facebook or on Twitter-- basically, if I have committed, I've set the expectation and there's a little bit of positive pressure on me to go ahead and deliver once I've made that commitment. And so what I'd like to invite you to do, within the next 24 hours, is I'd like to invite you to commit on a date by which you will get your CISSP Certification.


And let's back that up a little bit because there's actually two commitments that I think will be very helpful as you and I go through this content together. Number one, I'd like you to commit to time. Commit to the great 15 or 20 minutes that we can spend on a daily basis as we go through the content.


And then, secondly, commit to a date-- a future date-- where you will become a CISSP certified individual. And I remember somebody sharing with me the idea that if our why is strong enough, the how will be taken care of. For example, if we want something so badly, and that's our major focus, we will find a way to accomplish that, if it's at all possible.


And trust me, my friend, the CISSP is absolutely possible. I took my first CISSP exam back in 2010. And back in those days, it was a paper exam. Oh my gosh! It was miserable! It was six hours long, and we had to fill in little bubbles on the sheet. And there's 250 questions.


25 of those-- 10%-- of those questions that are mixed in are not graded. They're used for experimental purposes and testing purposes for ISC Squared, but they're not graded. And we don't know which of the questions are graded and which aren't. So we're going to the best on every single question that we have.


So, again, back in 2010, after I took the exam, then we had to wait a period of time-- a few weeks I think it was-- before we got emailed our results. And I was like-- when I left that exam, what I took out of that-- I'd just been beat up. I have no idea if I passed that or not.


There were some wacky, weird questions about all kinds of stuff. And I was lucky enough to pass that first time. And in my preparation for that study, I used primarily a book. I used Sean Harris's book as a study aid. And I also realized that most people who are approaching these CISSP and the studies for CISSP have lots of resources that they're going to draw on.


And that's great. The more, the merrier. The one thing, though, that in these Nuggets that we get to enjoy together is these will very likely be the most memorable and enjoyable content that is specifically designed to get you ready up and running for that CISSP Certification exam.


Now in 2015, ISC Squared updated and revised the CISSP Certification exam based on the eight new domains from the blueprint. And I have, in the last couple of months, also taking that exam. And let me tell you what? I think it's much, much more fair and pleasant exam than the earlier one I took back in 2010.


And let me share with you what I noticed. I noticed a lot of questions that felt like saying, most. Like what is the most effective way to do this? Or what is the best way? Or the least intrusive method? And that one is milked like seven ways to Sunday.


So we may have some answers that maybe two of them are possible, but one is the best. We want to choose the best. Also, virtually all the questions are multiple guess. For example, four possible answers. We're simply asked to choose the correct answer.


And now because the exam is delivered digitally, there also is the opportunity to slide in, for example, maybe some drag and drop or some other very minor interactive exercises. But nothing beyond the scope of what's in the blueprint. And even though it is now delivered digitally, so we go to a VUE testing center to take it, it's not just any VUE testing center.


So when you register and schedule for this exam, they've got select testing centers that have extra security measures to help protect the integrity of the exam. So the reason I mention that-- if you go to a testing center frequently that's like two or three miles from your home, you may want to just look ahead and see which exams or which testing centers deliver this exam, because you may have to travel a little bit further to a more secure testing center.


And that was pretty cool. They use multi-factor authentication to verify who we are. They had a palm reader. Not the psychic. Another psychic kind that reads your palm, but a palm reader as in the biometric reader. And you can take breaks during that six hours.


So what I did is I brought a bag with some fruit and some water bottles. And then I probably took three or four breaks during the time, just to make sure I was up and at my best. And the CISSP Certification exam is like a mile wide and I'd like to see an inch deep, but it's probably an inch and a half to two inches deep.


And as you and I go through this course together, you may be really, really good at some areas already. And that's great. You can take those as, hey, this is my field of expertise. Maybe it's programming or networking or cloud based services. Whatever it happens to be.


You can take extra comfort in knowing that you already have that background. In areas that you're not quite as familiar with, our objective in this course is to help you get that basic understanding, focusing on a security perspective in those other areas so that you can be better prepared to address any questions that might come up in the CISSP exam based on those domains.


Got a little excited. Went a little sidetracked there. If you're ready to commit, for example, 15 or 20 minutes a day, five days a week, or six days a week-- I would love to hear about that commitment. And one of the best ways that you can commit to that to me and publicly is to do it on my Facebook page or do it via Twitter.


Either way is great. So here's the information with how to connect with me on either my Facebook page or on Twitter. And what I would love to see is your commitment. Something like, I commit to 15 minutes a day, five days a week for CISSP study. Or I commit to CISSP certification by this month, this year.


And then once it's out there, and I've seen it, it's then my encouragement to you to keep on keeping on. It is absolutely worth it. In fact, one of the techniques that helps me as I look forward to some future goal, is to imagine I've already achieved it.


For example, just for a moment, I'd like you to visualize or imagine yourself a year in the future. And in that future version of yourself, I'd like you to imagine that you've got your CISSP, you're applying those skills, and you're feeling great. And I'd like you to not only just see yourself as that future version of yourself this passed the CISSP, but maybe just float into that.


Try it on for size. How does it feel to be a CISSP certified individual? You can put in on your business card. When people ask you, are you see CISSP Certified? You say, yes! And they go, wow, that's amazing! Or at work, you're getting promotions or responsibilities or raises based on that certification.


You're being trusted more because you have that foundation of knowledge that you demonstrated by becoming a CISSP. And then you can apply that feeling-- that positive, confident, happy feeling regarding accomplishment and success regarding the CISSP, and we can apply that feeling now, as we take the steps together one by one towards that goal of getting you your CISSP certification.


And my friend. It is totally worth it. And secondly, you can totally do this. So I invite you to commit publicly, and then we'll enjoy that journey together. Now bringing yourself back to this moment where we are together right now, I also have some additional resources I'd like to share with you.


And I think the easiest way to share those with you is through the NuggetLab files. So, at some point, from a computer you want to open up this course, go to the NuggetLab files link over on the right and download the NuggetLab files. And those files will be some additional support information regarding learning the concepts and techniques in CISSP.


I've pulled from a lot of various resources for those files. And I think it would be beneficial for you to have them and also to review those files. So in this Nugget, we've identified that it's important to schedule the time, visualize and imagine the technologies and concepts as we discuss them together to help reinforce them in your mind, and as we commit the time to enjoy these Nuggets together and commit to becoming CISSP certified, we can then enjoy the process of becoming CISSP certified as we watch, learn, and conquer.


And it is time for our assessment check. Now, I was going to just tell you about assessment checks, but I thought, hey, let's experience it together. And then you can totally get it. At the end of almost every Nugget, I'm going to have a little assessment check that will help reinforce a few of the concepts that we've talked about learned together in that video.


And I'm going to mix it up a little bit, so it's not always the same as far as style wise. Sometimes we'll read each question, talk about the answer. And other times I'll let you read the three questions, I'll put on some music for a few seconds, and then we'll come back and review them together.


And yet, at other times, I may ask you to go back into the Nugget to dig out the answer if you didn't quite get it the first time through. So here's what I love to do. I'm going to go ahead and let you read these three questions. Then we'll come back in a few moments, and we'll compare answers.


Good luck, my friend. [MUSIC PLAYING] Well, how did you do? Let's take a look. Question number one: what is one of the first steps to enjoying the videos? And you know, there are several steps that we could take for the videos. For example, a membership to CBT Nuggets and access to the content, that would certainly be one of the steps.


But based on this Nugget, one of the first steps to enjoying the videos is to committing to the time. Making time to enjoy the Nuggets and committing to that time will also help reinforce that behavior. So that's one of the very first steps, I would say, is to commit time to enjoy the videos.


Question number two. How can you commit publicly? And there are several possibilities. To commit publicly you could go ahead and commit to your family, your friends that you're going to pursue this. You could commit to me up on Twitter or Facebook or both.


And by doing so it will help you with a little bit of added positive pressure to help you reach your goals. And our entire objective in this course is for you and I to continually improve. And one of my responsibilities that I get to enjoy as part of that is making the learning experience better and easier for you, the IT Professional, as we go through this course together.


And a big part of that is taking complicated topics and breaking it down and making it simple and fun to understand. And question number three. Where some additional resources from Keith? And although there are lots of various resources, including books and videos and so forth, the resources associated with this CBT Nuggets course are the NuggetLab files that are on the CBT Nugget's website.


So you go to this course, open the video, and over to the right will be the NuggetLab files. I would encourage you to download those. And then you can have those additional resources for yourself as we take those steps towards the goal of CISSP Certification.


Hey, thanks for joining me in this Nugget. I look forward to seeing you in the very next video. Until then, I hope this has been informative for you, and I'd like to thank you for viewing.

CIA Concepts



Control Types

Security Awareness Training

Ethical Hacking

Symmetric Cryptography

Asymmetric Cryptography


Physical Security

Electric Power

OSI Lower Layers

OSI Upper Layers




Authentication Concepts

Multifactor Authentication

Centralized Management

SSO and Security Threats

Computing System Evaluations

Security Model Details

Availability and Integrity Design


Controls for Operational Security

Separation of Duties

Backups and Media

DR and BC



Laws and Liability

Incident Response

System and Software Security

Virtualization and Cloud


Federated Identities


Monitoring and More

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 10 hrs 39 videos


Training Features

Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Our iOS and Android mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Develop and maintain a study plan with one-to-one assistance from coaches.

Supplemental Files
Files/materials that supplement the video training.

Speed Control
Play videos at a faster or slower pace.

Included in this course
Pick up where you left off watching a video.

Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Follow what the trainers are saying with ease.
Keith Barker
Nugget trainer since 2012