Course: Security

• 1.0 Intro
  • Pretest Intro
  • Questions
  • Pretest Summary
  • Intro to Ethical Hacking
• 2.0 Footprinting & Reconnaissance
• 3.0 Scanning Networks
• 4.0 Enumeration
• 5.0 System Hacking
• 6.0 Trojans & Backdoors
• 7.0 Viruses & Worms
• 8.0 Denial of Service
• 9.0 Social Engineering
• 10.0 Sniffers
• 11.0 Session Hijacking
• 12.0 Hacking Web Servers
• 13.0 Web Application Vulnerabilities
• 14.0 SQL Injection
• 15.0 Hacking Wireless Networks
• 16.0 Evading IDS, Firewalls & Honeypots
• 17.0 Buffer Overflows
• 18.0 Cryptography & Steganography
• 19.0 Metasploit for Penetration Testing
  • Business Process
  • Lab Suggestions

For more information, contact one of our course advisors

No additional materials are required for this course.

For more information, contact one of our course advisors

• CISM Introduction
• Information Security
• Business Goals Objectives and Functions
• Business Goals and Information Security
• Information Security Threats
• Information Security Management
• Identity Management
• Data Protection
• Network Security
• Personnel Security
• Facility Security
• Security Compliance and Standards
• Information Security Strategy
• Inputs and Outputs of the Information Security Strategy
• Process in an Information Security Strategy
• People in an Information Security Strategy
• Technologies in an Information Security Strategy
• Logical And Physical Information Security Strategy Architectures
• Information Security And Business Functions
• Information Security Policies And Enterprise Objectives
• International Standards For The Security Management
• I S O- I E C27000 Standards
• International Info Government Standards
• Information Security Government Standards In The United States
• Methods Of Coordinating Information Security Activities
• How To Develop An Information Security Strategy
• Information Security Governance
• Role Of The Security In Governance
• Scope Of Information Security Governance
• Charter Of Information Security Governance
• Information Security Governance And Enterprise Governance
• How To Align Information Security Strategy With Corporate Governance
• Regulatory Requirements And Information Security
• Business Impact Of Regulatory Requirements
• Liability Management
• Liability Management Strategies
• How To Identify Legal And Regulatory Requirements
• Business Case Development
• Budgetary Reporting Methods
• Budgetary Planning Strategy
• How To Justify Investment In Info Security
• Organisational Drivers
• Impact Of Drivers On Info Security
• Third Party Relationships
• How To Identify Drivers Affecting The Organisation
• Purpose Of Obtaining Commitment To Info Security
• Methods For Obtaining Commitment
• ISSG
• ISSG Roles And Responsibilities
• ISSG Operation
• How To Obtain Senior Managements Commitment To Info Security
• Info Security Management Roles And Responsibilities
• How To Define Roles And Responsibilities For Info Security
• The Need For Reporting And Communicating
• Methods For Reporting In An Organisation
• Methods Of Communication In An Organisation
• How To Establish Reporting And Communicating Channels

For more information, contact one of our course advisors

• Risk
• Risk Assessment
• Info Threat Types
• Info Vulnerabilities
• Common Points of Exposure
• Info Security Controls
• Types Of Info Security Controls
• Common Info Security Countermeasures
• Overview Of The Risk Assessment Process
• Factors Used In Risk Assessment And Analysis
• Risk Assessment Methodologies
• Quantitative Risk Assessment- Part 1
• Quantitative Risk Assessment- Part 2
• Qualitative Risk Assessment
• Hybrid Risk Assessment
• Best Practices For Info Security Management
• Gap Analysis
• How To Implement An Info Risk Assessment Process
• Info Classification Schemas
• Components Of Info Classification Schemas
• Info Ownership Schemas
• Components Of Info Ownership Schemas
• Info Resource Valuation
• Valuation Methodologies
• How To Determine Info Asset Classification And Ownership
• Baseline Modeling
• Control Requirements
• Baseline Modeling And Risk Based Assessment Of Control Requirements
• How To Conduct Ongoing Threat And Vulnerability Evaluations
• BIAs
• B I A Methods
• Factors For Determining Info Resource Sensitivity And Critically
• Impact Of Adverse Events
• How To Conduct Periodic BIAs
• Methods For Measuring Effectiveness Of Controls And Countermeasures
• Risk Mitigation
• Risk Mitigation Strategies
• Effect Of Implementing Risk Mitigation Strategies
• Acceptable Levels Of Risk
• Cost Benefit Analysis
• How To Identify And Evaluate Risk Mitigation Strategies
• Life Cycle Processes
• Life Cycle- Based Risk Management
• Risk Management Life Cycle
• Business Life Cycle Processes Affected By Risk Management
• Life Cycled- Based Risk Management Principles And Practices
• How To Integrate Risk Management Into Business Life Cycle Processes
• Significant Changes
• Risk Management Process
• Risk Reporting Methods
• Components Of Risk Reports
• How To Report Changes In Info Risk

• Info Security Strategies
• Common Info Security Strategies
• Info Security Implementation Plans
• Conversation Of Strategies Into Implementation Plans
• Info Security Programs
• Info Security Program Maintenance
• Methods For Maintaining An Info Security Program
• Succession Planning
• Allocation Of Jobs
• Program Documentation
• How To Develop Plans To Implement An Info Security Strategy
• Security Technologies And Controls
• Cryptographic Techniques
• Symmetric Cryptography
• Public Key Cryptography
• Hashes
• Access Control
• Access Control Categories
• Physical Access Controls
• Technical Access Controls
• Administrative Access Controls
• Monitoring Tools
• IDSs
• Anti- Virus Systems
• Policy-Compliance Systems
• Common Activities Required In Info Security Programs
• Prerequisites For Implementing The Program
• Implementation Plan Management
• Types Of Security Controls
• Info Security Controls Development
• How To Specify Info Security Program Activities
• Business Assurance Function
• Common Business Assurance Functions
• Methods For Aligning Info Security Program With Business Assurance Functions
• How To Coordinate Info Security Programs With Business Assurance Functions
• SLAs
• Internal Resources
• External Resources
• Services Provided By External Resources- Part 1
• Services Provided By External Resources- Part 2
• Skills Commonly Required For Info Security Program Implementation
• Identification Of Resources And Skills Required For A Particular Implementation
• Resource Acquisition Methods
• Skills Acquisition Methods
• How To Identify Resources Needed For Info Security Program Implementation
• Info Security Architectures
• The SABSA Model For Security Architecture
• Deployment Considerations
• Deployment Of Info Security Architectures
• How To Develop Info Security Architectures
• Info Security Policies
• Components Of Info Security Policies
• Info Security Policies And The Info Security Strategy
• Info Security Policies And Enterprise Business Objectives
• Info Security Policy Development Factors
• Methods For Communicating Info Security Policies
• Info Security Policy Maintenance
• How To Develop Info Security Policies
• Info Security Awareness Program Training Programs And Education Programs
• Security Awareness Training And Education Gap Analysis
• Methods For Closing The Security Awareness Training And Education Gaps
• Security- Based Cultures And Behaviors
• Methods For Establishing And Maintaining A Security- Based Culture In The Enterprise
• How To Develop Info Security Awareness Training And Education Programs
• Supporting Documentation For Info Security Policies
• Standards Procedures Guidelines And Baselines
• Codes Of Conduct
• N D As
• Methods For Developing Supporting Documentation
• Methods For Implementing Supporting Documentation And For Communicating Supporting Documentation
• Methods For Maintaining Supporting Documentation
• C And A
• C And A Programs
• How To Develop Supporting Documentation For Info Security Policies

Demo Content

• Enterprise Business Objectives
• Integrating Enterprise Business Objectives And Info Security Policies
• Organisational Processes
• Change Control
• Merges And Acquisitions
• Organisational Processes And Info Security Policies
• Methods For Integrating Info Security Policies And Organisational Processes
• Life Cycle Methodologies
• Types Of Life Cycle Methodologies
• How To Integrate Info Security Requirements Into Organisational Processes
• Types Of Contracts Affected By Info Security Programs
• Joint Ventures
• Outsourced Provides And Info Security
• Business Partners And Info Security
• Customers And Info Security
• Third Party And Info Security
• Risk Management
• Risk Management Methods And Techniques For Third Parties
• SLAs And Info Security
• Contracts And Info Security
• Due Diligence And Info Security
• Suppliers And Info Security
• Subcontractors And Info Security
• How To Integrate Info Security Controls Into Contracts
• Info Security Metrics
• Types Of Metrics Commonly Used For Info Security
• Metric Design Development And Implementation
• Goals Of Evaluating Info Security Controls
• Methods Of Evaluating Info Security Controls
• Vulnerability Testing
• Types Of Vulnerability Testing
• Effects Of Vulnerability Assessment And Testing
• Vulnerability Correction
• Commercial Assessment Tools
• Goals Of Tracking Info Security Awareness Training And Education Programs
• Methods For Tracking Info Security Awareness Training And Education Programs
• Evaluation Of Training Effectiveness Relevance
• How To Create Info Security Program Evaluation Metrics

• Management Metrics
• Types Of Management Metrics
• Data Collection
• Periodic Reviews
• Monitoring Approaches
• KPIs
• Types Of Measurements
• Other Measurements
• Info Security Reviews
• The Role Of Assurance Providers
• Comparing Internal And External Assurance Providers
• Line Management Technique
• Budgeting
• Staff Management
• Facilities
• How To Manage Info Security Program Resources
• Security Policies
• Security Policy Components
• Implementation Of Info Security Policies
• Administrative Processes And Procedures
• Access Control Types
• ACM
• Access Security Policy Principles
• Identity Management And Compliance
• Authentication Factors
• Remote Access
• User Registration
• Procurement
• How To Enforce Policy And Standards Compliance
• Types Of Third Party Relationships
• Methods For Managing Info Security Regarding Third Parties
• Security Service Providers
• Third Party Contract Provisions
• Methods To Define Security Requirements In SLAs Security Provisions
• SDLC
• Code Development
• Common Techniques For Security Enforcement
• How To Enforce Info Security During Systems Development
• Maintenance
• Methods Of Monitoring Security Activities
• Impact Of Change And Configuration Management Activities
• How To Maintain Info Security Within An Organisation
• Due Diligence Activities
• Types Of Due Diligence Activities
• Reviews Of Info Access
• Standards Of Managing And Controlling Info Access
• How To Provide Info Security Advice And Guidance
• Info Security Awareness
• Types Of Info Security Stakeholders
• Methods Of Stakeholder Education
• Security Stakeholder Education Process
• How To Provide Info Security Awareness And Training
• Methods Of Testing The Effectiveness Of Info Security Control
• The Penetration Testing Process
• Types Of Penetration Testing
• Password Cracking
• Social Engineering Attacks
• Social Engineering Types
• External Vulnerability Reporting Sources
• Regulatory Reporting Requirements
• Internal Reporting Requirements
• How To Analyse The Effectiveness Of Info Security Controls
• Non-compliance Issues
• Security Baselines
• Events Affecting The Security Baseline
• Info Security Problem Management Process
• How To Resolve Non-compliance Issues

• Incident Response Capability
• Components of Incident Response
• BCP
• BIA Phose
• Coop
• DRP
• Alternate Sites
• Develop ABCP
• Develop ADRP
• MTD
• RPO
• RTO
• Data Backup Strategies
• Data Backup Types
• Data Restoration Strategies
• Info Incident Management Practices
• IRP
• Trigger Events and Types of Trigger Events
• Methods of Containing Damage
• How to Develop an IRP
• Escalation Process
• Notification Process
• IRT
• Crisis Communication
• How to Establish an Escalation Process
• Internal Reporting Requirements
• External Reporting Requirements
• Communication Process
• How to Develop a Communication Process
• IRP and DRP
• IRP and BCP
• Methods of Identifying Business Resources Essential to Recovery
• How to Integrate an IRP
• Role of Primary IRT Members and Role of Additional IRT Members
• Response Team Tools and Equipment
• How to Develop IRT's
• BCP Testing
• Disaster Recovery Testing
• Schedule Disaster Recovery Testing
• Refine IRP
• How to Test an IRP
• Damage Assessment
• Business Impacts Caused by Security Incidents
• How To Manage Responses To Info Security Incidents
• Computer And Digital Forensics
• Forensic Requirements For Responding To Info Security Incidents
• Evidence Life Cycle
• Evidence Collection
• Evidence Types
• Five Common Rules Of Evidence
• Chain Of Custody
• How To Investigate An Info Security Incident
• PIR Methods
• Security Incident Review Process
• Investigate Cause Of A Security Incident
• Identify Corrective Actions
• Reassess Security Risks After A Security Incident
• How To Conduct A Post-Incident Review
• Pre Test-Test Strategy
• Post Test

No other books are necessary for this course.

For more information, contact one of our course advisors

• General Concepts
• Authentication
• Principles
• Types and Categories
• Reference Monitor
• Techniques
• Models
• Passwords
• Smart Cards
• Biometrics
• Access Control Systems
• Administration
• Residuals
• Accountability
• Summary

For more information, contact one of our course advisors

• OSI Reference Model
• ISO/OSI Layers and Characteristics
• Topologies
• LAN Access Methods
• Wireless
• System and Security Management
• Internet Protocols and Security
• Firewall Terms and Types
• Web Security
• Common Attacks
• Remote Access Security
• Summary

For more information, contact one of our course advisors

• Key Concepts
• Definitions
• Key Concepts
• Risk Management
• Risk Assessment
• Useful Formulas
• 3rd Party Governance
• Information Classification
• Roles and Responsibilities
• Written Guidance
• Policies and Standards
• Employment Policies
• Employee Education Programs
• Change Management
• Summary

For more information, contact one of our course advisors

• Problems
• Databases
• Query Language
• Object Oriented
• Applications Beyond the Database
• Definitions
• Application System Development
• Controls
• Compiled vs. Interpreted
• Vulnerabilities
• Botnets
• Summary

For more information, contact one of our course advisors

• Definitions
• Cryptanalysis Terms
• Symmetric Encryption
• Asymmetric Encryption
• Hybrid Encryption
• Public Key Infrastructures
• Hash Functions
• Digital Signatures
• Protocol Based
• Pretty Good Privacy
• Cracking Techniques
• Summary

For more information, contact one of our course advisors

• Abstract Levels
• Computer Hardware
• Operating Systems
• Processors
• Types of Storage
• Information Security Architecture
• Open and Closed Systems
• Access Controls
• Architectural Foundation
• Modes of Operation
• Certification and Accreditation
• Evaluation Criteria
• Security Models
• Summary

For more information, contact one of our course advisors

• Threats in an Operating Environment
• Control Categories
• Accountability
• Trusted Recovery
• Management and Administrative Control
• Due Care and Diligence
• Hardware and Software Controls
• Email and Fax
• Privilege
• Physical Access
• Monitoring Techniques
• Problem Management
• Threats and Vulnerabilities
• Defense in Depth
• Summary

For more information, contact one of our course advisors

• The Basics
• Reasons for BCP
• Key Concepts
• Definitions
• Business Continuity Life Cycle
• Project Initiation
• Business Impact Analysis
• Assessing Risk
• Recovery Strategies
• Off-Site Requirements
• Data Redundancy
• System Backups
• Plan Development
• Testing and Maintenance
• Stages in an Incident
• Summary

• Ethics
• Code of Ethics
• Laws
• Intellectual Property
• Proprietary Rights
• Liability
• Computer Crime
• Computer Crime Laws
• Computer Investigation
• Investigation Steps
• Computer Forensics
• Evidence Admissibility
• Summary

For more information, contact one of our course advisors

• Physical Security
• Crime Prevention
• Site Design and Configuration
• Boundary Protection
• Computing Facility Requirements
• Fire Prevention
• Fire Suppression
• Fire Classes
• Media Protection
• Access Controls
• Physical Security
• Summary

For more information, contact one of our course advisors

No other materials are required for this course.

For more information, contact one of our course advisors

• 1.0 Intro to Course
  • 1.5 Intro to Forensics
• 2.0 Forensics Investigation Process
• 3.0 Searching and Seizing
• 4.0 Digital Evidence
• 5.0 First Responder Procedures
• 6.0 Forensic Lab
• 7.0 Hard Disks and File Systems
• 8.0 Windows Forensics
• 9.0 Data Acquisition and Duplication
• 10.0 Recovering Deleted Files and Partitions
• 11.0 Using Access Data FTK and Special Steps
• 12.0 EnCase
• 13.0 Stenography
• 14.0 Passwords
• 15.0 Log Correlation
• 16.0 Network Forensics
• 17.0 Wireless Attacks
• 18.0 Web Attacks
• 19.0 Email Crimes
• 20.0 Mobile Investigation
• 21.0 Investigation Reports
• 22.0 Expert Witness

For more information, contact one of our course advisors

No other books are necessary for this course.

For more information, contact one of our course advisors

The Certified Information Security Manager (CISM) certification program was developed by ISACA to start or develop individuals careers as security managers. Once certified the CISM qualifies students to design, manage, asses and oversee an enterprise’s information security infrastructure.

For more information, click here...

The CISSP course provides you with the knowledge and skills to pass the CISSP certification, after which you'll have the ability to manage, operate, develop and plan an effective network security infrastructure.

For more information, click here...

CISAs are recognised internationally as professionals with the knowledge, skills, experience and credibility to leverage standards, manage vulnerabilities, ensure compliance, offer solutions, institute controls and deliver value to the enterprise.

For more information, click here...

No other books are necessary for this course.

For more information, contact one of our course advisors