Description
This class is primarily aimed at helping Information Security Practitioners prepare for the CISSP CBK exam. In addition, the class is extremely useful for anyone preparing for CISM, CISA, or other formal exams in Information Security or IT Controls. It is also relevant to audit staff who validate and verify their core IT systems and any risk-related personnel who rely on IT for maintaining their corporate and customer systems.
Increasing reports of targeted hacker attacks. Data leakage in all directions. Viruses, worms, and other forms of computer crime. Heightened attention to corporate governance. Today’s organizations are under increasing pressure to ensure the effectiveness of their information security efforts while using virtualization and cloud computing and as a result, information security has become a priority business issue. Yet in spite of their far-reaching strategic business implications, security threats and vulnerabilities are still often misunderstood and underestimated by line and IT management. To further add to the confusion, this vital function is often viewed mostly as a technology issue.
In this intense information-packed five-day seminar, attendees will cover all aspects of the ISC2 Common Body of Knowledge (CBK) in conjunction with evaluating methods and tools required for essential elements needed to construct or audit a comprehensive information security framework. You will gain a business-oriented, architectural perspective that defines how to organize and oversee a risk-based enterprise information security program, blending both theories and best management practices with key physical and information technology safeguards. We will cover Security and Risk Management; Asset Security; Security Engineering; Communications and Network Security; Identity and Access Management; Security Assessment and Testing; Security Operations; and Software Development Security.
To ensure that you gain proper familiarity with industry best practices, legislation, and professional standards for information security, key references and yardsticks for the material you will learn include but are not limited to: ISC2 Common Body of Knowledge (CBK), ISO-27001/27002, Payment Card Industry Data Security Standard (PCI DSS), Common Criteria, Information Technology Infrastructure Library (ITIL), and a wide array of IT and security-related publications from the Internet Engineering Task Force (IETF), Institute of Electrical and Electronics Engineers (IEEE), Federal Financial Institutions Examination Council (FFIEC), US National Institute of Standards and Technology (NIST), Defense Information Systems Agency (DISA), US National Security Agency (NSA), and leading IT suppliers.
The MISTI instructors for this class have previously worked closely with one or more of the Information Security Certification organizations (such as ISC2) as Senior Instructors and recognized as leading experts in this field. To reinforce what you learn in the course and to aid anyone preparing for prominent information security certification examinations, you will be provided with unit and course review exercises. Come prepared for five days of intensive learning and return to your office with the foundation of knowledge and know-how needed to take the CISSP exam (or similar) but even more importantly, to help guide your organization as it develops or revises its information security program..