CISSO/CISSP Training
rootcon.JPG

Spectramind is Sponcering partner for the conference

C)ISSO - C)ISSP Combo Course: Certified Information Systems Security Officer (Certification) [ 5 days ]

About the course :
Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the International Information Systems Security Certification Consortium (ISC2).

The CISSP curriculum covers subject matter in a variety of Information Security topics. The CISSP examination is based on what ISC2 terms the Common Body of Knowledge (CBK) which is a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss debate and resolve matters pertaining to the profession with a common understanding

People are the key to a secure organization. Technological solutions alone cannot protect an organization's critical information assets. Employers demanding qualified information security staff give their organizations a leading edge by providing the highest standard of security for their customers, employees, stakeholders and organizational information assets.

The CISSP certification identifies individuals as security experts who have the technical ability, understanding and experience to implement effective security practices.

This 5 day workshop will help participants prepare for the CISSP certification exam from ISC2.

Exam:
The CISSP Examination is conducted by ISC2 in 6 different languages at over 238 locations across Americas, Asia-Pacific, Europe, Middle East, Africa and Japan. Participants can register online with ISC2 for the certification exam at their preferred location. The examination is a 6 hour offline paper consisting of 250 multiple choice questions requiring a passing score of 70% which is a scaled score of 700 points on a 1000 points score to successfully clear the certification. The cost of the examination is USD 599.

Course benefit:

There are many reasons to achieve a CISSP certification:

  • Benefits of certification to the professional
  • Demonstrates a working knowledge of information security
  • Confirms commitment to profession
  • Offers a career differentiator, with enhanced credibility and marketability
  • Provides access to valuable resources, such as peer networking and idea exchange Benefits of certification to the enterprise
  • Establishes a standard of best practices
  • Offers a solutions-orientation, not specialization, based on the broader understanding of the (ISC)² CBK
  • Allows access to a network of global industry and subject matter / domain experts
  • Makes broad-based security information resources readily available
  • Adds to credibility with the rigor and regimen of the certification examinations
  • Provides a business and technology orientation to risk management

Course Description
Introduction - Case Study #1 Building a Successful Security Infrastructure
Domain1 - Information Security and Risk Management
Domain 2 - Access Control
Domain 3 - Cryptography
Domain 4 - Physical (Environmental) Security
Domain 5 - Security Architecture and Design
Domain 6 - Business Continuity and Disaster Recovery Planning
Domain 7 - Telecommunications and Network Security
Domain 8 - Application Security
Domain 9 - Operations Security
Domain 10 - Legal, Regulations, Compliance, and Investigations

Prerequisites
Anyone may attend this course, but those with experience in one or more of the 10 domains of security knowledge listed below will benefit the most.

Module 1 Introduction and Orientation
Introduction and Orientation:
CISSP Overview and Course Description:
Benefits of the CISSP certification
Layout of the CISSP course and expectations
Log on to the CISSP web site and familiarize students with the application process.
Discuss best strategies for filling out the security work history portion of the application for examination.
After Completing This Goal, Students will be Able To
Objective of Case Study #1: Demonstrate to students that Security is not only about Technology. CISSPs can create state-of-the-art infrastructures to protect confidential data but if final users are not trained accordantly, the whole strategy is a waste of money and time. The user is the weakest link in any Security Strategy.

Module 2 Information Security and Risk Management
Security management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures and guidelines that ensure confidentiality, integrity, and availability. Management tools such as data classification, risk assessment, and risk analysis are used to identify the threats, classify assets, and to rate their vulnerabilities so that effective security controls can be implemented. Risk management is the identification, measurement, control, and minimization of loss associated with uncertain events or risks. It includes overall security review, risk analysis; selection and evaluation of safeguards, cost benefit analysis, management decision, safeguard implementation, and effectiveness review.
From the ISC2:
The candidate will be expected to understand the planning, organization, and roles of individuals in identifying and securing an organization's information assets; the development and use of policies stating management's views and position on particular topics and the use of guidelines, standards, and procedures to support the policies; security awareness training to make employees aware of the importance of information security, its significance, and the specific security-related requirements relative to their position; the importance of confidentiality, proprietary and private information; employment agreements; employee hiring and termination practices; and risk management practices and tools to identify, rate, and reduce the risk to specific resources. "
Labs
Case Studies

Module 3 Access Control
Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It permits management to specify what users can do, which resources they can access, and what operations they can perform on a system. The candidate should fully understand access control concepts, methodologies and implementation within centralized and decentralized environments across the enterprise's computer systems. Access control techniques, detective and corrective measures should be studied to understand the potential risks, vulnerabilities, and exposures.
Labs
Case Studies

Module 4 Cryptography
The Cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality, and authenticity. The candidate will be expected to know basic concepts within cryptography; public and private key algorithms in terms of their applications and uses; algorithm construction, key distribution and management, and methods of attack; and the applications, construction and use of digital signatures to provide authenticity of electronic transactions, and non-repudiation of the parties involved.
Labs
Case Studies

Module 5 Physical Environmental Security
The Physical Security domain addresses the threats, vulnerabilities, and countermeasures that can be utilized to physically protect an enterprise's resources and sensitive information. These resources include people, the facility in which they work, and the data, equipment, support systems, media, and supplies they utilize.
From the ISC2:
"The candidate will be expected to know the elements involved in choosing a secure site, its design and configuration, and the methods for securing the facility against unauthorized access, theft of equipment and information, and the environmental and safety measures needed to protect people, the facility, and its resources. "
Labs
Case Studies

Module 6 Security Architecture and Design
The Security Architecture and Models domain contains the concepts, principles, structures, and standards used to design, implement, monitor, and secure, operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity, and availability.
The candidate should understand security models in terms of confidentiality, integrity, information flow, commercial vs. government requirements; system models in terms of the Common Criteria, international (ITSEC), United States Department of Defense (TCSEC), and Internet (IETF IPSEC); technical platforms in terms of hardware, firmware, and software; and system security techniques in terms of preventative, detective, and corrective controls
Labs
Case Studies

Module 7 Business Continuity Disaster Recovery Planning
The Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) domain addresses the preservation of the business in the face of major disruptions to normal business operations. BCP and DRP involve the preparation, testing and updating of specific actions to protect critical business processes from the effect of major system and network failures. Business Continuity Plans counteract interruptions to business activities and should be available to protect critical business processes from the effects of major failures or disasters. It deals with the natural and
man-made events and the consequences if not dealt with promptly and effectively. Business Impact Assessment determines the proportion of impact an individual business unit would sustain subsequent to a significant interruption of computing or telecommunication services. These impacts may be financial, in terms of monetary loss, or operational, in terms of inability to deliver.
Disaster Recovery Plans contain procedures for emergency response, extended backup operation and post-disaster recovery should a computer installation experience a partial or total loss of computer resources and physical facilities. The primary objective of the Disaster Recovery Plan is to provide the capability to process mission-essential applications, in a degraded mode, and return to normal mode of operation within a reasonable amount of time.
From the ISC2:
"The candidate will be expected to know the difference between business continuity planning and disaster recovery; business continuity planning in terms of project scope and planning, business impact analysis, recovery strategies, recovery plan development, and implementation. The candidate should understand disaster recovery in terms of recovery plan development, implementation and restoration. "

Module 8 Telecommunications Network Security
Telecommunications and Network Security domain encompasses the structures, transmission methods, transport formats, and security measures used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media. The candidate is expected to demonstrate an understanding of communications and network security as it relates to voice communications; data communications in terms of local area, wide area, and remote access; Internet/Intranet/Extranet in terms of Firewalls, Routers, and TCP/IP; and communications security management and techniques in terms of preventive, detective and corrective measures.

Module 9 Application Security
Applications and systems development security refers to the controls that are included within systems and applications software and the steps used in their development. Applications refer to agents, applets, software, databases, data warehouses, and knowledge-based systems. These applications may be used in distributed or centralized environments.
From the ISC2:
"The candidate should fully understand the security and controls of the systems development process, system life cycle, application controls, change controls, data warehousing, data mining, knowledge-based systems, program interfaces, and concepts used to ensure data and application integrity, security, and availability. "

Module 10 Operations Security
Operations Security is used to identify the controls over hardware, media, and the operators with access privileges to any of these resources. Audit and monitoring is the mechanisms, tools and facilities that permit the identification of security events and subsequent actions to identify the key elements and report the pertinent information to the appropriate individual, group, or process. Operations Security covers the knowledge of what resources must be protected, what privileges should be restricted, the control mechanisms available, the potential for abuse of access, the appropriate controls, and the principles of good practice.
Labs
Case Studies

Module 11- Legal, Regulations, Compliance and Investigation
The Law, Investigations, and Ethics domain addresses computer crime laws and regulations; the investigative measures and techniques which can be used to determine if a crime has been committed, methods to gather evidence if it has, as well as the ethical issues and code of conduct for the security professional.
Incident handling provides the ability to react quickly and efficiently to malicious technical threats or incidents.
From the ISC2:
"The candidate will be expected to know the methods for determining whether a computer crime has been committed; the laws that would be applicable for
the crime; laws prohibiting specific types of computer crime; methods to gather and preserve evidence of a computer crime, investigative methods and techniques; and ways in which RFC 1087 and the (ISC) 2™ Code of Ethics can be applied to resolve ethical dilemmas. "
Labs
Case Studies

Final Review Test
Students will take a 50 question final review test, covering all the CBK,
Review Test Scoring and Q & A: Grade tests out loud for self-check assessment.
Field questions and clarification for areas not understood by students.
Suggest areas of further study for those that need it.

*Every effort is made to ensure the accuracy of our outlines as course information from our suppliers changes with each new revision. As a result this outline is subject to change without prior notice.

Registration Details

Course Fee:
Single Nomination:
USD 400/- OR INR 18000/-

Avail Special Discounts Avail Special Discounts Avail Special Discounts Avail Special Discounts
5% Discount for Early Bird Registrations (15 Days in advance to the program date) 5% Discount on Task force of 4 to 7 10% Discount on task Force of 8 and above 10% discount applicable to /SANS/ GIAC/CSWE/CDFE/CIHE/CISSP/CISA/ Qualified Professionals, Mile2/BA/PMI /SEG /CII/SPIN /CSI and NASSCOM Members

NOTE: Only one discount option is applicable at any time

Course Dates, Venue & Timings:

Sl.No. State City Batch1-Date Batch1-Date Batch2-Date Batch2-Date Batch3-Date Batch3-Date Batch4-Date Batch4-Date Venue Contact
01 AP Hyderabad - - 23-Apr'11 27-Apr'11 7-may'11 11-may'12 4-Jun’12 8-Jun’12 Ameerpet/Hightechcity Jason-91-40-64568797
02 Delhi Delhi/Gurgaon/Noida - - 28-Apr'12 29-Apr'12 26-May’12 27-May’12 23-Jun’12 24-Jun’12 Nehru place / Noida sector 6 Arun : 9810 328046
03 Karnataka Bangalore - - 5-May’12 6-May’12 26-MAY’12 27-May’12 2-June'12 3-June'12 DBS House 26, Cunningham Road ,Opp Indian Express Building, Bangalore - 560 052 Sundar Raj
04 Maharashtra Mumbai - - 21-Apr’12 22-Apr’12 19-May’12 20-May’12 16-Jun’12 17-Jun’12 DBS Heritage,Prescot Road,Opp. Cathedral Sr. School,Fort, Mumbai 400001. DBS Heritage (From Airport instruct the car / cab driver to drive to Fort, Fashion Street. It’s near Siddharth College, Budha Bhavan. Also there are schools like J. P. Pettit School & Cathedral Sr. School Mr.Vasudev
05 Maharashtra Pune 19-May'12 20-May'12 - - - - 30-Jun'12 1-Jul'12 Level-5, Tech Park-1, Airport Road, Yerwada, Pune - 411 006, India Mr.Manish
06 Tamilnadu Chennai - - 14-Apr'12 15-Apr'12 12-MAY'12 13-MAY'12 9-Jun’12 10-Jun’12 DBS House 31A, Cathedral Garden Rd ,Between Hotel Palmgrove and Valluvarkottam Nugambakkam,Chennai - 600034 Mr.Solomon
07 Westbengal Kolkata - - 30-Apr'12 1-May'12 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS House 10/2, Hungerford Street,Opp. Exit Gate of Saturday Club,Kolkata - 700017 Mr.Sandeep
08 Kerala Trivandrum - - 30-Apr'12 1-May'12 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS center Mr.Manoj
09 Kerala Cochin - - 30-Apr'12 1-May'12 30-May'12 31-May'12 30-Jun'12 1-Jul'12 ThomasMount ,ICTA Building,Changampuzha Nagar P.O.,Cochin- 682 033 Mr.Manoj: 9995881093
10 Tamilnadu Coimbatore - - - - 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS Center Mr.Balaji
11 Maharashtra NAGPUR - - - - 30-May'12 31-May'12 30-Jun'12 1-Jul'12 DBS House Mr.Yogesh -9890952752
12 Gujarat Ahmedabad 16-Apr'12 17-Apr'12 - - - - 30-Jun'12 1-Jul'12 Aakruti Complex,Nr. Stadium Cross Road, Navrangpura,Ahmedabad-380009, Gujarat, INDIA Mr.Alok
13 Africa Johannesburg 29-MAY'12 31-MAY'12 - - - - - - Johannesburg,Africa Mr.Kamanbedu
14 Brazil São Paulo 26-JUN'12 28-JUN'12 - - - - - - Rua Rosa e Silva, No. 137, Apt - 4,Santa Cecilia,São Paulo, Brazil. CEP - 01230-020 Mr.Abhishek Ph - (55) - (11) - 87154930
15 Philippines Manila 24-JUL'12 26-JUL'12 - - - - - - Makati ,Philippines Mr.Sandeep : (+63)-917-872-3931
16 Nepal Khatmandu 28-AUG'12 30-AUG'12 - - - - - - Khatmandu Mr.ARun
17 Republic of Mauritius mauritius 25-SEPT'12 27-SEPT'12 - - - - - - mauritius Mr.ARun
18 Srilanka Colombo 1-MAY'12 3-MAY'12 - - - - - - Colombo,Srilanka Ms.Buddhini
19 Canada Toronto 23-OCT'12 25-OCT'12 - - - - - - 203 Royal Appian Cres, Concord ON 14K513 Mrs.Vala Ph.4169391252
20 USA Boston 16-Apr'12 17-Apr'12 - - - - - - Boston,USA Mr.Gaurav
21 UK London 21-DEC'12 23-DEC'12 - - - - - - London,UK Mr. BV Rao -0044-7891461544
22 USA California 16-Apr'12 17-Apr'12 - - - - - - 12128 Skylark Rd Clarksburg MD 20871 California ,USA Mr.Prashanth Ph : 001 - 240-257-2624
23 Bangladesh Dhaka 27-NOV'12 29-NOV'12 - - - - - - Dhaka Mr.Arun
24 ARMENIA GEORGIA 8-MAY'12 10-MAY'12 - - - - - - TIBLISI,Armenia Mr.Abata
25 Honkong Honkong 27-NOV'12 29-NOV'12 - - - - - - Honkong Mr.Peter
25 SAUDIARABIA RIYADH 28-MAY'12 30-MAY'12 - - - - - - RIYADH Mr.Rasheed 96626860652

Kindly register for the courses in your cities at least 2 days in advance.
Timings: 0900 - 2100 hrs

Contact Details:

Mr. Vijay

Mobile: 0 94400 89341

Phone: 040-6456 8797

Register Online: moc.snoitulosdnimartceps|ofni#moc.snoitulosdnimartceps|ofni
Email: ni.oc.oohay|pmpaqscyajiv#ni.oc.oohay|pmpaqscyajiv

Yahoo chat : vijaycsqapmp
Google chat/Skype chat/AOL chat/ICQ chat : tiptopten2000
Hotmail/Live chat / Rediff chat : tiptopten

http://spectramindsolutions.com


Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License