Course Description
In this course, you will learn about new risks, threats, and vulnerabilities associated with the transformation to a digital world, including a look at how business, government, and individuals operate today. You will also be provided with a high-level overview of each of the seven domains within the System Security Certified Practitioner certification. You will also be given additional material on information security standards, education, professional certifications, and compliance laws.
In addition to premium instructional content from Jones & Bartlett Learning's comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized "virtual sandbox" learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice "white hat" hacking on a real IT infrastructure-these are not simulations. Winner of the "Security Training and Educational Programs" top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry's leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 20 hours of training exercises on how hackers and perpetrators use these applications and tools.
Certification:
The instructional content is adapted from the Official (ISC)2 SSCP Certified Body of Knowledge and features a SSCP practice exam as well as a coupon offer for the SSCP Review Seminar. This course covers content within the following industry certification exams:
- Certified Information Systems Security Professional (CISSP) - six content domains covered
- Security + - five content domains covered
- System Security Certified Practitioner (SSCP) - six content domains covered
- National Institute of Standards and Technology (NIST) - five content domains covered
- 8570.01 - five content domains covered
Highlights:- Concepts of information systems security as applied to an IT infrastructure
- How malicious attacks, threats, and vulnerabilities impact an IT infrastructure
- Access controls in implementing a security policy
- Operations and administration in effective implementation of security policy
- Security audits, testing, and monitoring to effective security policy
- Risk management, common response techniques, and issues related to recovery of IT systems
- How businesses apply cryptography in maintaining information security
- Network principles and architecture to security operations
- Ways attackers use to compromise systems and networks and defenses used by organizations
- Apply international and domestic information security standards and compliance laws to real-world implementation in both the private and public sector
Audience:- Information security analysts
- Payroll specialists
- IT infrastructure security specialists
- People who decide which information technology and cybersecurity products to acquire for their organization
Agenda
1. The Need for Information Security
Information Systems Security
Changing the Way People and Businesses do Business
Malicious Attacks, Threats, and Vulnerabilities
The Drivers of Information Security Business
2. The Systems Security Certified Practitioner (SSCP®) Professional Certification from (ISC)2
Access Controls
Security Operations and Administration
Auditing, Testing, and Monitoring
Risk, Response, and Recovery
Cryptography
Networks and Communications
Malicious Code and Activity
3. Information Security Standards, Education, Certification, and Laws
Information Security Standards
Information Security Education and Training
Information Security Professional Certifications
US Compliance Laws
Labs
Lab 1: Perform Reconnaissance and Probing Using ZenMap GUI (Nmap)
Lab 2: Perform a Vulnerability Assessment Scan Using Nessus®
Lab 3: Enable Windows Active Directory and User Access Controls
Lab 4: Configure Group Policy Objects and Microsoft Baseline Security Analyzer
Lab 5: Perform Protocol Capture and Analysis Using Wireshark and Netwitness Investigator
Lab 6: Perform Business Continuity Plan Implementation Planning
Lab 7: Relate Windows Encryption and Hashing to Confidentiality and Integrity
Lab 8: Perform a Website and Database Attack by Exploiting Identified Vulnerabilities
Lab 9: Perform a Virus Scan and Malware Identification Scan and Eliminate Threats
Lab 10: Craft an Information Systems Security Policy
Software used in these labs include: FileZilla, Nessus, Netwitness Investigator, PuTTY, Tftpd32, Wireshark, and Zenmap GUI. Please note that software may be updated or changed to keep pace with new data in the field.
Audience
Information security analysts
Payroll specialists
IT infrastructure security specialists
People who decide which information technology and cybersecurity products to acquire for their organization