|Upcoming Dates||Class Times||Class Format||Quote|
|Sep 28 - Oct 16, 2020||10:00 AM - 6:00 PM||Instructor-Led||Quote|
CISSP & EC-Council CEH/ECSA
CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam. This course reveals the necessary tools and techniques used by system administrators to defeat attacks and hack-proof their networks.
Ethical Hacking and Countermeasures will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems.
EC-Council's Certified Security Analyst program is a highly interactive security class designed to teach Security Professionals the advanced uses of the methodologies, tools and techniques required to perform comprehensive information security tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the tools and ground breaking techniques for security and penetration testing, this class will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify security problems, they also learn how to avoid and eliminate them, with the class providing complete coverage of analysis and network security-testing topics.
To qualify for a re-sit of the Official ISC2 CISSP course, a student must have attempted the exam and failed before a free re-sit is permitted.
A foundational knowledge of computers Operating Systems and Networking protocols.
Reimbursement of the CISSP exam scheduled through ISC2.
CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam.
Led by an authorized instructor, this training course provides a comprehensive review of information security concepts and industry best practices, covering the 8 domains of the CISSP CBK:
- Security and Risk Management
- Asset Security
- Security Engineering
- Communications and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security
Who should attend?
This training course is intended for professionals who have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training seminar is ideal for those working in positions such as, but not limited to:
- Security Consultant
- Security Manager
- IT Director/Manager
- Security Auditor
- Security Architect
- Security Analyst
- Security Systems Engineer
- Chief Information Security Officer
- Director of Security
- Network Architect
The CISSP Helps You:
- Validate your proven competence gained through years of experience in information security
- Demonstrate your technical knowledge, skills, and abilities to effectively develop a holistic security program set against globally accepted standards
- Differentiate yourself from other candidates for desirable job openings in the fast-growing information security market
- Affirm your commitment to the field and ongoing relevancy through continuing professional education and understanding of the most current best practices
- Gain access to valuable career resources, such as networking and ideas exchange with peers
The CISSP Helps Employers:
- Protect against threats with qualified professionals who have the expertise to competently design, build, and maintain a secure business environment
- Ensure professionals stay current on emerging threats, technologies, regulations, standards, and practices through the continuing professional education requirements
- Increase confidence that candidates are qualified and committed to information security
- Ensure employees use a universal language, circumventing ambiguity with industry-accepted terms and practices
- Increase organizations' credibility when working with clients and vendors
- Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference)
- Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organization's information assets
- Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity
- Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise.
- Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture.
- Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process
- Protect and control information processing assets in centralized and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently.
- Understand the Software Development Life Cycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security
To qualify for a re-sit of the Official CISSP course, a student must have attempted the exam and failed before a free re-sit is permitted.
Candidates must have a minimum of five (5) years of cumulative paid full-time professional security work experience in two or more of the 8 domains of the CISSP CBK.
Candidates may receive a one year experience waiver with a four-year college degree, or regional equivalent OR additional credential from the approved list, thus requiring four (4) years of direct full-time professional security work experience in two or more of the ten domains of the CISSP CBK.
Candidates who have not completed the 5 years of experience to take the CISSP, can take an Associate CISSP exam. This will give them a credential showing their knowledge until they are able to meet the experience requirements for the CISSP.
Security and Risk Management
- Security governance principles
- Legal and regulatory issues
- Professional ethic
- Security policies, standards, procedures and guidelines
- Information and asset classification
- Ownership (e.g. data owners, system owners)
- Protect privacy
- Appropriate retention
- Data security controls
- Handling requirements (e.g. markings, labels, storage)
- Engineering processes using secure design principles
- Security models fundamental concepts
- Security evaluation models
- Security capabilities of information systems
- Security architectures, designs, and solution elements vulnerabilities
- Web-based systems vulnerabilities
- Mobile systems vulnerabilities
- Embedded devices and cyber-physical systems vulnerabilities
- Site and facility design secure principles
- Physical security
Communication and Network Security
- Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
- Secure network components
- Secure communication channels
- Network attacks
Identity and Access Management
- Physical and logical assets control
- Identification and authentication of people and devices
- Identity as a service (e.g. cloud identity)
- Third-party identity services (e.g. on-premise)
- Access control attacks
- Identity and access provisioning lifecycle (e.g. provisioning review)
Security Assessment and Testing
- Assessment and test strategies
- Security process data (e.g. management and operational controls)
- Security control testing
- Test outputs (e.g. automated, manual)
- Security architectures vulnerabilities
- Investigations support and requirements
- Logging and monitoring activities
- Provisioning of resources
- Foundational security operations concepts
- Resource protection techniques
- Incident management
- Preventative measures
- Patch and vulnerability management
- Change management processes
- Recovery strategies
- Disaster recovery processes and plans
- Business continuity planning and exercises
- Physical security
- Personnel safety concerns
Software Development Security
- Security in the software development lifecycle
- Development environment security controls
- Software security effectiveness
- Acquired software security impact
CEH Version 10 will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system.
Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive class they will have hands on understanding and experience in Ethical Hacking.
This course prepares you for EC-Council Certified Ethical Hacker (Exam 312-50)
Who Should Attend
This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
The Certified Ethical Hacker certification (Exam 312-50) will be conducted on the last day of training. Students need to pass the online Prometric exam to receive CEH certification.
A foundational knowledge of computers Operating Systems and Networking protocols.
Module 01: Introduction to Ethical Hacking
Module 02: Footprinting and Reconnaissance
Module 03: Scanning Networks
Module 04: Enumeration
Module 05: Vulnerability Analysis
Module 06: System Hacking
Module 07: Malware Threats
Module 08: Sniffing
Module 09: Social Engineering
Module 10: Denial-of-Service
Module 11: Session Hijacking
Module 12: Evading IDS, Firewalls, and Honeypots
Module 13: Hacking Web Servers
Module 14: Hacking Web Applications
Module 15: SQL Injection
Module 16: Hacking Wireless Networks
Module 17: Hacking Mobile Platforms
Module 18: IoT Hacking
Module 19: Cloud Computing
Module 20: Cryptography
The ECSA v10 penetration testing course provides you with a real world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching the students how to document and write a penetration testing report.
The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH) and enhances your ability into full exploitation by teaching you how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology. It focuses on pentesting methodology with an emphasis on hands-on learning
Who Should Attend
- Ethical Hackers
- Penetration Testers
- Network server administrators
- Firewall Administrators
- Security Testers
- System Administrators and Risk Assessment professionals
A foundational knowledge of computers Operating Systems and Networking protocols & the CEH certification.
Module 01: Introduction to Penetration Testing and Methodologies
Module 02: Penetration Testing Scoping and Engagement Methodology
Module 03: Open-Source Intelligence (OSINT) Methodology
Module 04: Social Engineering Penetration Testing Methodology
Module 05: Network Penetration Testing Methodology – External
Module 06: Network Penetration Testing Methodology – Internal
Module 07: Network Penetration Testing Methodology – Perimeter Devices
Module 08: Web Application Penetration Testing Methodology
Module 09: Database Penetration Testing Methodology
Module 10: Wireless Penetration Testing Methodology
Module 11: Cloud Penetration Testing Methodology
Module 12: Report Writing and Post Testing Actions
Self Study Modules
This is an Essential Prerequisite as it helps you to prepares you the ECSA courseware. Serves as a base to build Advanced Pen Testing Concepts
Module 1. Penetration Testing Essential Concepts
Module 2. Password Cracking Penetration Testing
Module 3. Denial-of-Service Penetration Testing
Module 4. Stolen Laptop, PDAs and Cell Phones Penetration Testing
Module 5. Source Code Penetration Testing
Module 6. Physical Security Penetration Testing
Module 7. Surveillance Camera Penetration Testing
Module 8. VoIP Penetration Testing
Module 9. VPN Penetration Testing
Module 10. Virtual Machine Penetration Testing
Module 11. War Dialing
Module 12. Virus and Trojan Detection
Module 13. Log Management Penetration Testing
Module 14. File Integrity Checking
Module 15. Telecommunication and Broadband Communication Penetration Testing
Module 16. Email Security Penetration Testing
Module 17. Security Patches Penetration Testing
Module 18. Data Leakage Penetration Testing
Module 19. SAP Penetration Testing
Module 20. Standards and Compliance
Module 21. Information System Security Principles
Module 22. Information System Incident Handling and Response
Module 23. Information System Auditing and Certification
Cyber Security Course is your best choice for CISSP CEH ECSA, CISSP CEH ECSA training, CISSP CEH ECSA certification, CISSP CEH ECSA boot camp, CISSP CEH ECSA certification training, CISSP CEH ECSA certification course, CISSP CEH ECSA course, CISSP CEH ECSA class.