Information Security SEC 566

Course Description

This training will teach you how to master the specific techniques and tools needed to implement and audit the Critical Controls. It will help security practitioners understand not only how to stop a threat, but why the threat exists, and how to ensure that security measures deployed today will be effective against the next generation of threats. The course shows security professionals how to implement the controls in an existing network through cost-effective automation. For auditors, CIOs, and risk officers, the course is the best way to understand how you will measure whether the Controls are effectively implemented.

What Do Participants Learn?

• Apply a security framework based on actual threats that is measurable, scalable, and reliable in stop- ping known attacks and protecting organizations' important information and systems
• Understand the importance of each control, how it is compromised if ignored, and explain the defesive goals that result in quick wins and increased visibility of network and systems
• Identify and utilize tools that implement controls through automation
• Learn how to create a scoring tool for measuring the effectiveness of each controls the effectiveness of each control
• Employ specific metrics to establish a baseline and measure the effectiveness of security controls
• Understand how critical controls map to standards such as NIST 800-53, ISO 27002, the Australian Top 35, and more
• Audit each of the critical security controls, with specific, proven templates, checklists, and scripts provided to facilitate the audit process

Who Should Attend?

• Information assurance auditors
• System implementers or administrators
• Network security engineers
• IT administrators
• Department of Defense (DoD) personnel or contractors
• Federal agencies or clients
• Private sector organizations looking to improve information assurance processes and secure their systems
• Security vendors and consulting groups looking to stay current with frameworks for information assurance

What Will the Learning Experience Include?

Phase: 1

Introduce

• Comprehensive pre-program activities include:
• Web-based information forms & surveys completed by attendee.
• Direct consultation with the attendee about the expectations.

• During the training, participants engage in data, activities, and conversations that lead to insight and knowledge.
• Participants learn from expert trainers who have both academic and business experiences.
• Highly applicable training content & instructive activities for adding depth to training topics.
• **A half-day site visit for integrating the experience & plan next steps. Opportunities to provide connections, ideas & support.

Phase: 2

Explore & Practice

Phase: 3

Apply

• Apply & sustain the learning experience by using this ongoing support:
• To ensure participant has new skills or behavior progress.
• Optional, fee-based mentoring & coaching with the trainer.
• Training materials & additional documents (e-books, pdf files, presentations and articles)

• Evaluate your training experience by giving us feedbacks and help us to reach our organizational goals.
• Participant's Evaluation
• Trainer's Evaluation

Phase: 4

EVALUATE