Information Security Boot Camp

ACI Learning
Training overview
5 days
Next start date: Inquire for dates and prices - Worldwide
Professional Course

Course description

Information Security Boot Camp

This class helps practitioners prepare for the CISSP, CISM, CISA, or other formal exams in Information Security or IT controls. It provides valuable insights on hacker attacks, data leakage, malware, computer crime and corporate governance.

COVID-19 Update

In light of COVID-19, this provider is now delivering some or all of their courses online. Contact them for more information!

Who should attend?

Information Security and IT Managers;  Information Security Analysts, Security Architects, Security Administrators;  System Administrators, Network Administrators, IT Auditors; Consultants; Compliance Managers; and anyone needing a  “crash course” in information security concepts and practices.

Prerequisites

Introduction to Information Security (ISG101) or equivalent experience

Training content

1. Security and Risk Management:

  • fundamental principles of information security
  • making the business case for information security
  • information security management objectives
  • risk analysis: threats, vulnerabilities, risks, and countermeasures
  • policies, standards, procedures, and guidelines
  • information classification
  • security awareness

2. Laws and Standards Affecting Information Security and It Audit:

  • computer crimes, investigations, evidence, forensics
  • laws, directives and regulations
  • types of laws
  • privacy issues and legislation
  • intellectual property, copyright laws and software piracy
  • European Union Data Protection Act
  • prominent US and international laws
  • information security and auditing standards

3. Security Engineering - Security Models, Mechanisms and Architectures

4. Laws and Standards Affecting Information Security and It Audit:

  • enterprise information security architecture
  • computer architectures
  • operating system security
  • virtualization: operational and security considerations
  • security models
  • access control models, techniques and technologies, and methods
  • open and closed systems
  • security design standards and criteria: “Rainbow Series”, ITSEC, Common Criteria
  • certification and accreditation

5. Network Security Concepts and Solutions:

  • defining a 3-layer simplified network protocol model
  • Open Systems Interconnection (OSI) model
  • Transmission Control Protocol/Internet Protocol (TCP/IP): IPv4, IPv6
  • network addresses and applications
  • LAN and WAN technologies, topologies and protocols
  • wiring: copper, fiber optics
  • wireless networks technologies, protocols and security
  • voice over IP (VoIP)
  • network interconnection devices: functionality, risks and safeguards
  • directory services: LDAP, DNS
  • network management tools: packet sniffers, SNMP, network utility and diagnostic software
  • network security vulnerabilities, threats, risks and countermeasures
  • hacker probing and attack techniques
  • firewalls and proxy servers
  • intrusion detection/prevention systems
  • VPNs and related Internet security protocols: SSL/TLS, IPSec, SSH
  • network discovery, vulnerability and penetration testing

6. Cryptography:

  • demystifying the language of cryptography
  • key management: asymmetric, symmetric
  • encryption algorithms and hashing functions
  • digital signatures
  • Certificate Authorities (CAs) and Public Key Infrastructure (PKI)
  • applications of cryptography
  • cryptography vs. steganography

7. Identity Management / Access Controls:

  • authentication mechanism: passwords, tokens, smart cards, biometrics
  • point-to-point protocol (PPP) authentication: PAP, CHAP
  • extensible authentication protocol: EAP
  • enterprise authentication systems: RADIUS, TACACS+, Diameter
  • single/reduced sign-on (SSO): Kerberos, Web-based SSO

8. Software Development and Application Security:

  • system development life cycle methodologies
  • configuration management and change control
  • application development tools and methodologies
  • client server and middleware security
  • data types and structures
  • database management systems
  • Web application security architecture: control points, attacks and defenses
  • mobile code security risks: Java, ActiveX, JavaScript, VBScript
  • malicious software and hacker attacks

9. Asset Security (Including Physical, Human Resources and Environment):

  • computing center location, construction and management
  • physical security threats, vulnerabilities, risks and countermeasures
  • perimeter security, boundary protection and facilities access controls
  • electrical, temperature, water, and other environmental controls
  • fire detection, prevention and suppression
  • information storage media protection, sanitization and disposal
  • emergency procedures
  • human resources security: hiring practices, badges, terminations and transfers

10. Availability (Data Recovery and Business Continuity Planning):

  • business continuity planning requirements
  • business impact analysis
  • redundancy and fault tolerance
  • backup procedures: on-site and offsite
  • backup resources: processing sites, storage, offices, utilities, equipment and supplies
  • recovery testing procedures
  • emergency response procedures

11. Wrap-up Discussion (Also Includes Continuous Unit and Course Review Exercises)

Course delivery details

Bring this course to your organization at your convenience. ACI Learning can deliver this instructor-led course for your team at a chosen location or virtually. Alternatively, choose the topic(s) you need and ACI will craft a training solution to keep your team future-proof.

Certification / Credits

NASBA Certified CPE: 40 Credits Auditing

Information Security Certificate

What You'll learn

You will learn about security and risk management, laws and standards affecting infosec, security models, cryptography, identity management, software development, asset security, and emergency response practices.

Objectives

  • Provide a broad-based foundation of information security knowledge for full-time security practitioners and laypersons
  • Assist candidates in their study and preparation for the CISSP, CISM, and other generic professional information security certification examinations
  • Gain familiarity with industry best practices, legislation, professional standards, and information resources affecting information security
  • Assist organizations in locating baselines and yardsticks for defining and/or benchmarking their information security program

About ACI

ACI Learning

At ACI Learning, we train leaders in Cybersecurity, Audit, and Information Technology. Whether you're starting your IT career, mastering your profession, or developing your team, we're with you every step of the way. We believe that training is not a...


Read more and show all training delivered by this supplier

Contact info

ACI Learning


 Show phone number


Reviews

Average rating 4.2

Based on 4 reviews.

Victor, K, Dept of Defense
Refreshing and exciting
James, A, Westfield Group
The program was very informative.
Bahadir, D, Equinix, Inc.
I believe the program was perfectly engineered towards meeting the goal of passing the exam.
View again
Supplier Directory
Join our Supplier Directory to:
- Gain Traffic
- Get Noticed
- Showcase Your Services
- Free Listing Available