Description

This training aims to prepare candidates for the CISSO exam, the international certification delivered by MILE2. The training covers all information security knowledge spread over 19 areas. It is aligned with the objectives of the major standards ISO 27001, NIST, CISM and CISSP.

Who is this training for ?

For whom ?

CIOs, engineers and project managers, security consultant experts, security managers, auditors.

Prerequisites

Training objectives

Acquire the knowledge in the 19 areas of the common core necessary to pass the CISSO and CISSP

exams Acquire the knowledge to advise an organization on best practices in ISS management

Training program

• Risk and Security Management, IAM and Access Control
  • Risk Management: risk management, assessments and responses.
  • Security Management: ISMS, roles and responsibilities, frameworks, human resources.
  • Identification and Authentication: identity Management, authentication, Access Control Monitoring.
  • Access Control: access control types, classification information, Access Control models and methods.
• Security Operations and Cryptography
  • Security Models and Evaluation Criteria: protection mechanism, security models.
  • Operations Security: operational incidents and threats, responsibilities.
  • Sym.
  • Cryptography and Hashing: definition, history, fundamentals of cryptography, symmetric algorithms.
  • Asym.
  • Cryptography and PKI: hybrid crypto and digital signature, PKI, uses, crypto attacks .
• Network and Communications Security, Security Architecture
  • Network connections: network security and communication, topologies, network transmissions, cabling, LAN/WAN.
  • Network Protocols and Devices: OSI model, protocols, ports & services.
  • Telephony, VPNs and Wireless: telephony, VPNs, WiFi, network-based attacks.
  • Security Architecture and Attacks: architecture models, system attacks.
• Software Development Security, Database Security, Malware
  • Soft Development Security: software development process, web security, PCI-DSS compliance.
  • DB Security and System Development: models and terminologies, database security.
  • Malware and Software Attacks: viruses, Worm, Logic Bomb, Trojan Horse, Timing Attack, Spyware.
• BCP and DRP, Security Incidents, Laws and Ethics, Physical Security
  • BCP & DRP: BIA, strategies, development plan, testing.
  • Incident Management, Law and Ethics: Computer Crime, evidence management, ethics and confidentiality.
  • Physical Security: premises and building construction, perimeter protection, electricity and fire threats.
  • Exam Passing the CISSO certification exam.