CSLO: Certified Security Leadership Officer

Description

Who Should Attend

C- Level Managers.

IT Managers

Cyber Security Personelle

Engineers

Information Systems

Owners

ISSO’s

CISSP Students

ISO’s

Module 1 – Security Management

1. The Role of the CSLO
2. Business Goals and Objectives
3. Overview of Governance 

1. The First Priority for the CSLO
2. Outcomes of Governance
3. Performance and Governance

1. Organization of IT Security.
2. Security Strategy
3. The Goal of Information Security
4. Defining Security Objectives,
5. Security Budget
6. Security Integration
7. Architecture
8. Information Security Frameworks
9. Integration
10. СОВІТ 4.1
11. Deming and Quality
12. Ethics
13. Fraud
14. Hiring and Employment
15. Intellectual Property
16. Protecting IP
17. Attacks on IP
18. OECD Privacy Principles
19. PII and PHI
20. Awareness Training

Module 2 – Risk Management

1. Risk Management
2. Risk Assessment
3. Quantitative vs Qualitative Risk
4. What Is the Value of an Asset?
5. What Is a Threat/Vulnerability
6. Assess and Evaluate Risk
7. Controls
8. Comparing Cost and Benefit
   I. Cost of a Countermeasure
9. Appropriate Controls
10. Documentation

Module 3 – Encryption

1. Encryption
2. Secrecy of the Key
3. Cryptographic Function
4. XOR Function
5. Symmetric Encryption
6. Asymmetric Algorithms
7. Hashing Algorithms
8. Digital Signatures
9.  Digital Envelope
10. Public Key Infrastructure (PKI)
11. Certificates
12. Uses of Encryption in Communication
13. Auditing Encryption implementations
14. Stenography
15. Cryptographic Attacks 

Module 4 – Information Security Access Control Concepts

1. Information Asset Classification

1. 1. Criticality
   2. Sensitivity
   3. Regulations and legislation 

1. Asset Valuation
2. Information Protection
3. Storing, Retrieving. Transporting and Disposing of Confidential Information
4. Password Policy
5. Password Cracking
6. Biometrics
7. Authorization
8. Accounting/Auditability
9. Centralized Administration
10. Access Control

Module 5 – Incident Handling and Evidence

1. Goals of Incident Management and Response
2. Security Incident Handling and Response
3. Evidence Handline
4. What is an Incident – Intentional
5. What is an Incident – Unintentional
6. Malware
7. Attack Vectors
8. Information Warfare
9. Developing Response and Recovery Plans
10. Incident Response Functions
11. Incident Management Technologies
12. Responsibilities of the CSLO
13. Crisis Communications
14. Challenges in Developing an Incident Management Pian

1. When an incident Occurs
2. During an Incident
3. Containment Strategies
4. The Battle Box
5. Evidence Identification and Preservation
6. Post Event Reviews

1. Disaster Recovery Planning (DRP) and Business Recovery Processes
2. Development of BCP and DRP
3. Disaster Recovery Sites
4. Recovery of Communications
5. Plan Maintenance Activities
6. Techniques for Testing Security
7. Vulnerability Assessments
8. Penetration Testing

Module 6 – Operations Security

1. Operations Security
2. Specific Operations Tasks
3. Data Leakage – object Reuse
4. Records Management
5. Change Control
6. Trusted Recovery
7. Redundant Array of Independent Disks (RAID)
8. Phases of Plan
9. BCP Risk Analysis
10. Recovery Point Objective
11. Priorities
12. OWASP Top Ten (2013)
13. Common Gateway Interface
14. How Cel Scripts Work
15. Cookies
16. Virtualization • Type 1
17. Virtualization – Type 2
18. Technologies – Databases and DEMS
19. Facilities
20. Facilities Security
21. Environmental Security
22. Physical Access Issues and Exposures
23. Controls for Environmental Exposures

Module 7 – Network Security

1. Network Topologies- Physical Layer
2. Data Encapsulation
3. Protocol’s at Each layer
4. Devices Work at Different Layers
5. Technology based security
6. Network Security Architecture
7. Firewalls
8. Unified Threat Management (LTM)
9. UTM Product Criteria
10. TCP/IP Suite
11. Port and Protocol Relationship l Network Security
12. internet Threats and Security
13. Auditing Network Infrastructure Security
14. IPsec- Network Layer Protection
15. Wireless Technologies- Access Point