CSLO: Certified Security Leadership Officer

The Certified Security Leadership Officer course is designed for mid and upper-level managers. If you are an engineer, this course will increase your knowledge in the leading information system security teams.
Plus, the C)LSO will give you an essential understanding of current security issues, best practices. and
technology. With this knowledge you will then be prepared to manage the security component of an Information technology project. As a Security Leadership Officer, you will be the bridge between cybersecurity and business operations.

Days : 5
Price :

CAD$3,995.00

Effacer

Description

Who Should Attend

C- Level Managers.

IT Managers

Cyber Security Personelle

Engineers

Information Systems

Owners

ISSO’s

CISSP Students

ISO’s

 

Module 1 – Security Management

 

  1. The Role of the CSLO
  2. Business Goals and Objectives
  3. Overview of Governance 
  1. The First Priority for the CSLO
  2. Outcomes of Governance
  3. Performance and Governance
  1. Organization of IT Security.
  2. Security Strategy
  3. The Goal of Information Security
  4. Defining Security Objectives,
  5. Security Budget
  6. Security Integration
  7. Architecture
  8. Information Security Frameworks
  9. Integration
  10. СОВІТ 4.1
  11. Deming and Quality
  12. Ethics
  13. Fraud
  14. Hiring and Employment
  15. Intellectual Property
  16. Protecting IP
  17. Attacks on IP
  18. OECD Privacy Principles
  19. PII and PHI
  20. Awareness Training

 

Module 2 – Risk Management

 

  1. Risk Management
  2. Risk Assessment
  3. Quantitative vs Qualitative Risk
  4. What Is the Value of an Asset?
  5. What Is a Threat/Vulnerability
  6. Assess and Evaluate Risk
  7. Controls
  8. Comparing Cost and Benefit
    I. Cost of a Countermeasure
  9. Appropriate Controls
  10. Documentation

 

Module 3 – Encryption

  1. Encryption
  2. Secrecy of the Key
  3. Cryptographic Function
  4. XOR Function
  5. Symmetric Encryption
  6. Asymmetric Algorithms
  7. Hashing Algorithms
  8. Digital Signatures
  9.  Digital Envelope
  10. Public Key Infrastructure (PKI)
  11. Certificates
  12. Uses of Encryption in Communication
  13. Auditing Encryption implementations
  14. Stenography
  15. Cryptographic Attacks 

 

Module 4 – Information Security Access Control Concepts

 

  1. Information Asset Classification
    1. Criticality
    2. Sensitivity
    3. Regulations and legislation 
  1. Asset Valuation
  2. Information Protection
  3. Storing, Retrieving. Transporting and Disposing of Confidential Information
  4. Password Policy
  5. Password Cracking
  6. Biometrics
  7. Authorization
  8. Accounting/Auditability
  9. Centralized Administration
  10. Access Control

 

Module 5 – Incident Handling and Evidence

 

  1. Goals of Incident Management and Response
  2. Security Incident Handling and Response
  3. Evidence Handline
  4. What is an Incident – Intentional
  5. What is an Incident – Unintentional
  6. Malware
  7. Attack Vectors
  8. Information Warfare
  9. Developing Response and Recovery Plans
  10. Incident Response Functions
  11. Incident Management Technologies
  12. Responsibilities of the CSLO
  13. Crisis Communications
  14. Challenges in Developing an Incident Management Pian
  1. When an incident Occurs
  2. During an Incident
  3. Containment Strategies
  4. The Battle Box
  5. Evidence Identification and Preservation
  6. Post Event Reviews
  1. Disaster Recovery Planning (DRP) and Business Recovery Processes
  2. Development of BCP and DRP
  3. Disaster Recovery Sites
  4. Recovery of Communications
  5. Plan Maintenance Activities
  6. Techniques for Testing Security
  7. Vulnerability Assessments
  8. Penetration Testing

 

 

Module 6 – Operations Security

 

  1. Operations Security
  2. Specific Operations Tasks
  3. Data Leakage – object Reuse
  4. Records Management
  5. Change Control
  6. Trusted Recovery
  7. Redundant Array of Independent Disks (RAID)
  8. Phases of Plan
  9. BCP Risk Analysis
  10. Recovery Point Objective
  11. Priorities
  12. OWASP Top Ten (2013)
  13. Common Gateway Interface
  14. How Cel Scripts Work
  15. Cookies
  16. Virtualization • Type 1
  17. Virtualization – Type 2
  18. Technologies – Databases and DEMS
  19. Facilities
  20. Facilities Security
  21. Environmental Security
  22. Physical Access Issues and Exposures
  23. Controls for Environmental Exposures

 

Module 7 – Network Security

 

  1. Network Topologies- Physical Layer
  2. Data Encapsulation
  3. Protocol’s at Each layer
  4. Devices Work at Different Layers
  5. Technology based security
  6. Network Security Architecture
  7. Firewalls
  8. Unified Threat Management (LTM)
  9. UTM Product Criteria
  10. TCP/IP Suite
  11. Port and Protocol Relationship l Network Security
  12. internet Threats and Security
  13. Auditing Network Infrastructure Security
  14. IPsec- Network Layer Protection
  15. Wireless Technologies- Access Point