Security Training

CISSP (Certified Information Systems Security Professional) Boot Camp

This certification is offered by International Information Systems Security Certifications Consortium. CISSP has lately become the most sought after certification in the field of information security. This is because of a number of reasons. Firstly, this is a vendor independent certification, therefore, it ensures that a certified individual has detailed knowledge across the various areas of information systems management rather than of one technology and / or product line. Secondly, this is not focused at technology but ensures that the certified individual becomes aware of the challenges faced in Security Management. Furthermore, this certification can be useful to people involved in business development, by giving them the knowledge of Information Security without going into technicalities. Finally, it has become the de-facto standard on know-how of Information Security.

CISSP Domains

To achieve this certification, the candidate has to undergo a rigorous examination across ten domains of information security. These domains are:

• Security Management Practices
• Access Control Systems & Methodologies
• Applications & Systems Development
• Business Continuity Planning
• Cryptography
• Telecommunications, Network & Internet Security
• Operations Security
• Physical Security
• Security Architectures & Models
• Law, Investigations & Ethics

Certified Ethical Hacking

The goal of the Ethical hacking Workshop is to help the organization take preemptive measures against malicious attacks by attacking the system himself; all the while staying within legal limits. This philosophy stems from the proven practice of trying to catch a thief, by thinking like a thief. As technology advances and organization depend on technology increasingly, information assets have evolved into critical components of survival. If hacking involves creativity and thinking 'out-of-the-box', then vulnerability testing and security audits will not ensure the security proofing of an organization. To ensure that organizations have adequately protected their information assets, they must adopt the approach of 'Defense in Depth'. In other words, they must penetrate their networks and assess the security posture for vulnerabilities and exposure. The definition of an Ethical Hacker is very similar to a Penetration Tester. The Ethical Hacker is an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an Ethical Hacker and an organization, it is legal. The most important point is that an Ethical Hacker has authorization to probe the target.

Information Security Governance

The course is for the individual who manages and designs an enterprise’s information security. While its central focus is security management, all those in the IT profession with security experience will find value in this course. The course promotes international practices and provides executive management with assurance that those taking this course have the required experience and knowledge to provide effective security management and consulting services. The course also defines a global job description for the information security manager and a method to measure existing staff or compare prospective new hires. It would talk of standards such as PCI-DSS, ISO 27001 and ITIL/CoBIT.

Linux Security

The main goal of this course is to provide you with an understanding of networking, specifically Linux networking and security. You will learn how to set up a Linux server and how to configure name resolution and dial-in network access using the X window system. You will also be exposed to file sharing technologies such as the Network File System (NFS), NetWare’s NCP file sharing, and the File Transfer Protocol (FTP). Finally, you will be introduced to network security, including concepts such as firewalls, encryption, and network intrusion detection. In order to reinforce the material, the course provides a range of laboratory and hands-on assignments that puts you in the role of a problem solver, requiring you to apply concepts presented in the modules to situations that might occur in a real-life work environment

Securing Windows Infrastructure

Windows Infrastructure Hardening has become a mandatory step performed on a regular basis by any organization that sees security as a priority. Businesses nowadays are almost fully dependent on IT services, making the hardening and securing processes even more intense. The number of possible attack surfaces has emerged exponentially in direct relation to the increasingly competitive field of current technology we are witnessing where developers try to achieve more and more functionality from implemented solutions and applications. Securing Windows Infrastructure is designed with the single purpose of providing Info-Sec professionals with complete knowledge and practical skills necessary to secure their network infrastructure which is fast becoming if already not a top priority plus a major tech challenge for most security conscious organizations.

Information Security Awareness Program

“A recent study by the Computing Technology Industry Association (CompTIA) cited human error as the most common cause of information security breaches, with some 80 percent of respondents believing this human error was caused by a lack of security knowledge, training, or failure to follow security procedures.” The goal of this training is to inform personnel of their role regarding security in their everyday work.