CIS
Elective #2 - Applying the Security Assurance Manager Software "The
Next Generation" of technically managing IT security functions Intrusions across the
world continue to increase, threatening sensitive systems & critical
intellectual property. Learn HOW to secure data using the latest IT Security Management
techniques aided by advanced Security Software technology: SECURING YOUR ENTERPRISE
"Database Template Security Planning & Auditing" Introducing:
The SECURITY AUDIT MANAGER: SAM™ Overview: This course teaches the
electronic version of "How To" prepare security plans and conduct security audits
to PROTECT from intrusions by assuring that computers meet high standards of
Security Rules and Policies. This process applies the latest technologies to
satisfy security requirements and make systems SECURE aided by the new security
enterprise management software SAM™ : THE Total Security Management Software Solution.
This Security Management solution provides on-line web-based techniques and relational
database interfaces to conduct Security Planning, Risk Assessments, Auditing, Scanning
for Vulnerabilities, Securing from Exploits and Management Metrics on the Security
Status of specific systems. The techniques are effective in Securing the Enterprise.
Course Benefits: This new Security Audit
Management process accelerates detailed security planning and auditing to speed
security scanning and vendor patching. The advanced electronic advantage keeps
the Security Status current to assure cost effective SECURE systems. This NEW security technology
software strengthens security auditing and planning functions to provide Independent
Verification & Validation of IT Security to make sure systems ARE secure. Paramount
is the cost-effectiveness of this approach. Database applications are rapidly emerging
and this software "Captures the Leading Edge" applied to IT SECURITY. This Technical
Security Management software approach overcomes the traditional expenditures where, on
the average, Security Administrator costs are spent for:
| • |
A
security specialist |
| • |
Training on
how to use scanning software and |
| • |
Cost of
the Scanning software, all of which is repeated every year with
the only result being: a list of Known Security Vulnerabilities. |
For those $s there
is still a GAP. No electronic retrievable record is kept, no vulnerabilities
are corrected and recorded and there is NO way to determine the status of
line system security. This new security enterprise approach treats this GAP
and produces records, security status and links to other security documents
and systems. NDI principals, who
are authorities in Relational Database Technologies, System Security Planning
and Security Enterprise Management functions teach this process. The faculty
consists of those who wrote the application and applied it to major government
space centers. The Beta was successfully tested in February 2000.
This
course was developed by using practical experiences from government and the
employment of industry database and programming techniques. Featured technologists
from SSI staff and faculty have impressive credentials. This is a no nonsense course
that focuses on getting the security job done. Theory, long sentences and copied
boilerplate pages from other documents are avoided. The fundamental purpose and
focus is to install security applied to SPECIFIC Systems. Topics
Discussed:
| • |
Fundamental
Security Planning |
| • |
Threat
and Risk Assessment |
| • |
Auditing
Principles |
| • |
New
Security Tools |
| • |
Demonstration
on-line -The Database Template Planning process |
| • |
Understanding
the Threats and Vulnerabilities |
| • |
Exploring
the current Security Intruder attacks |
| • |
Security
Solutions and their SHORTCOMINGS |
| • |
Understanding
Database Technologies |
| • |
Application
of Independent Verification & Validation Principles |
| • |
Concept of
Virtual Security Auditing and Planning |
| • |
Oracle and
SQL Server - not so difficult- AND a NEW LINUX e-pliance solution |
| • |
Developing &
Using Templates to Prepare Security Plans |
| • |
Specific Work
Flow Process & Verification Details |
| • |
Risk Assessment
and Contingency Planning |
| • |
System
and Business Rules |
| • |
Developing a
Threat Assessment and Risk Analysis - workshop |
| • |
Developing
Security Plans "on-line" |
These techniques
are unique cost-effective methodologies designed to capture security data
and maintain a retrievable and modifiable RECORD. The application shown is
in effect at a major government space center. This unique process makes
good business sense and manages for the FIRST time all the security management
& technical functions needed to MAKE & KEEP Systems SECURE. The software package
is a powerful turnkey Management and Technical application that synthesizes
Security Management Functions to provide a RECORD of Security Status. A unique
feature is the on-line updating of new vulnerabilities and resulting changed
security status of desktops, servers and the network. A built-in feature provides
AUTOMATIC policy compliance checks that provide a written report On Call. Database technology is the
latest of the integration and virtual assistance software applied across the industry
for configuration management and system maintenance protocols. Course Delivery:
| Delivery
Method |
Instructor-led
Lectures and Demonstrations |
| Course Duration |
2 Days |
| Course Fee |
$1095.00 US
per person (discounts for multiple attendance of the same
organization) |
|
