Home   About    Counter Intrusions   Courses   On-site Training   Special Features   Investors   Past Clients   Contacts

 

CIS Elective #3 Internet Security Practices for the

Security Practitioner - Agenda

 

Day one:

08:30 KEYNOTE COMMENTS, WELCOME AND INTRODUCTIONS - Roles and Responsibilities of the Security Practitioner
09:00 CONFRONTING THE SYSTEM CHALLENGE TO SECURE COMPUTING
The Current Nature of the Intruder Phenomenon and Emerging New Technologie
The Hacker Threat & Intrusions & Operating System Vulnerabilities & Exploit
Conducting the Threat Analysis & Risk Assessment
Applying Emerging Technologies; Security Database Technology
Integration of Security Functions - The Next Generation of Security Software
09:45 INTRODUCTION TO THE COMPUTER UNDERGROUND
10:15 INTERNET RELAY CHAT - ACTUAL ON-LINE MEMBERS OF THE COMPUTER UNDERGROUND
11:00 ON-LINE TOUR OF COMPUTER SECURITY AND HACKER WEBSITES
11:40 SOCIAL ENGINEERING AND VIDEO PRESENTATION
Features a Top White Hat Hacker in a 20/20 interview
13:00 PRINCIPLES OF SECURITY POLICIES
Developing Company Security Policies, System and Business Rules, Quality Controls
14:00 PRACTICAL APPLICATION OF SECURITY POLICIES USING THE INSTITUTIONAL REQUIREMENTS OF SPREADSHEET
15:00 INTRODUCTION TO THE RISK ASSESSMENT PROCEDURES

 

Day two:

08:30 TESTING RISK ASSESSMENT AND PROCEDURES
09:30 Exercise–Develop Risk Assessment Chart and SECURITY Controls Matrix
10:30 Introduction to Technical Scanning & Penetration Testing
"Understanding the Fundamental Skills"
11:30 CONTROL CONSIDERATIONS IN SCANNING & PENETRATION TESTING
13:00 Information Gathering: Basic & Advanced Scanning, AND EXPLOITS
14:00 Securing the Conquest - Rootkits, Backdoors, Trojans
14:30 INFILTRATING THE NETWORK - Sniffing, Session Hijacking / Sniping, Human Trust Relationships, System-based Trust Relationship
15:00 THE ELEMENTS OF A CONTROLLED PENETRATION - PASSIVE METHODS
Methodology / Philosophy Public Information
Mapping the Network WWW
nslookup HTTP Information
Usenet host
15:30 THE ELEMENTS OF A CONTROLLED PENETRATION - ACTIVE METHODS
Methodology / Philosophy Social Engineering
Mapping the Network Firewalls
Remote OS Fingerprinting Physical Security
Service Exploits Report Writing
16:00 CONTROLLED PENETRATION - PRACTICAL EXERCISE AND TEST
17:00 QUESTIONS AND ANSWERS / ADJOURN 

 

Day three:

08:30 SECURITY PERSPECTIVES FOR FINANCIAL INSTITUTIONS
09:30 DIGITAL SIGNATURES ON-LINE AND HANDS-ON TESTING
13:00 SECURING ASSURANCE MANAGEMENT - Securesoft Systems Inc.
Applying Enterprise Management to the Practitioner Tasking Profile
15:00 COURSE WRAP-UP AND CLOSING COMMENTS

 

[ Register Now ] [ Pass this to someone ]
[ Schedule ]

 
 
  Featured Courses

 

A New Dimension in System Security Engineering

 

Based on the principles of total security integration into the program mainstream and building the security disciplines into the lifecycle process, this "New Dimension in System Security Engineering" (SSE) provides the latest SSE approach to applying contemporary security technology and information assurance to existing networks and developing programs.

 

The Hacker Phenomenon

 

This course features selected faculty, including members of the hacker community who are recognized experts with exceptional credentials in intrusion detection techniques, system audit and penetration testing.

 

  Feedback

 

 

Do you have any remarks for NDI regarding our services, courses and related subjects? Comments and suggestions are always open. Your feedback would be very much appreciated.

 

  Translation

English

Français

Deutsch

Italiano

Português

Español

 

Company Info :: HIPAA Courses :: Counter Intrusions :: Course Descriptions :: Course Schedule

Past Clients :: Special Features :: Investors :: On-site Training :: NDI Services :: Contacts