| Website: | Link: | Mailing Address and General Inquiries: | E-mail: |
|---|---|---|---|
| www.gocsi.com | Webpage | Computer Security Institute 1265 Industrial Highway Southampton, PA 18966 | csi@cmp.com |
Computer Security Institute (CSI) - This institute advocates the critical importance of protecting information resources. It therefore, provides courses on Internet Security Tools & Techniques, Intrusion Detection, Attacks and Countermeasures. Other courses like Practical Forensics: How to Manage IT Investigations, Technical Recovery of Electronic Evidence, How to Develop a Winning Security Architecture, Return on Investment for Information Security, How to Be an Effective Information Security Professional, How to Create and Sustain a Quality Security Awareness Program, Introduction to Computer and Network Security are offered.
3-day CISSP Prep-for-Success Workshop - Overview of the 10 domains of the Common Body of Knowledge (CBK) for the information systems security field: Access control systems & methodology, telecommunications & network security, security management practices, applications and systems development, cryptography, security architecture and models, operations security, business continuity & disaster recovery planning, law, investigations and ethics, physical security.
How to Perform a Technical Network Vulnerability Assessment – You will focus learning on Identifying tools to assist in network vulnerability assessment, conduct a network vulnerability assessment, identify where to obtain tools, combine the output from tools to see a complete picture
Internet Security Tools and Techniques - You will learn cryptographic basics, defensive and offensive methods and mechanisms, including multiple firewall deployment and design, VPNs: types and deployment, site to site and user to site, intrusion detection systems: types, strengths, weaknesses, and use, 20 worst Internet threats and how to counter them, 10 management errors that lead to vulnerabilities and how to avoid them, hacker tools to use to test and verify servers, firewalls, and IDS systems, home-grown and commercial tools, tricks, and techniques.
Hands on Hacking - This program is for security professionals who seek to understand how to profile internet systems, maximize time spent for scanning vulnerabilities, exploit the vulnerabilities discovered, keep your access to the compromised system, hide your access, and think like a hacker in order to better protect your own systems.
Introduction to Computer and Network Security – You will learn about common threats to information assets, what to look for in an intrusion detection product, the importance of a security awareness program, securityissues and vulnerabilities associated with your organization’s use of the Internet.
Intrusion Detection, Attacks and Counter Measures – You will learn the styles of attackers, host systems and their capabilities for security and logging, reconnaissance: the probing and scanning of networks and hosts, examples of network-based attacks, including buffer overflows and attacks through firewalls, elevation of privilege tools, intruder behavior after a successful attack, trojans, rootkits, backdoors and tunnels, denial of service attack tools, use of firewalls, ID systems, deception, honeypots, recovering from an intrusion.
Practical Forensics: How to manage IT Investigations - Computer forensics as a tool for management and legal counsel, electronic records discovery from both sides, effective strategies in the collection of electronic evidence, investigative issues for computer subpoenas and seizure orders, skills the technical investigator must have, forensics techniques in a heterogeneous computing environment – palmtops to servers, information System Forensics – a systems approach to computer forensics, experienced-based case studies involving the recovery of digital evidence, analysis strategies in the review of acquired electronic evidence. Evaluating and presenting recovered remnant or residual data, practical technical report writing , overview of free, almost free, and demos of tools you can use to begin forensic analysis of electronic evidence, evidence documentation and processing principles, internet defamation cases – tracing words on the web, lessons learned – strategies for dealing with unexpected situations in the field.
Introduction to End-to-End Digital Forensic Analysis - This session explores the
concept of a full end-to-end analysis of digital events. We will examine the underlying attack concepts,
learn where to search for evidence, and discover how to correlate and normalize a chain of evidence across one
or more networks and multiple network devices, including intermediate computer purloined by the attacker for the
purpose of concealing his or her identity.
Disussions will include log analysis, correlation and normalization, the concept of a corroborated
chain of evidence, and case preparation. At the end you should be examining methods for determining the probability
that an attack actually occurred as well as methods for showing intent on the part of the attacker.
A Practical Guide to Encryption and Certificate Authorities – You will learn cryptographic principles, trends, history and usage, where encryption belongs in securing your organizations information assets, relevant cryptographic terminology used in detailed security analysis and marketing material, differences between secret key and public key encryption systems, how public key cryptography works in a network, the role and benefits of Certificate Authorities and how to go about implementing them in your environment.
Technical Recovery of Electronic Evidence – Learn strategies for the recovery of digital evidence, preparing the specification of your forensic toolkit, the “duty expert” giving technical/operational advice, overview of data storage technology, remnant data that provide valuable clues: disk slack and deleted files, meta-data, dealing with encryption, forensics techniques in a heterogeneous computing environment – palmtops to servers, RAID arrays, PC media, network appliances, Palmtops, overview of adversarial seizure of digital evidence, case management techniques, demonstration of tools – imaging backup tools, forensics tools, analysis tools, managing data acquisition and analysis tasks, estimating and planning – task deconstruction.
Point A to Z: A Primer on Data Communications Security - In this seminar you will learn the basic principles and technology of communications system currently in use, the three basic goals of network security and how they relate to your environment, critical vulnerabilities in communications systems and the safeguards available, network security terminology, how to apply basic security principles to your particular communications configuration, the importance of a focused awareness program.
Advanced Secure Cisco Pix Firewalls - This course is designed for CCNA's and IT or security staff members ready to learn details about the advanced configurations of Cisco PIX firewalls, as well as all technicians who design, implement or maintain a PIX Firewall-protected network.
Return on Investment for Information Security – Learn the importance of measuring the value in security, what value the business needs from security, measure the value in security, measure the investment in security, measure return in the investment, create, measure, and use security metrics and performance indicators, how to use benchmarks, evaluate your security against relevant standards and legislation, a structured process to evaluate and measure security value and return on investment.
How to Develop Security Standards and Procedures - Create information security standards, develop procedures, identify the contents of a procedure document, use SMEs to your advantage, establish a supporting review team.
Facilitated Risk Analysis for Business and Security – This seminar will focus on how to evaluate tangible and intangible risks, use the qualitative risk analysis process, identify elements that make up a strong business impact analysis, conduct risk analysis.
How to be an Effective Information Security Professional – You will learn how to identify key projects to implement in order to “raise the bar” for security function at your organization, develop and fine-tune a security policy statement, raise the level of security awareness throughout your organization, interface more effectively with internal groups whose support and commitment you need, deliver planned objectives, building your credibility and track record, recognize pitfalls to avoid – and how to cope if you don’t.
How to Create and Sustain a Quality Security Awareness Program - You will start off by identifying the key ingredients in a successful security training and awareness program and define, segment and target key employee groups, gather and organize a wide variety of training techniques and materials for maximum impact, evaluate the results of your security awareness training.
How to Develop Information Security Standards and Policies – Create an information security policy, establish a supporting mission statement, identify the key elements of an information security policy, Win management support and approval, establish a supporting review team.
How to Develop a Winning Security Architecture – You will learn how to ensure the architecture meets the overall goals of your enterprise, understand and meet both business and technical requirements, manage the design process and the resulting security program, key security architecture concepts and how to deliver them, consolidate security solutions, improve efficiency and reduce costs, select appropriate security technologies and architecture components.
Defense Against Social Engineering and Identity Theft – No description available yet.
Rapid Roll-Out of an Asset Classification Program – You will learn to identify the
four essential elements of information classification, create a classificiation policy, establish information
records to be used in selling the classification program to others, identify employees' responsibilities, and create
an information classification methodology.
Last modified: