Home - Course Catalogue - Security > ISSOA-Advanced ISSO - Information Systems Security Officer

Microsoft Administration Microsoft Development Cisco ITIL® VMware Cloud Computing Risk & Audit VMware vSphere & Cloud Based Services Business Analysis Project Management CompTIA Java and Programming Security COBIT TOGAF Storage Area Networking Business Skills for IT Novell SAP UNIX

60% Off SCCM 2012, Hyper-V, & SQL 2012 Training The Microsoft Virtualization Challenge Register Online & Save Up To 15% Instantly Volume Pricing - Corporate Training Volume Pricing - Individual Training 25% Off for Microsoft Partners Microsoft Software Assurance

Talk to an Educational Consultant and get the answers you need.

By Phone
Ottawa: 613-798-5353
Toronto: 416-284-2700
Toll Free: 866-635-5353

Ask your question online

ISSOA - Advanced ISSO - Information Systems Security Officer

Summary

This advanced course expands upon the principles and concepts learned in the ISSO Boot Camp course. The course will explore the integration of technical and non-technical solutions for securing critical information infrastructures and establishing the standards necessary to help protect the confidentiality, maintain the integrity and ensure the availability of sensitive data and critical organizational computing resources.

The Advanced ISSO Boot camp provides five days of comprehensive, technical, professional training to achieve the fundamental knowledge, skills, and abilities necessary to facilitate and integrate requisite system-level security policies, processes, practices, procedures and protocols.

Prerequisites

Have taken course (ISSO) or have equivalent experience

Audience

Anyone currently holding an ISSO position; those earmarked for current or planned ISSO billets; security managers (corporate or departmental security officer staff) responsible for IS security, chief informatics office (CIO) staff, including technical support, system managers, configuration managers, etc. who have collateral IS security responsibilities.

Course Objectives

Learn how to protect information systems against unauthorized access to or modification of information whether in storage, processing, or transit, and against denial of service to authorized users, including those measures necessary to detect, document, and counter such threats.
Learn how to provide security planning and administrative security procedures for systems that process sensitive, classified and national intelligence data.
Understand the implementation and enforcement of Information System

Security Policies and Practices

Know the concerns and requirements that determine the administration and management of physical, system and data access controls based on the sensitivity of the data processed and the corresponding authorization requirements.
Learn the identification, analysis, assessment and evaluation of information system threats and vulnerabilities and their impact on an organization's critical information infrastructures.
Be able to identify management, technical, personnel, operational, and physical security controls.
Upon completion, understand the critical areas of knowledge required to step into any key information security position including Information Systems Security Officer.

Student Materials

The student kit includes a comprehensive workbook and other necessary materials for this class.

Course Outline

I. ISSO Boot Camp Review

a. Security Basics
     * IT Security Foundational Principles and Concepts
     * Role of the Security Professional
     * Confidentiality, Integrity and Availability
     * Protection, Detection and Response
     * Threat Agents, Threats, Vulnerabilities and Assets

b. Government Security Policies, Directives, Standards and Guidelines
     * GoC Policy on Government Security
     * CSEC ? Canada?s National Security Policy
     * DND Policies and Security Orders
     * Treasury Board MITS Operational Standard
     * Assets and Information Classification Processes (Sensitivity and Criticality)

c. Understanding Common Criteria and Questions to Consider
* Evaluation Methodologies including Common Criteria
* Security Program Compliance processes

II. IT Security and Information Assurance

a. Understanding Information Security
     * Physical Security
     * Personnel Security
     * Procedural Security
     * The different facets of Information Technology
     * Cryptographic Security
     * Network Security
     * Computer Security
     * Transmission Security
     * Emission Security (Tempest)
     * Shielded Enclosures
     * Emsec Zoning concepts

b. Vulnerabilities and Exploits
     * Malicious Code
     * Hacker activity
     * Types of attacks
     * System Vulnerabilities
     * Types of exploits
     * Rootkits
     * Current Vulnerability concerns and prioritization

c. The Threat and Risk Assessment Process (TRA)
     * TRA Methodology
     * Preparing for a TRA
     * Resources needed to conduct a TRA

d. Gathering Threat information
     * Local
     * Internal threat agents
     * External threat agents
     * Deliberate threat events
     * Accidental threat events
     * The different Threat ratings
     * Assessing the severity of the different threat events

e. Gathering Vulnerability information
     * Technical vs non-technical
     * Source of information
     * The different Vulnerability ratings
     * Assessing the severity of a vulnerability f. Assessing risks
     * The different risk ratings
     * Determining Residual Risk
     * Making recommendations

III. Risk Management

a. Overview of Risk Management for ISSO Officers
* Risk Management Planning
* Approach and execution of plan for risk management

b. Risk Identification
* Determining risks and identifying the characteristics of those risks

c. Qualitative Risk Analysis
* Prioritizing risks responses based on probability of occurrence and impact

d. Quantitative Risk Analysis
* Analyzing effect of risks should they come to fruition e. Risk Response Planning
* Developing options and actions to minimize risks and their effects

f. Risk Monitoring & Control
     * Tracking risks
     * Monitoring residual risks
     * Identifying new risks
     * Executing risk response plans and evaluating effects of those plans

g. Threats and Vulnerabilities

h. Threat Risk Assessments and Harmonized TRA methodology

IV. Incident Management

a. Incident Response and Handling Steps
     * How to Identify an Incident
     * Handling Incidents
     * Need for Incident Response
     * Goals of Incident Response
     * Incident Response Plan
     * Purpose of Incident Response Plan
     * Requirements of Incident Response Plan
     * Preparation

b. Incident Response and Handling Steps
     * Identification
     * Incident Recording
     * Initial Response
     * Communicating the Incident
     * Containment
     * Formulating a Response Strategy
     * Incident Classification
     * Incident Investigation
     * Data Collection
     * Forensic Analysis
     * Evidence Protection
     * Notify External Agencies
     * Eradication
     * Systems Recovery
     * Incident Documentation
     * Incident Damage and Cost Assessment
     * Review and Update the Response Policies

c. Training and Awareness
     * Security Awareness and Training Checklist
     * Incident Management
     * Purpose of Incident Management
     * Incident Management Process
     * Incident Management Team
     * Incident Response Team
     * Incident Response Team Members
     * Incident Response Team Members Roles and Responsibilities
     * Developing Skills in Incident Response Personnel
     * Incident Response Team Structure
     * Incident Response Team Dependencies
     * Incident Response Team Services
     * Incident Response Best Practices
     * Incident Response Policy
     * Incident Response Plan Checklist

V. Incident Reporting

a. Incident Reporting
     * Why to Report an Incident
     * Why Organizations do not Report Computer Crimes
     * Whom to Report an Incident
     * How to Report an Incident

VI. Business Continuity Planning

a. Configuration Management, Business Continuity Planning and Crisis Management
     * Business Continuity Management
     * Business Impact Assessment
     * Disaster Recovery
     * Off-site storage and backup
     * Understanding natural hazards, vulnerability and risk of disaster
     * Using disaster risk reduction techniques
     * Understanding of the crisis management implementation process
     * Responding by managing disasters
     * Practical Disaster Recovery Planning & Implementation
     * Introduction to Practical Operational Risk Management

VII. eDiscovery

a. Introduction to E-Discovery
     * E-Discovery Process: Gather
     * E-Discovery Process: Filter
     * E-Discovery Process: Deliver

b. Marketplace and Trends

VIII. Digital Forensic & Cyber Investigation

a. Objectives of Forensics Analysis
* Role of Forensics Analysis in Incident Response

b. Forensic Readiness
* Forensic Readiness And Business Continuity

c. Types of Computer Forensics

d. Computer Forensic Investigator
* People Involved in Computer Forensics

e. Computer Forensics Process

f. Digital Evidence
     * Characteristics of Digital Evidence
     * Collecting Electronic Evidence
     * Challenging Aspects of Digital Evidence

g. Forensic Policy

h. Forensics in the Information System Life Cycle

i. Forensic Analysis Guidelines

j. Forensics Analysis Tools

IX. The Certification and Accreditation process
     * Identifying the key stakeholders
     * Certification evidence
     * Accreditation (Authority to process)
     * Interim Authority to Process
     * Security Testing and validation requirements
     * Security Concept of Operations