Skip to main content

Certified Information Security Professional (CISP)(Trainer Led)

Certified Information Security Professional (CISP)(Trainer Led)

The Certified Information Security Professional (CISP)™ on Information Systems certification program is directed towards senior-level personnel in the information processing industry, If you plan to build a career in information security – one of today’s most visible professions – and if you have at least five full years of experience in information security, then the CISP credential should be your next career goal. It’s the credential for professionals who develop policies and procedures in information security.

Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction. It is a general term that can be used regardless of the form the data may take (electronic, physical, etc…)

The ubiquity of computers and the internet in the life of human beings has enabled chance, motive, and means to do harm. With such endangers in front of us, it becomes necessary security for security professionals, to learn about how to manage computer and information security aspects. Hence this course provides methods to develop a new framework for information security, an overview of security risk assessment and management, and security planning in an organization.

Governments, military, corporations, financial institutions, hospitals, and private businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computer (source wikipedia)

Due to the difficulty of this certification and the knowledge required to pass the exam, the CISP title carries great weight in the job market. For IT professionals looking to move up on the corporate ladder, this certification can give the extra boost that is needed to move from fieldwork into management positions.

Duration : 30 to 35 Hours

Certificate Accreditation: GAQM (Validity – 05 Years)

Share:
Description

Course Outline 

 

Module 1 – Introduction to Information Security

  • 1.2 More Than Just Computer Security
  • 1.2.1 Employee Mind-Set toward Controls
  • 1.3 Roles and Responsibilities
  • 1.3.1 Director, Design and Strategy
  • 1.4 Common Threats
  • 1.5 Policies and Procedures
  • 1.6 Risk Management
  • 1.7 Typical Information Protection Program
 

Module 2 – Threats to Information Security

  • 2.1 What Is Information Security?
  • 2.2 Common Threats
  • 2.2.1 Errors and Omissions
  • 2.2.2 Fraud and Theft
  • 2.2.3 Malicious Hackers
  • 2.2.4 Malicious Code
  • 2.2.5 Denial-of-Service Attacks
  • 2.2.6 Social Engineering
  • 2.2.7 Common Types of Social Engineering

Module 3 – The Structure of an Information Security Program

  • 3.1.1 Enterprisewide Security Program
  • 3.2 Business Unit Responsibilities
  • 3.2.1 Creation and Implementation of Policies and Standards
  • 3.2.2 Compliance with Policies and Standards
  • 3.3 Information Security Awareness Program
  • 3.3.1 Frequency
  • 3.3.2 Media
  • 3.4 Information Security Program Infrastructure
  • 3.4.1 Information Security Steering Committee
  • 3.4.2 Assignment of Information Security Responsibilities
  • 3.4.2.1 Senior Management
  • 3.4.2.2 Information Security Management
  • 3.4.2.3 Business Unit Managers
  • 3.4.2.4 First Line Supervisors
  • 3.4.2.5 Employees
  • 3.4.2.6 Third Parties

Module 4 – Information Security Policies

  • 4.1 Policy Is the Cornerstone
  • 4.2 Why Implement an Information Security Policy
  • 4.3 Corporate Policies
  • 4.4 Organizationwide (Tier 1) Policies
  • 4.4.1 Employment
  • 4.4.2 Standards of Conduct
  • 4.4.3 Conflict of Interest
  • 4.4.4 Performance Management
  • 4.4.5 Employee Discipline
  • 4.4.6 Information Security
  • 4.4.7 Corporate Communications
  • 4.4.8 Workplace Security
  • 4.4.9 Business Continuity Plans (BCPs)
  • 4.4.10 Procurement and Contracts
  • 4.4.11 Records Management
  • 4.4.12 Asset Classification
  • 4.5 Organizationwide Policy Document
  • 4.6 Legal Requirements
  • 4.6.1 Duty of Loyalty
  • 4.6.2 Duty of Care
  • 4.6.3 Federal Sentencing Guidelines for Criminal Convictions
  • 4.6.4 The Economic Espionage Act of 1996
  • 4.6.5 The Foreign Corrupt Practices Act (FCPA)
  • 4.6.5 Sarbanes–Oxley (SOX) Act
  • 4.6.6 Health Insurance Portability and Accountability Act (HIPAA)
  • 4.6.7 Gramm–Leach–Bliley Act (GLBA)
  • 4.7 Business Requirements
  • 4.8.1 Policy
  • 4.8.2 Standards
  • 4.8.3 Procedures
  • 4.8.4 Guidelines
  • 4.9 Policy Key Elements
  • 4.10 Policy Format
  • 4.10.1 Global (Tier 1) Policy
  • 4.10.1.1 Topic
  • 4.10.1.2 Scope
  • 4.10.1.3 Responsibilities
  • 4.10.1.4 Compliance or Consequences
  • 4.10.1.5 Sample Information Security Global Policies
  • 4.10.2 Topic-Specific (Tier 2) Policy
  • 4.10.2.1 Thesis Statement
  • 4.10.2.2 Relevance
  • 4.10.2.3 Responsibilities
  • 4.10.2.4 Compliance
  • 4.10.2.5 Supplementary Information
  • 4.10.3 Application-Specific (Tier 3) Policy

Module 5 – Asset Classification

  • 5.1 Introduction
  • 5.2 Overview
  • 5.3 Why Classify Information?
  • 5.4 What Is Information Classification?
  • 5.5 Where to Begin?
  • 5.6 Information Classification Category Examples
  • 5.6.1 Example 1
  • 5.6.2 Example 2
  • 5.6.3 Example 3
  • 5.6.4 Example 4
  • 5.7 Resist the Urge to Add Categories
  • 5.8 What Constitutes Confidential Information
  • 5.8.1 Copyright
  • 5.9 Employee Responsibilities
  • 5.9.1 Owner
  • 5.9.1.1 Information Owner
  • 5.9.2 Custodian
  • 5.9.3 User
  • 5.10 Classification Examples
  • 5.10.1 Classification: Example 1
  • 5.10.2 Classification: Example 2
  • 5.10.3 Classification: Example 3
  • 5.10.4 Classification: Example 4
  • 5.11 Declassification or Reclassification of Information
  • 5.12 Records Management Policy
  • 5.12.1 Sample Records Management Policy
  • 5.13 Information Handling Standards Matrix
  • 5.13.1 Printed Material
  • 5.13.2 Electronically Stored Information
  • 5.13.3 Electronically Transmitted Information
  • 5.13.4 Record Management Retention Schedule
  • 5.14 Information Classification Methodology
  • 5.15 Authorization for Access
  • 5.15.1 Owner
  • 5.15.2 Custodian
  • 5.15.3 User

Module 6 – Access Control

  • 6.1 Business Requirements for Access Control
  • 6.1.1 Access Control Policy
  • 6.2 User Access Management
  • 6.2.1 Account Authorization
  • 6.2.2 Access Privilege Management
  • 6.2.3 Account Authentication Management
  • 6.3 System and Network Access Control
  • 6.3.1 Network Access and Security Components
  • 6.3.2 System Standards
  • 6.3.3 Remote Access
  • 6.4 Operating System Access Controls
  • 6.4.1 Operating Systems Standards
  • 6.4.2 Change Control Management
  • 6.5 Monitoring System Access
  • 6.5.1 Event Logging
  • 6.5.2 Monitoring Standards
  • 6.5.3 Intrusion Detection Systems
  • 6.6 Cryptography
  • 6.6.1 Definitions
  • 6.6.2 Public Key and Private Key
  • 6.6.3 Block Mode, Cipher Block, and Stream Ciphers
  • 6.6.4 Cryptanalysis
  • 6.7 Sample Access Control Policy

Module 7 – Physical Security

  • 7.1 Data Center Requirements
  • 7.2 Physical Access Controls
  • 7.2.1 Assets to be Protected
  • 7.2.2 Potential Threats
  • 7.2.3 Attitude toward Risk
  • 7.2.4 Sample Controls
  • 7.3 Fire Prevention and Detection
  • 7.3.1 Fire Prevention
  • 7.3.2 Fire Detection
  • 7.3.3 Fire Fighting
  • 7.4 Verified Disposal of Documents
  • 7.4.1 Collection of Documents
  • 7.4.2 Document Destruction Options
  • 7.4.3 Choosing Services
  • 7.5 Agreements
  • 7.5.1 Duress Alarms
  • 7.6 Intrusion Detection Systems
  • 7.6.1 Purpose
  • 7.6.2 Planning
  • 7.6.3 Elements
  • 7.6.4 Procedures
  • 7.7 Sample Physical Security Policy
 

 

 
 
Item added to wishlist View Wishlist
Item removed from wishlist
Item added to cart View Cart
WhatsApp
Shopping Cart
Close
Cart
  • No products in the cart.
Your cart is currently empty.
Please add some products to your shopping cart before proceeding to checkout.
Browse our shop categories to discover new arrivals and special offers.