Welcome to Etisalat Academy Our Training Couses 2006 Special Events Online Courses eCompetency Centre Training Courses

quick find
Seminars
(ISC)2 is committed to maintaining and administering training about the CISSP and SSCP information security [IS] Common Body of Knowledge [CBK]. Seminars are held regularly worldwide to ensure IS professionals have an opportunity to review the CISSP and SSCP CBK in-depth, in preparation for certification examinations and to stay current on the ever-evolving domains within the information security industry.
The level of knowledge required in order to pass the exam is high. The CISSP Certification exam is a six-hour process that consists of 250, multiple-choice questions, each having four possible answers (only one of the answers is most correct). The SSCP Certification examination consists of 125 multiple-choice questions. Candidates have up to 3 hours to complete the examination.
For more information on the seminars available, simply click on any of the following.

CISSP CBK Review Seminars

SSCP CBK Review Seminars

Commmon Body of knowledge

The Common Body of Knowledge [CBK] is a compilation and distillation of all security information collected internationally of relevance to Information Security [IS] professionals. With no industry standards for such knowledge, (ISC)2 was formed, in part, to aggregate, standardize and maintain such information.
(ISC)2 works to ensure that accomplished and experienced IS professionals with CISSP Certification have a working knowledge of all ten domains of the CBK:
  • Security Management Practices
  • Security Architecture and Models
  • Access Control Systems & Methodology
  • Application Development Security
  • Operations Security
  • Physical Security
  • Cryptography
  • Telecommunications, Network, & Internet Security
  • Business Continuity Planning
  • Law, Investigations, & Ethics
About the (ISC)2 CISSP CBK Review Seminar
The Review Seminar is the most comprehensive, complete review Seminar discussing the entire information system security common body of knowledge. The benefit of the review seminar is, of Seminar, to help the individual prepare for exam. However, it also serves as a very good learning tool for concepts and topics, known as the Common Body of Knowledge (CBK), related to all aspects of information systems security.
  • This is THE ONLY PROGRAM endorsed by (ISC)2 (the organization that created and manages the CISSP certification) to familiarize you with the CISSP CBK
  • The (ISC)2 CISSP 5-Day is available, it's benefits include:
    • 5, 8 hour days
    • The first and only official (ISC)2 Practice CISSP Exam!!!
    • Practice Exam Evaluation.
    • 100% revised, updated or new material.
    • Extensive work from CISSPs, (ISC)2 Instructors and Subject Matter Experts in developing material and presentation.
    • Identifies topic areas students should study for exam preparation.
    • Provides an overview of the scope of the field.
CISSP CBK Review Seminar Structure
CISSP CBK s are held Worldwide. The 5-day schedule is most often Monday to Friday. The following ten domains are covered in these modules.
  • Security Management Practices
  • Security Architecture and Models
  • Access Control Systems & Methodology
  • Application Development Security
  • Operations Security
  • Physical Security
  • Cryptography
  • Telecommunications, Network, & Internet Security
  • Business Continuity Planning
  • Law, Investigations, & Ethics
The Review Seminar is the most comprehensive, complete discussing the entire information system security common body of knowledge. The benefit of the is, of Seminar, to help the individual prepare for the exam. However, it also serves as a very good learning tool for concepts and topics, known as the Common Body of Knowledge (CBK), related to all aspects of information systems security.
The CBK is the compilation and distillation of all information systems security material collected internationally of relevance to information system security professionals.
CBK Review Seminars are held regularly worldwide to ensure information system security professionals have an opportunity to review the CBK in-depth, in preparation for certification examinations and to stay current on the ever-evolving domains within the information system security field.
  • High-level review of the main topics.
  • Identifies topic areas students should study for exam preparation.
  • Provides an overview of the scope of the field.
A discussion of the topics, subtopics, and sub-subtopics of the CBK domains is provided during the five days. The material has been redesigned and updated to reflect the latest information system security issues, concerns, and countermeasures.
An overview of the topics, subtopics, and sub-subtopics of the ten CBK domains are discussed during the five days. The curriculum for the CISSP seminar is under continuous review, ensuring current information relevant to the ten CBK domains below. For additional details on the CBK, download a copy of the CISSP Study Guide.
The following topics are presented:
  • Security Management Practices - Security management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines.
    Management tools such as data classification and risk assessment/analysis are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented.
  • Security Architecture and Models - The Security Architecture and Models domain contains the concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of availability, integrity, and confidentiality.
  • Access Control Systems and Methodology - Access controls are a collection of mechanisms that work together to create a security architecture to protect the assets of the information system.
  • Application Development Security - This domain addresses the important security concepts that apply to application software development. It outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security.
  • Operations Security - Operations Security is used to identify the controls over hardware, media, and the operators and administrators with access privileges to any of these resources. Audit and monitoring are the mechanisms, tools, and facilities that permit the identification of security events and subsequent actions to identify the key elements and report the pertinent information to the appropriate individual, group, or process.
  • Physical Security - The physical security domain provides protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources.
  • Cryptography - The cryptography domain addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity.
  • Telecommunications, Network, and Internet Security -

The telecommunications, network, and Internet security domain discusses the:

  • Network Structures
  • Transmission methods
  • Transport formats
  • Security measures used to provide availability, integrity, and confidentiality
  • Authentication for transmissions over private and public communications networks and media.
    Business Continuity Planning - The Business Continuity Plan (BCP) domain addresses the preservation and recovery of business operations in the event of outages.
    Law, Investigations, and Ethics - The Law, Investigations, and Ethics domain addresses:
    • Computer crime laws and regulations
    • The measures and technologies used to investigate computer crime incidents

Even though the curriculum and CBK were developed in the United States, the material does not boast a definite US flavor. In fact, the material, as well as the exam, focuses on international issues.

About the SSCP CBK Review Seminar

In support of candidates pursuing the SSCP Certification, (ISC)2 Institute is announcing the release and delivery of a new SSCP CBK, which will be delivered worldwide throughout 2003. This SSCP CBK was developed by (ISC)2 Institute and selected subject matter experts to provide SSCP candidates with a comprehensive overview of the SSCP domains. In addition, the SSCP CBK provides an overview of the critical concepts and key topic areas within the seven (7) SSCP domains.

 

(ISC)2 SSCP CBK Review Seminar Launch
This is in direct response to the growing demand for training & certification at the practitioner level within Information Security. Consider this for your staff as a means to increase their competence and quality.

 

A new seminar provides an intensive review
(ISC)2 developed the Systems Security Certified Practitioner credential to fulfill a vital need. SSCP accreditation provides information security personnel and their employers with international credibility. It also gives their employers a reliable measure of exceptional professional competence. As the demand for SSCP certification has more than doubled in the past year, (ISC)2 has responded with a three-day training program tailored specifically to its knowledge requirements.

 

SSCP CBK Review Seminar Structure

During this three-day program, SSCP candidates will:

  • Complete a high-level overview of the seven SSCP Common Body of Knowledge (CBK) domains.
  • Prepare for the SSCP exam by reviewing critical elements of each CBK domain.
  • Survey the spectrum of understanding that distinguishes a certified IT security practitioner.

Up-to-date insights into real-world issues.
The curriculum for the SSCP seminar is under continuous review, ensuring current information relevant to the seven CBK domains below

  • Access Control
    Access control policies, standards, and procedures are typically created by IT Security Managers to define what users can do, which resources they can access, and what operations they can perform on a system. From these defined policies and standards, access control procedures are implemented by Network and System Administrators who have the ability to grant access, limit access, and monitor which users have access to particular systems. Access controls define what level of access and the method of access that users can have to specific systems and information. This domain requires the SSCP candidate to demonstrate knowledge in how different access control systems operate and are implemented to protect the systems and its data.
  • Administration
    Security Administration entails the identification of an organization's information assets and the documentation required for the implementations of policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability.     This domain requires the SSCP candidate to demonstrate knowledge in privacy issues, data classification, data integrity, audit, organizational roles and responsibilities, frameworks for policies, standards, guidelines and procedures, security awareness and change management as it pertains to IT security responsibilities.
  • Audit and Monitoring
    The Audit function and responsibility provides IT security management with the ability to determine if the system is implemented and accessed in accordance with the defined IT policies, standards, guidelines, and procedures. The SSCP candidate is required to understand the audit elements whether they are audited internally or externally during a formal audit review. The Monitoring function and responsibility is an activity responsible for the collection of information that can be used to identify security breaches or events, classify the severity of the security breach or event, and then implement the appropriate response based on the monitoring and collection of data pertaining to the security breach or event. The SSCP candidate is required to demonstrate knowledge in the various methods data collection, including data logging, sampling and reporting, and system access monitoring.
  • Risk, Response, and Recovery
    Risk management is the identification, measurement and control of loss associated with uncertain events. It includes overall security review, risk analysis, selection and evaluation of safeguards, cost benefit analysis, management decisions, safeguard implementations, and effectiveness review. The SSCP candidate is required to demonstrate knowledge in risk management including risk analysis, threats, vulnerabilities, asset identification and risk management tools and techniques.
  • Cryptography
    Cryptography is concerned with the protection of information by modifying the information using encryption techniques to disguise that information to ensure its integrity, confidentiality, authenticity, and non-repudiation. Cryptanalysis is the reverse side of cryptography, where it is concerned with recovering the information in its original form. The SSCP candidate is required to demonstrate knowledge in cryptography, public and private key algorithms in terms of their application and use, algorithm constructs and mathematics used in cryptography, key distribution and management, and methods of attack. In addition, the SSCP candidate must have a sound understanding of cryptography applications, construction and use of digital signatures to provide authenticity of electronic transactions and non-repudiation of the parties involved.
  • Data Communications
    Data communications encompasses the network structure, transmission methods and techniques, transport formats and security measures used to maintain the integrity, availability, authentication, and confidentiality of the transmitted information over both private and public communication networks. The SSCP candidate is required to demonstrate knowledge in data communications and network security for all IT infrastructure elements such as local area networks (LANs), wide area networks (WANs), TCP/IP, remote access, internet/intranet/extranets, VPNs, firewalls, intrusion detection, and securing IT infrastructures. Particular attention on inherent security features as well as security limitations for the IT infrastructure elements must also be understood by the SSCP candidate.
  • Malicious Code
    Malicious code addresses computer code that can be described as being malicious or destructive to the computing environment. This includes viruses, worms, logic bomb, Trojan horses, and other related deviants. The SSCP candidate is required to demonstrate knowledge in the concepts of malicious code, types of malicious code threats, how malicious code is introduced into the environment, and various protection and recovery methods. Particular attention on recent virus and malicious code threats with specific countermeasures and prevention techniques will be presented.

 

HOME CONTACT US PRIVACY

Copyright 2010 © Etisalat Academy