(ISC)2 Securing Information Systems Before and After an Incident
The tongue-in-cheek title alludes to the facts that legacy systems seldom disappear overnight, technology choices consolidate and expand in a cyclic nature and regulatory influence is increasing along with the capabilities of those attacking the systems. The net result is often a collection of workarounds that have implications on the CIA triad elements.
Securing information systems requires an understanding of the current and evolving threat landscape as well as foundational knowledge of network technology and system designs often encountered in organizations. This course will combine lecture, demo and interactive exercises that examine how to overlay threat knowledge and governance requirements onto the I.T. systems as they are presently implemented, then determine gaps and realistic options for security protection, system monitoring and incident response.
Starting with a focus on the most common technology stack and architectural solutions followed by market and regulatory pressures, the landscape a security professional is likely to be protecting is defined. Developing a defendable security program also requires credible knowledge about threats faced by the organization both externally and internally, whether it is hacktivism or mobile devices. Current tools and techniques used to attack applications and the underlying systems will be discussed and demonstrated during this class, as well as providing guidance on threat modeling that can be used back at the office.
Existing security control technology categories from file integrity to web application and between will be examined at both the capability and deployment consideration level. Guidance around implementing operational security activities like vulnerability management and event monitoring is another key element to this one day course. The day will finish with details about current and leading digital forensic practices and designing information system security to support a forensic investigation in the event it is required.
SANS Hosted are a series of classes presented by other educational providers to complement your needs for training outside of our current course offerings.
*CPE/CMU credits not offered for the SelfStudy delivery method