IT Security & Wireless Courseware for Training Centres and Professionals

CEP

 
  • EC-Council E-Business Security (212-25)
    •  
  • EC-Council E-Business Security Outline (212-25)
    •  
  • EC-Council E-Business Security Exam (212-25)
    •  

    		  
     EC-Council E-Business Security Outline (212-25)
    « Go Back

    Course Description
    In this course you will explore the security technique fundamentals involved in minimizing E-Business security risks. This course introduces you to concepts such as securing Web clients, servers, and communications. It also investigates the use of firewalls and digital certificates, and concludes with a look at legal issues including how to respond when security has been breached.

    Who Should Attend
    • Anyone who are interested in learning about security in e-Business framework.

    Duration:
    3 days (9:00 - 5:00)

    Certification
    The e-Business certification exam will be conducted at the last day of the training. Students need to pass the online Prometric exam to receive the CEP certification.

    Course Outline v2

    Module 1: Introduction to Information Security
    • Understand what information security is and how it came to mean what it does today.
    • Comprehend the history of computer security and how it evolved into information security.
    • Understand the key terms and critical concepts of information security as presented in the chapter.
    • Outline the phases of the security systems development life cycle.
    • Understand the role professionals involved in information security in an organizational structure.

    Module 2: The Need for Security
    • Understand the business need for information security.
    • Understand a successful information security program is the responsibility of an organization's general management and IT management.
    • Understand the threats posed to information security and the more common attacks associated with those threats.
    • Differentiate threats to information systems from attacks against information systems.

    Module 3: Legal, Ethical & Professional Issues in Information Security
    • Use this chapter as a guide for future reference on laws, regulations, and professional organizations.
    • Differentiate between laws and ethics.
    • Identify major national laws that relate to the practice of information security.
    • Understand the role of culture as it applies to ethics in information security.

    Module 4: Risk Management: Identifying and Assessing Risk
    • Define risk management and its role in the SecSDLC
    • Understand how risk is identified
    • Assess risk based on the likelihood of occurrence and impact on an organization
    • Grasp the fundamental aspects of documenting risk identification and assessment

    Module 5: Risk Management: Assessing and Controlling Risk
    • Recognize why risk control is needed in today's organizations
    • Know the risk mitigation strategy options for controlling risks
    • Identify the categories that can be used to classify controls
    • Be aware of the conceptual frameworks that exist for evaluating risk controls, and be able to formulate a cost benefit analysis when required
    • Understand how to maintain and perpetuate risk controls

    Module 6: Blueprint for Security
    • Understand management's responsibilities and role in the development, maintenance, and enforcement of information security policy, standards, practices, procedures, and guidelines
    • Understand the differences between the organization's general information security policy and the requirements and objectives of the various issue-specific and system-specific policies.
    • Know what an information security blueprint is and what its major components are.
    • Understand how an organization institutionalizes its policies, standards, and practices using education, training, and awareness programs.
    • Become familiar with what viable information security architecture is, what it includes, and how it is used.

    Module 7: Planning for Continuity
    • Know what contingency planning is and how incident response planning, disaster recovery planning, and business continuity plans are related to contingency planning.
    • Understand the elements that comprise a business impact analysis and the information that is collected for the attack profile.
    • Recognize the components of an incident response plan.

    Module 8: Security Technology
    • Define and identify the various types of firewalls.
    • Discuss the approaches to firewall implementation.
    • Discuss the approaches to dial-up access and protection.
    • Identify and describe the two categories of intrusion detection systems.
    • Discuss the two strategies behind intrusion detection systems.

    Module 9: Physical Security
    • Understand the conceptual need for physical security.
    • Identify threats to information security that are unique to physical security.
    • Describe the key physical security considerations for selecting a facility site.
    • Identify physical security monitoring components.
    • Grasp the essential elements of access control within the scope of facilities management.
    • Understand the criticality of fire safety programs to all physical security programs.

    Module 10: Implementing Security
    • Understand how the organization's security blueprint becomes a project plan.
    • Understand the numerous organizational considerations that must be addressed by the project plan.
    • Grasp the significant role and importance of the project manager in the success of an information security project.
    • Understand the need for professional project management for complex projects.
    • Take in the technical strategies and models for implementing the project plan.
    • Grasp the nontechnical problems that organizations face in times of rapid change.

    Module 11: Information Security Maintenance
    • Understand the need for the ongoing maintenance of the information security program.
    • Become familiar with recommended security management models.
    • Understand a model for a full maintenance program.
    • Understand key factors for monitoring the external and internal environment.
    • Learn how planning and risk assessment tie into information security maintenance.
    • Understand how vulnerability assessment and remediation tie into information security maintenance.
    • Learn how to build readiness and review procedures into information security maintenance.

    Module 12: Security and Personnel
    • Understand where and how the information security function is positioned within organizations.
    • Understand the issues and concerns about staffing the information security function.
    • Know about the credentials that professionals in the information security field can acquire.
    • Recognize how an organization's employment policies and practices can support the information security effort.
    • Understand the special security precautions necessary for nonemployees.
    • Recognize the need for the separation of duties.
    • Understand the special requirements needed for the privacy of personnel data.
    		 
    My Basket My Basket   0 items in basket
      FEATURED CERTIFICATIONS

    EC-Council Computer Hacking Forensics Investigator v3 (312-49)
    EC-Council Certified Ethical Hacker (312-50)
    EC-Council Certified Security Analyst - Licensed Penetration Tester (412-79)
    EC-Council Certified Security Analyst - Licensed Penetration Tester (412-79)


    CEH | CHFI | CISSP | CWNA | CWSP | CWNE | CWNT | Wireless#
    SSR-i Ltd © Copyright 2008   All rights reserved  Terms and Conditions