CSLO - Certified Security Leadership Officer

$3,750.00
Start Date Time Days Price GTR Availability
June 05, 2017 09:00 (EST) 5 $3,750.00 Register

Course Overview

The Certified Security Leadership Officer was designed for mid to C level managers as well as any engineers who seek to increase their knowledge in the security arena. The C)SLO coursewas designed to give management an essential understanding of current security issues, best practices, and technology. Because a security officer or manager understands the value of security, he or she is prepared to manage the security component of an information technology security projects.

 

A C)SLO candidate can be seen as the bridge between the cyber security team and operations as well as business management.

Essentials topics covered in this management track are extremely detailed and include the following: Network Fundamentals and Applications, Hardware Architecture, Information Assurance Foundations, Computer Security Policies, Contingency and Continuity Planning, Business Impact Analysis, Incident Handling, Architect Approaches to Defense in Depth, Cyber Attacks, Vulnerability Assessment and Management, Security Policies, Web Security, Offensive and Defensive Information Warfare, culminating with Management Practicum.

 

Prerequisites:

  • A minimum of 12 months’ professional experience in an IT or management

Student Materials:

  • Student Workbook
  • Student Prep Guide

 

CEU’s: 40

 

WHO SHOULD ATTEND?

  • C – Level Managers
  • IT Managers
  • Cyber Security Engineers
  • Information Owners
  • ISSO’s
  • CISSP students
  • ISO’s

 

UPON COMPLETION

Upon completion, the Certified Security Leadership Officer candidate will not only be able to competently take the CSLO exam but will also be versed in implementing strong security controls and managing an organization with an industry acceptable security posture.

 

EXAM INFORMATION

The Certified Security Leadership Officer exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions.

 

COURSE DETAILS

Module 1- 802.11

Module 2 – Access Control

Module 3 – Computer Forensics and Legalities

Module 4 – Cryptography Applications

Module 5 – Cryptography Algorithms and Concepts

Module 6 – Key Management

Module 7- Cryptosystems

Module 8 – Digital Acquisition

Module 9 – DNS

Module 10 – Disaster Recovery and Business Continuity Planning

Module 11 – Endpoint Security 

Module 12 – Honeypots, Honeynets, Honeytokens, Tarpits, oh my        

Module 13 – IP Terms and Concepts

Module 14 – Logging

Module 15 – Malicious Software

Module 16 – Managing Security Policy

Module 17 – Methods of Attack

Module 18 – Mitnick-Shimomura

Module 19 – Physical Security

Module 20 – Risk Management & Security Frameworks

Module 21 – Security and Organizational Structure

Module 22 – Security Awareness

Module 23 – Steganography

Module 24 – The Intelligent Network – Unified Threat Management (UTM)

Module 25 – Network Infrastructure

Module 26 – Vulnerability Assessment – Outside View

Module 27 – Vulnerability Management – inside view

Module 28- Vulnerability Management- User View

Module 29 – Web Communications

Module 30 – Wireless Advantages and Bluetooth

 

DETAILED MODULE DESCRIPTION

 

Module 1- 802.11            

Overview                           

Airborne Viruses

Types of Wireless

Standards Comparison

Wireless Network Topologies

SSID (Service Set Identity)

Wireless Technologies – Service Set ID

Securing and Protecting Wireless Best Practices

Typical Wired/Wireless Network

802.1X: EAP Types

EAP Advantages/Disadvantages

EAP/TLS Deployment

New Age Protection

New Age Protection

Wireless Security Technologies

MAC Filtering    

Wired Equivalent Privacy

Wireless Technologies – WEP

XOR – Basics

How WPA improves on WEP

How WPA improves on WEP

TKIP

802.11i – WPA2

WPA and WPA2 Mode Types

WPA-PSK Encryption

LEAP

Wireless Security Weaknesses

Weak IV Packets

WEP Weaknesses

The WPA MIC Vulnerability

LEAP Weaknesses

Wireless Threats

NetStumbler

Tool: Kismet

Analysis Tool: OmniPeek Personal

Omni Peek Console

Tool: Aircrack-ng Suite

Tool: Airodump-ng

Tool: Aireplay

DOS: Deauth/disassociate attack

Tool: Aircrack

Aircrack for Windows

Attacking WEP

Attacking WPA

coWPAtty

Exploiting Cisco LEAP

asleap

WiFiZoo

Wesside-ng

Review

 

Module 2 – Access Control          

Role of Access Control

Layers of Access Control

Access Control Mechanism Examples

Access Control Characteristics

Preventive Control Types

Control Combinations

Models for Access

Discretionary Access Control Model

Enforcing a DAC Policy

Mandatory Access Control Model

MAC Enforcement Mechanism – Labels

Where Are They Used?

MAC Versus DAC

Role-Based Access Control (RBAC)

Acquiring Rights and Permissions

Rule-Based Access Control

Access Control Matrix

Access Control Administration

Access Control Mechanisms in Use Today

Strong Authentication

Memory Cards

Smart Card

Administrating Access Control

Accountability and Access Control

Trusted Path

Access Criteria

Fraud Controls

Thin Clients

Administrative Controls

Controlling Access to Sensitive Data

Other Ways of Controlling Access

Technical Access Controls

Physical Access Controls

Accountability

IDS

Network IDS Sensors

Types of IDSs

Behavior-Based IDS

IDS Response Mechanisms

Trapping an Intruder

Access Control Methods

Remote Centralized Administration

RADIUS Characteristics

RADIUS

TACACS+ Characteristics

Diameter Characteristics

Decentralized Access Control Administration Biometrics Technology

Biometrics Enrolment Process

Downfalls to Biometric Use

Biometrics Error Types

Crossover Error Rate (CER)

Biometric System Types

Passwords

Password “Shoulds”

Password Attacks

Countermeasures for Password Cracking

Cognitive Passwords

One-Time Password Authentication

Synchronous Token

Asynchronous Token Device

Cryptographic Keys

Passphrase Authentication

Definitions

More Definitions

Single Sign-on Technology

Different Technologies

Scripts as a Single Sign-on Technology

Directory Services as a Single Sign-on Technology

Kerberos as a Single Sign-on Technology

Kerberos Components Working Together

More Components of Kerberos

Kerberos Authentication Steps

Tickets

Why Go Through All of this Trouble?

Issues Pertaining to Kerberos

SESAME as a Single Sign-on Technology

SESAME Steps for Authentication

 

Module 3 – Computer Forensics and Legalities

Lesson Objectives

The Legal System

State Law & Criminal Incidents

Federal of laws

US Title 18: Fraud Criminal Codes

Case study: Criminal Incidents

Case Study: Criminal Incidents

Case study: Criminal Incidents

Criminal Incidents

International Legal Treaties and Orgs

Civil Incidents

Criminal Incidents

Criminal Incidents

 

Module 4 – Cryptography Applications

Digital Certificates

What Do You Do with a Certificate?

Components of PKI – Repository and CRLs

PGP

Digital Signatures – PGP

IPSEC

IPSec – Network Layer Protection

IPSec Key Management

IPSec Handshaking Process

IPSec Is a Suite of Protocols

IPSec Modes of Operation

IPSec

PKI

Public Key Infrastructure

Why Do We Need a PKI?

PKI and Its Components

Let’s Walk Through an Example

Public Key Infrastructure

Asymmetric Encryption

Public Key Cryptography Advantages

Symmetric versus Asymmetric

SSL/TLS

PPP

VPN

Site-to-Site VPN

www.myspace.com

www.facebook.com

Others From Around the World

Identity Theft and MySpace

 

Module 5 – Cryptography Algorithms and Concepts        

Symmetric Cipher – AES

Crack Times

Crypto and Password Recovery Concepts

Crypto Attacks

Caesar Cipher Example

Polyalphabetic Substitution

Ways of Breaking Cryptosystems

– Brute Force

Attacks on Cryptosystems

Encryption

Cryptographic Definitions

SSH

Attack Vectors

More Attacks (Cryptanalysis)

Type of Symmetric Cipher – Stream Cipher

Characteristics of Strong Algorithms

Block Cipher Modes – CBC

Implementation

Block Cipher Modes – CFB and OFB

DES

Symmetric Ciphers We Will Dive Into

Symmetric Algorithm Examples

Symmetric Algorithms – DES

Evolution of DES

Different Modes of Block Ciphers – ECB

Other Symmetric Algorithms

Symmetric Encryption

Symmetric Encryption

Symmetric Downfalls

Symmetric Algorithms

SSL/TLS

ECC

ECC

Quantum Cryptography

Asymmetric Algorithm Examples

Asymmetric Algorithms We Will Dive Into

Asymmetric Algorithm – RSA

U.S. Government Standard

Asymmetric Encryption

 

Module 6 – Key Management   

Using the Algorithm Types Together

Hybrid Encryption

Strength of a Cryptosystem

Symmetric Key Management Issue

Now What?

Key Management

IPSec Key Management

Key Issues Within IPSec

OPSEC

OPSEC

Types of Ciphers Used Today

Type of Symmetric Cipher – Block Cipher

S-Boxes Used in Block Ciphers

Type of Symmetric Cipher – Stream Cipher

Encryption Process

Symmetric Characteristics

Strength of a Stream Cipher

Let’s Dive in Deeper

Block Cipher Modes – CFB and OFB

Implementation

Attack Vectors

More Attacks (Cryptanalysis)

ROT – 13

ROT – 13

MD5 Collision Creates Rogue Certificate Authority

SSL/TLS

SSL Connection Setup

SSL Hybrid Encryption

SSH

XOR

 

Module 7- Cryptosystems          

Introduction

Encryption

Cryptographic Definitions

Encryption Algorithm

Implementation

Hashing

Common Hash Algorithms

Birthday Attack

Example of a Birthday Attack

Generic Hash Demo

Instructor Demonstration

Security Issues in Hashing

Hash Collisions

MD5 Collision Creates Rogue Certificate Authority

Digital Signatures

Asymmetric Encryption

Public Key Cryptography Advantages

Asymmetric Algorithm Disadvantages

Asymmetric Algorithm Examples

Symmetric Encryption

Symmetric Encryption

Symmetric Downfalls

Symmetric Algorithms

Crack Times

 

Module 8 – Digital Acquisition  

Digital Acquisition Copy – Original 

Digital Acquisition – Duplication

Digital Acquisition Procedures

DC3 Operations

DCFL Terabytes, Time, & Totals

Digital Forensic Analysis Tools

Forensic Toolkit (FTK)™

EnCase™

I-Look Investigator™

ProDiscover DFT™

 

Module 9 – DNS               

Domain Name Registration         

Network Service – DNS

Countermeasure: DNS Zone Transfers

Cache Poisoning

What is DNS spoofing?

Tools: DNS Spoofing

Active Sniffing Methods

ARP Cache Poisoning

ARP Normal Operation

ARP Cache Poisoning

ARP Cache Poisoning (Linux)

Countermeasures

Cybersquatting

Domain Hijacking

Host Names

Hierarchy

Host Table

Nslookup

DNS Databases

Using Nslookup

Dig for Unix / Linux

Protecting Domain Names

(Mis)Uses of Host Tables

 

Module 10 – Disaster Recovery and Business Continuity Planning           

Business Continuity Objectives

Pieces of the BCP

Where Do We Start?

Why Is BCP a Hard Sell to Management?

Agenda

Plan Development Delegated to a Committee

BCP Risk Analysis

How to Identify the Most Critical Company Functions                                  

Interdependencies

Identifying Functions’ Resources

How Long Can the Company Be Without These Resources?

Preventative Measures

What Items Need to Be Considered?

Proper Planning

Executive Succession Planning

Identify Vulnerabilities and Threats

Categories

Loss Criteria

Agenda

Disk Shadowing

Backing Up Over Telecommunication

Serial Lines

HSM

SAN

Co-Location

Agenda

Facility Backups – Hot Site

Facility Backups – Warm Site

Facility Backups – Cold Site

Compatibility Issues with Offsite Facility

Which Do We Use?

Choosing Offsite Services

Subscription Costs

Choosing Site Location

Other Offsite Approaches

Agenda

Results from the BIA

Now What?

Priorities

Plan Objectives

Defining Roles

Environment

Operational Planning

Preventive Measures

Emergency Response

Recovery

Return to Normal Operations

Reviewing Insurance

When Is the Danger Over?

Now What?

Testing and Drills

Types of Tests to Choose From

What Is Success?

BCP Plans Commonly and Quickly

Become Out of Date

Phases of Plan

Who Is Ready?

Review

 

Module 11 – Endpoint Security 

3rd Party Applications

Anti-Virus Limitations

Browser Defense

SSL/TLS

SSL Connection Setup

SSL Hybrid Encryption

SSH

IPSec – Network Layer Protection

IPSec

IPSec

Public Key Infrastructure

Quantum Cryptography

Endpoint Whitelist

Firewalls, IDS and IPS

Firewall – First line of defense

IDS – Second line of defense

IPS – Last line of defense?

Firewalls

Firewall Types: (1) Packet Filtering

Firewall Types: (2) Proxy Firewalls

Firewall Types – Circuit-Level Proxy Firewall

Type of Circuit-Level Proxy – SOCKS

Firewall Types – Application-Layer Proxy

Firewall Types: (3) Stateful

Firewall Types: (4) Dynamic Packet-Filtering

Firewall Types: (5) Kernel Proxies

Firewall Placement

Firewall Architecture Types – Screened Host

Risks of Portable Devices

 

Module 12 – Honeypots, Honeynets, Honeytokens, Tarpits, oh my        

Benefits and Drawbacks

Honeypots Defined

Legal Issues

Trying to Trap the Bad Guy

Companies Can Be Found Liable 

Technologies

Incident Handling and the Legal System                 481

 Chain of Custody and Digital Evidence Collection Objectives

Evidence Collection & Incident Assessment

Identifying an Incident

Steps to handling an Incident

Digital Incident Assessment

Incident Response Checklist

Responding to An Incident

Suggested Guidelines for Securing Digital Evidence

Secure Digital Evidence

Common Incident Handling Mistakes

Securing Digital Evidence Procedure

Chain of Custody

Potential Digital Evidence

Search and Seizure

Incident/Equipment Location

Available Response Resources

Securing Digital Evidence

Digital Evidence Presentation

The Best Evidence Rule

Duplication and Recordings, Evidence Law

 

Module 13 – IP Terms and Concepts       

OSI – Application Layer

Devices Work at Different Layers

Network Devices – Gateway

Data Encapsulation

Protocols – ICMP

Dial-Up Protocol – SLIP

Dial-Up Protocol – PPP

WAN Technologies Are Circuit

or Packet Switched

Packets

Frame

Protocols – ICMP

Port and Protocol Relationship

Example Packet Sniffers

Tool: Wireshark

Tool: OmniPeek

Sniffer Detection using Cain & Abel

Network Protocol

Network Protocol

Protocols

UDP versus TCP

Port and Protocol Relationship

An Older Model

TCP/IP Suite

Traceroute Operation

Traceroute (cont.)

Other Traceroute Tools

IP

IP

Method: Ping

 

Module 14 – Logging      

syslog

Events

 

Module 15 – Malicious Software              

Malware

Types of Malware

Distributing Malware

Malware Capabilities

Auto Starting Malware

Countermeasure: Monitoring Auto-start Methods

Malicious Browser Content

Malware Defense Techniques

Spy Sweeper Enterprise

CM Tool: Port Monitoring Software

CM Tools:  File Protection Software

CM Tool: Windows File Protection

CM Tool: Windows Software

Restriction Policies

Company Surveillance Software

CM Tool: Hardware-based Malware

Detectors

Countermeasure: User Education

Propagation Techniques

Trojan Horse Characteristics

Trojan Horses

Executable Wrappers

Benign EXE’s Historically Wrapped with Trojans

The Infectious CD-Rom Technique

Trojan: Backdoor.Zombam.B

Trojan: JPEG GDI+

All in One Remote Exploit

Advanced Trojans: Avoiding Detection

BPMTK

Virus Types

Types of Malware Cont…

Types of Viruses

Worm Characteristics

 

Module 16 – Managing Security Policy  

Approach to Security Management

Policy Types

Policies with Different Goals

Industry Best Practice Standards

Components that Support the Security Policy

Senior Management’s Role in Security

Security Roles

Information Classification

Information Classification Criteria

Declassifying Information

Types of Classification Levels

Information Classification

Issue Specific Policy

Policy Assessment

Policy Benefits

Policy Development Tools

Security Posture and Culture

 

Module 17 – Methods of Attack

Enumeration Overview

DNS Enumeration

Backtrack DNS Enumeration

SNMP Enumeration Tools

SNMP Enumeration Countermeasures

Active Directory Enumeration   

AD Enumeration countermeasures

Hacking Tool: RootKit

Windows RootKit Countermeasures

Advanced Trojans: Avoiding Detection

Benign EXE’s Historically Wrapped with Trojans

Google and Query Operators

Google (cont.)

SPUD: Google API Utility Tool

Goolag

Denial of Service

Denial of Service

Threat Methodologies (STRIDE)

DDoS Issues

DDoS

Buffer Overflow Definition

Overflow Illustration

Buffer OverFlows

Phishing

Spear Phishing 

E-Mail Links

Logic Bomb

Duronio Case

Attacks

Man-in-the Middle

Replay Attack

SPAM and e-mail Flooding

 

Module 18 – Mitnick-Shimomura                            

IP Address Spoofing

TCP

DoS

 

Module 19 – Physical Security   

Physical Security

Physical Security Checklist

Physical Security Checklist

Items of Interest

Physical Controls

Physical Access

Tool Kit: Picks

Tool Kit: Snap Gun

Tool Kit: Electric Pick

Bump Keying

Lock Picking Countermeasures

Controlling Access

Agenda

Facility Attributes

Electrical Power

Problems with Steady Power Current

Power Interference

Power Preventive Measures

Fire Prevention

Automatic Detector Mechanisms

Fire Detection

Fire Types

Suppression Methods

Fire Suppression

Fire Extinguishers

 

Module 20 – Risk Management & Security Frameworks

Overview

IT Governance Best Practices

IT Risk Management

Types of Risks

Risk Management

Information Security Risk Evaluation

Information Security Risk Evaluation

Improving Security Posture

Risk Evaluation Activities

Risk Assessment

Information Gathering

Information Gathering

Data Classification

Threats and Vulnerabilities

Analytical Methods

Evaluate Controls

Evaluate Controls

Risk Ratings

Important Risk Assessment Practices

Review

Security Incentives & Motivations

Security Incentives & Attack Motivations

Risk Management II

What is Your Weakest Link?

What Is the Value of an Asset?

Examples of Some Vulnerabilities that Are

Not Always Obvious

Categorizing Risks

Some Examples of Types of Losses

Different Approaches to Analyzing Risks

Who Uses What Analysis Type?

Qualitative Analysis Steps

Quantitative Analysis

Can a Purely Quantitative Analysis Be Accomplished?

Comparing Cost and Benefit

Cost of a Countermeasure

Security Frameworks & Compliance

ISO 27002

ISO 27002: Control Components

Review

 

Module 21 – Security and Organizational Structure         

Capacity Analysis

Employee Discipline and Termination

Employee Performance

Employee Retention

Filling Positions

Conflicts of Interest

               

Module 22 – Security Awareness             

Security Awareness Program

4 steps

3 Common Training Models

Security Awareness Goals

Role of metrics

Steps to develop a metrics program

 

Module 23 – Steganography       

Crypto and Password Recovery Background

Steganalysis

Steganography Methods

Injection

Substitution

File Generation

 

Module 24 – The Intelligent Network – Unified Threat Management (UTM)       

UTM product criteria

Firewalls, IDS and IPS

Firewall – First line of defense

IDS – Second line of defense

IPS – Last line of defense?

Firewalls

Firewall Types: (1) Packet Filtering

Firewall Types: (2) Proxy Firewalls

Firewall Types – Circuit-Level Proxy Firewall

DDoS Issues

HIPS

HIPS

Unified Threat Management

Unified Threat Management

Virtualization – Type 1

Type 1 Examples

Virtualization – Type 2

Type 2 Examples

 

Module 25 – Network Infrastructure      

Wikto Web Assessment Tool

Agenda

Network Topologies – Physical Layer

Network Topologies – Mesh

Summary of Topologies

Wireless Technologies – War Driving

TCP Model

TCP/IP Suite

OSI Model

OSI – Application Layer

OSI – Presentation Layer

OSI – Session Layer

OSI – Transport Layer

OSI – Network Layer

OSI – Data Link

OSI – Physical Layer

Wide Area Network Technologies

Voice Over IP

VLAN

Network Segmentation

 

Module 26 – Vulnerability Assessment – Outside View

Basic Hacker Process

Potential Threats, Vulnerabilities, & Risks

What is a Penetration Test

Types of Penetration Testing

Vulnerability Assessment vs Pentest

“Hacking-life-cycle” –  a Methodology

Methodology for Penetration

Testing / Ethical Hacking

Hacker vs. Penetration Tester

Not Just Tools

Exploitation Tools vs. Vulnerability Scanners

Vulnerability Scanners

Nessus

Nessus Report

SAINT

SAINT – Sample Report

Tool: Retina

Qualys Guard

Tool: LANguard

Number of Exploitable Vulnerabilities from NVD Detected

Scan Process Best Practices

Inside, outside and user view

Manager’s Role in Remediation

Risks of non-Remediation

Pentesting in Vulnerability Management

Scanning Techniques

Threat Concerns

Threat Vectors

War Dialing

 

Module 27 – Vulnerability Management – inside view 

Inside view, tools, approach

cisecurity.org

SP 800-40 Version 2.0

 

Module 28- Vulnerability Management- User View       

Peer to Peer Networks

P2P Cautions

Instant Messaging

IM issues

Social engineering

 

Module 29 – Web Communications        

CGI

Wikto Web Assessment Tool

OWASP Top 10 for 2010

Reflected Cross Site Scripting Illustrated

IIS Directory Traversal

Injection Flaws

SQL Injection

Cookies

HTTP

HTTPS

FTP

 

Module 30 – Wireless Advantages and Bluetooth            

Bluetooth Attacks

Cabir Infection

Bluetooth Defenses

Bluetooth & Wireless Comparison