O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Mile 2 Certified Information Systems Security Officer (CISSO)

Video Description

Upon completion, Certified Information Systems Security Officer students will not only be able to establish industry acceptable Cyber Security & IS management standards with current best practices but also be prepared to competently take the CISSO exam. The Certified Information Systems Security Officer certification training was a direct initiative of the DND – Department of National Defence of Canada in cooperation with the DOD – Department of Defense of the United States; defined in the dual initiative titled CANUS CDISM MOU - ID#: 1974100118. In the CANUS CDISM MOU, it stated the following: I. The CDRSN National Information System Security Officer (ISSO) is the focal point for all security issues pertaining to this network. II. The Director Information Management Security (DIMSECUR) is the DND authority for security assessment of the CDRSN, including the approval of Interim Authority to Process (IAP) and Authority to Communicate. With these initiatives in mind, Mile2 created the Certified ISSO. The CISSO addresses the broad range of industry best practices, knowledge and skills expected of a security manager/officer. The candidate will learn in-depth theory pertaining to the practical implementation of core security concepts, practices, monitoring and compliance in the full panorama of IS management. Through the use of a risk-based approach, the CISSO is able to implement and maintain cost-effective security controls that are closely aligned with both business and industry standards. Whether you’re responsible for the management of a Cyber Security team, a Security Officer, an IT auditor or a Business Analyst, the C)ISSO certification course is an ideal way to increase your knowledge, expertise, and skill. ACCREDITED by the NSA CNSS 4011-4016 MAPPED to NIST / Homeland Security NICCS's Cyber Security Workforce Framework APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)

Table of Contents

  1. Risk Management
    1. Agenda 00:19:21
    2. Risk Management 00:19:22
    3. Quantitative Analysis 00:19:16
  2. Security Management
    1. Security Management 00:18:00
    2. Enterprise Security Program 00:13:07
    3. Roadmap to Maturity 00:17:28
    4. Human Resources Issues 00:09:39
  3. Authentication
    1. Authentication 00:17:03
    2. Biometrics Error Types 00:18:59
    3. Memory Cards 00:13:28
    4. Issues Pertaining to Kerberos 00:12:18
  4. Access Control
    1. Access Control 00:15:42
    2. Access Control Characteristics 00:20:14
    3. Threats to Access Control 00:06:48
    4. Information Classification 00:09:59
    5. Discretionary Access Control Model 00:14:17
    6. Access Control Administration 00:13:06
  5. Security Models
    1. Security Models and Evaluation Criteria 00:19:22
    2. What Does It Mean to Be in a Specific Ring 00:17:18
    3. Non-Interference Model 00:14:08
    4. ITSEC - Good and Bad 00:10:56
  6. Operations Security
    1. Information Classification 00:18:55
    2. Product Implementation Concerns 00:17:27
    3. Redundant Array of Independent Disk (RAID) 00:16:07
    4. Methodology 00:18:16
  7. Symmetric Cryptography and Hashing
    1. Symmetric Cryptography and Hashing 00:18:43
    2. Historical Uses of Symmetric Cryptography: Vernam Cipher 00:16:43
    3. Information Classification 00:20:13
    4. Symmetric Algorithms - DS 00:23:38
  8. Asymmetric Cryptography and PKI
    1. Asymmetric Cryptography and PKI 00:19:24
    2. Example of Hybrid Cryptography 00:18:19
    3. CA and RA Roles 00:18:26
    4. Link versus End-to-End Encryption 00:18:46
    5. IPSec Handshaking Process 00:16:22
  9. Network Connections
    1. Information Classification 00:19:41
    2. Summary of Topologies 00:19:10
    3. Transmission Types - Number of Recievers 00:18:10
    4. Network Topologies 00:17:33
    5. WAN Technologies - DSL 00:14:10
  10. Network Protocols and Devices
    1. Information Classification 00:17:44
    2. Transport Layer 00:18:44
    3. Repeater 00:21:53
    4. Firewall Types - Circuit - Level Proxy Firewall 00:17:09
    5. TCP/IP Suite 00:16:15
  11. Telephony, VPNs and Wireless
    1. Information Classification 00:18:23
    2. PBX Vulnerabilities 00:12:19
    3. SSL/TLS 00:08:38
    4. Wireless Network Topologies 00:18:03
    5. WPA and WPA2 Mode Types 00:16:00
  12. Security Architecture
    1. Information Classification 00:17:00
    2. Integrated Security is Designed Security 00:19:53
    3. System Functionality 00:12:41
    4. Attacking Through Applications 00:13:25
  13. Software Development Security
    1. Information Classification 00:18:39
    2. Development Methodologies 00:14:06
    3. Security Issues 00:14:52
    4. Linking Through COM 00:17:36
  14. Database Security and System Development
    1. Information Classification 00:19:19
    2. Artificial Intelligence 00:19:40
    3. Virus 00:09:52
    4. DDoS 00:10:57
  15. Malware and Software Attacks
    1. Malware and Attacks 00:16:41
  16. Business Continuity
    1. Information Classification 00:19:48
    2. How to Identify the Most Critical Company Functions 00:13:38
    3. Facility Backups - Hot Site 00:10:17
  17. Disaster Recovery
    1. Disaster Recovery 00:15:08
    2. Recovery Plan 00:23:06
    3. Return to Normal Operations 00:15:03
  18. Incident Management, Law, and Ethics
    1. Information Classification 00:18:21
    2. Intellectual Property Law 00:17:54
    3. Countries Working Together 00:17:21
    4. Privacy of Sensitive Data 00:12:50
  19. Physical
    1. Information Classification 00:18:35
    2. Types of Physical IDS 00:19:30