|
Provided by: Security University QNSP Qualified Security Policy Administrator SOA Security ArchitectTraining, Instruction and Documentation |
 |
Training
Provided by Security University
How to architect, implement and secure your infrastructure with new NetCentric security SOA architecture, technologies and security usage policies & strategies to raise the level of information security and assurance in your organization.
Learn how to build a program to reduce the Human Security gap in your company. Today's security policies need to build awareness of the potential problems while minimizing the cost of security incidents. Learn how to build a repeatable security architecture for web services, and create users policies that are well developed and accepted by all to raise the level of information security awareness in your enterprise.
After completing the security polices its time to bring the whole network together and deliver a secure infrastructure. You'll merge today's security technologies into your network with the assurance that your layering defense tactics and providing early warning systems. Bring together the separate, tactical, diverse parts of your network with the services, mechanisms, and objects that reflect security policies, business functions, and technologies into a process involving risk assessment, policy, awareness, technology and security management, and audit functions.
|
|
||||||||||
QNSP Qualified Security Policy Administrator SOA Security Architect
Goals of Netcentric Operations
Identify the Components of a Basic SOA
Define Services Capable of Contributing to an SOA
Define a Security Business Model for SOA Development
Map Security Requirements to Specific Functions of an SOA
Develop a SOA SSAA and Appendixes
Determining your organization's needs and recurring structure
ROI and policies
Creating manuals for implementation
Maintaining security awareness and compliance
Defining an information security architecture
Critical information security domains
Determining your organizational needs
People, policy, process, and technology
Component dependencies
Information security program layers
Technical architecture models
Advanced Security Architecture Discussion
Awareness and training
Governance, compliance, and audit
Perimeter protection and countermeasures
Authentication, authorization, and accounting
Systems audit and event monitoring
Data availability, integrity, and confidentiality
Incident escalation and response
Operations, administration, and maintenance security
Application development and integration security
Continuity and recovery planning
Information collection and amalgamation
Baseline assessments
Conducting reviews of existing infrastructure and processes
Performing gap analysis and risk assessments
Understanding synergistic relationships policy, procedures, standards, and guidelines
Creating the architecture framework designs logical, physical, process flow
Creating an integration roadmap budgets, scheduling
Security Policies
Phase I Establishing the Basics
What you'll need to know, and the organizational needs and practices you'll need to consider, when developing your overall security strategy.
Defining policies, standards, and procedures
Managing an information security program
Determining organizational needs
Government and commercial publications available
Organizing the process
Creating workable information security policies
ROI and policies
Baseline assessments
Policies, procedures, and standards in a changing environment
Creating the Security Policies and Procedures Manual (SPPM)
Creating the Security Administrator Manual (SAM) requirements outline
Applying the principles: creating policy teams, writing and testing the policies, standards, and procedures
Management approval process
Awareness, training, and the difference between them
Getting the word out
Changing behavior
Finding allies
Monitoring and maintaining the program
Phase IV
Goals of Netcentric Operations
Identify the Components of a Basic SOA
Define Services Capable of Contributing to an SOA
Identify Communications Types of an SOA
Understanding How Users Interact With a SOA
Define a Security Business Model for SOA Development
Map Security Requirements to Specific Functions of an SOA
Develop a SOA SSAA and Appendixes
In-Class Exercises
Special explorations designed to give you hands-on experience with the information security tools you'll need to achieve your goals.
Defining the enterprise environment
Determining organizational policy needs
Creating organizational policies
Security policies, standards, and procedures in a changing environment
Developing an Advanced Awareness Program
Integration Strategies
Information security roles and responsibilities
Logistics planning
Technology vs. process
Effective change management practices
Executing pilot programs and proofs-of-concept
Business process reengineering
Establishing the continual information security program
Defining the enterprise environment
Establishing a case-study enterprise and performing a gap analysis
Creating a complete information security program for the enterprise
Creating a technology comparison matrix
Designing & configuring an advanced security architecture to match your technology
Key topics:
Who should attend:
CIOs with responsibility over information security, Network Administrators, Information Security Architects, Auditors, Consultants, and all others seeking to plan, implement, and manage an advanced information security policy program
Course agenda:
Security Architecture Component Review
Advanced Security Architecture Discussion
Building the Plan
Security Policies
Phase I Establishing the Basics
What you'll need to know, and the organizational needs and practices you'll need to consider, when developing your overall security strategy.
Phase II Beyond the Basics: Real Life
After mastering the basics of creating an information security policy, what comes next? Translating theory and strategy into workable programs, procedures, and standards that can stand up to the constantly changing demands of the real world.
Phase III Advanced Awareness Programs
Even the best-laid information security policy isn't worth the paper it's printed on if no one pays attention to it. Learn how to ensure your policies are implemented from top to bottom, throughout your organization.
Phase IV
In-Class Exercises
Special explorations designed to give you hands-on experience with the information security tools you'll need to achieve your goals.
Integration Strategies
In-Class Exercises
About The Training Provider: Security University
Security University - Security University is the leading provider of Q/ISP Qualified Information Security Professional - the only Tactical Hands-on Security Skills Certifications for IT Security Professionals in the world. Get 8570 & CND certified to validate your tactical security testing, analyst & penetration tester, Forensics skills. All classes CPE & GI BILL approved. SU is a Microsoft SDL Pro Partner.
...
