@26777
Welcome to SearchSecurity.com's Security
School Course Catalog. We offer a variety of free
information security training courses you can take on your own time
at your own pace. They each arm you with the foundational and
tactical information you need to deal with the increasingly
challenging job of keeping your organization's information
secure.Select a course from the options below and get
started today!
| FEATURED SECURITY SCHOOL |  |
|  |
| | | | |
Data Protection Security School
In this school, SearchSecurity.com provides information security
professionals with the tools and tactics they need to successfully
secure data throughout the enterprise -- whether in motion or at
rest.
LESSONS:
 Data encryption demystified
NEW What to encrypt,
how to encrypt it and other key considerations.
Featuring Tom Bowers, managing director, Security
Constructs
 Preventing data leakage
NEW Policies and
processes to contain threats from within.
Featuring Richard Bejtlich, founder, Tao
Security
 Enterprise strategies for protecting data at rest
NEW Storage-security
synergies and e-discovery tactics.
Featuring Perry Carpenter, security practitioner, major
telco firm |
|
|
| | | | | | |
OTHER SECURITY
SCHOOLS  |
|
| |
| | | | |
Identity and Access Management Security
School
Explores critical topics to help establish and maintain an
effective enterprise identity and access management plan.
LESSONS:
 Next-generation authentication
NEW Innovative,
cost-effective user authentication approaches.
Featuring Mark Diodati, identity/privacy analyst, Burton
Group
Using IAM tools to improve compliance
How provisioning and password management tools can save money and
ease complexity.
Featuring Tom Bowers, managing director, Security
Constructs
 Endpoint security
Endpoint defense tactics, policy controls and technology
futures.
Featuring Ben Rothke, CISSP
 VPNs and remote access
Innovations in VPN technology, including IPsec VPN identity and
authentication.
Featuring Lisa Phifer, vice president, Core Competence
Inc.
 Automated provisioning
Leveraging directory services and policies, and Active Directory
automated provisioning.
Featuring Laura Hunter, CISSP, MCSE: Security, MCDBA,
Microsoft MVP
 Building an identity and access management
architecture
Foundational IAM, from the role of directories to effectively
establishing approval workflows.
Featuring Richard Mackey, ISACA, CISM,
SystemsExperts
Authentication options
Authentication basics and developing an implementation
strategy.
Featuring Tom Bowers, managing director, Security
Constructs
 Integrating security into the network
A look behind the network/security evolution and how to harness it
as a strategic trend.
Featuring Mike Rothman, president, Security
Incite |
|
|
| | | | | | |
| |
| | | | |
Integration of Networking and Security
School
In this school, SearchSecurity.com and SearchNetworking.com offer
you an in-depth look at how security-related and networking-related
teams, products and processes are affecting enterprise network
security.
LESSONS:
 Using the network to secure the application layer
Protecting Layer 7 with new and existing network assets.
Featuring Michael Cobb, managing director, Cobweb
Applications
 Locking down the endpoint: How NAC can boost host
security
The latest endpoint options for network security.
Featuring Joel Snyder, senior partner, Opus One
 Securing your first remote office: Solutions for less than
$10k
Securing data and devices beyond corporate headquarters.
Featuring David Strom, noted network security
expert/writer/speaker
Fitting security into your network
The convergence of NAC and SSL VPN concepts.
Featuring Lisa Phifer, vice president, Core Competence
Inc.
Mitigating wireless security threats
Protecting the over-the-air network.
Featuring Lisa Phifer, vice president, Core Competence
Inc. |
|
|
| | | | | | |
| |
| | | | |
Messaging Security School
In this school, learn strategies and techniques for keeping email,
IM and mobile device messaging systems secure.
LESSONS:
The changing threat of email attacks
NEW Aligning messaging
defenses to meet tomorrow's challenges.
Featuring Mike Rothman, president, Security
Incite
 Defending mobile devices from viruses, spyware and
malware
Top mobile threat vectors and mobile malware misconceptions.
Featuring Sandra Kay Miller, technical editor,
Information Security
Essential practices for securing mobile devices
Locking down mobile platforms and thwarting emerging threats.
Featuring Lisa Phifer, vice president, Core Competence
Inc.
Secure instant messaging
An IM security overview, plus the latest attacks and safe usage
tips.
Featuring Michael Cobb, managing director, Cobweb
Applications
Countermeasures for malicious email code
Learn how to thwart email malware and future email attacks.
Featuring Tom Bowers, managing director, Security
Constructs
 Securing Microsoft Exchange
Protect Exchange 2003 from spam, malware and Web-based
attacks.
Featuring Lee Benjamin, Microsoft MVP, ExchangeGuy
Consulting |
|
|
| | | | | | |
| |
| | | | |
Intrusion Defense School
Putting the pieces of intrusion defense -- antivirus, antispyware,
IDS/IPS, etc. -- in perspective to help you implement an intrusion
defense strategy that meets your organization's needs.
LESSONS:
Getting started with perimeter defense
Discover what you may not know about intrusion defense.
Security information management
NEW How information/event
management can improve defense posture.
Featuring Tom Bowers, managing director, Security
Constructs
Perimeter security
Getting started with perimeter-based intrusion defense.
Content security
Antivirus and antispyware from architectural and technological
perspectives.
Unified threat management
Introduction to UTM, different technologies and implementation
choices.
ROI of intrusion defense
Estimating costs, working with executives and getting full benefit
from products.
Beyond intrusion defense
Defending a perimeterless network.
 Featured
instructor
Joel Snyder, senior partner, Opus One
Snyder has worked in information security for more than 25
years. |
|
|
| | | | | | |
| |
| | | | |
Compliance School
A comprehensive look at ongoing information security compliance
issues, regulations and practices.
LESSONS:
Compliance improvement: Get better as you go
forward
NEW Mixing technology,
governance and policy for continuous process improvement.
Gauging your SOX progress
Understanding the various SOX-related security standards; SOX
Scorecard.
SOX: Taking action
SOX goals, COSO and COBIT, audits, provisioning, vulnerability
management, and responsibilities.
Understanding compliance-related technology
SOX product requirements, validity and usage.
About the instructor
Featuring Richard Mackey, vice president,
SystemExperts
Mackey, ISACA, CISM, is the former director of collaborative
development for The Open Group. |
|
|
| | | | | | |
| |
| | | | |
CISSP Certification Training School
Benefit from a series of 10 training lessons that explore the
fundamental concepts, technologies and practices of information
systems security. Each lesson corresponds to a subject domain in
the exam's "Common Body of Knowledge" -- the essential elements
each CISSP-certified practitioner must know.
DOMAINS:
Lesson/Domain 1: Security management practices
Security management responsibilities and the core components of
security management.
Lesson/Domain 2: Access control
Identification methods and technologies, biometrics and more.
Lesson/Domain 3: Cryptography
Cryptographic components and their relationships, and government
involvement in cryptography.
Lesson/Domain 4: Security models and architecture
Outlining how security is to be implemented, and the framework and
structure of a security system.
Lesson/Domain 5: Telecommunications and networking
How networks work, how data is transmitted from one device to
another, and how protocols transmit information.
Lesson/Domain 6: Applications and system
development
Different types of software controls and implementations,
change-control methods and more.
Lesson/Domain 7: Business continuity
Critical aspects of availability, including business continuity
planning and disaster recovery.
Lesson/Domain 8: Law, investigations and ethics
Computer crime investigation processes and evidence collection;
incident-handling procedures.
Lesson/Domain 9: Physical security
Administrative, technical and physical controls pertaining to
physical security.
Lesson/Domain 10: Operations security
Administrative and management responsibilities, product evaluation
and operational assurance and change-configuration
management.
 About the
instructor
Featuring Shon Harris, president, Logical
Security
Harris specializes in security education and training, and has
authored two best-selling CISSP training
manuals. |
|
|
| | | | | | |
| |
| | | | |
Email Security School
Tactics for securing your e-mail systems, beginning with the
essentials, moving on to spam and virus defense, and wrapping up
with policy control.
LESSONS:
Email security essentials
Standards-based ways to increase the security of SMTP-based email;
architecture best practices.
Spam and virus mitigation strategies
Spam and virus incident response, including implementing end user
controls and quarantines.
Email policy control
Centralize e-mail security efforts and construct requirements
definitions for e-mail security.
About the instructor
Featuring Joel Snyder, senior partner, Opus One
Snyder has worked in information security for more than 25
years. |
|
|
| | | | | | |
| |
| | | | |
Web Security School
Learn how to harden a Web server and apply countermeasures to
prevent hackers from breaking into a network. Gain tactics for
creating a human firewall to combat problems such as phishing and
spyware.
LESSONS:
Ensuring Web server security
Plan and perform a secure installation of your Web server's
operating system and services.
Pinpointing Web server attacks
What to expect and look for when analyzing an attack on your Web
server.
Secure Web development
Plan and implement Web directory structures and permissions, and
manage Web development.
 About the instructor
Featuring Michael Cobb, managing director, Cobweb
Applications
Cobb co-authored the book IIS Security and has written
numerous technical articles for leading IT
publications. |
|
|
| | | | | | |