Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

Managing Risk in Information Systems

Learn how to manage and reduce IT-associated risks.

GK# 3432

Course Overview

TOP

This course provides a unique, in-depth look at how to manage and reduce IT-associated risks. You will learn about the Systems Security Certified Practitioner (SSCP) risk, response, and recovery domain in addition to risk management and its implications on IT infrastructures and compliance. Using examples and exercises, this course incorporates hands-on activities related to fundamentals of risk management, strategies, and approaches for mitigating risk. You will also learn how to create a plan that reduces risk. Additional course assets include case scenarios and handouts and eBook (via CourseSmart).

Certification:

This course, written by Darril Gibson, author of the book CompTIA Security +: Get Certified, Get Ahead, covers content within the following industry certification exams:

  • Certified Information Systems Security Professional (CISSP) - two content domains covered
  • Security + - "Compliance and Operational Security" domain covered
  • System Security Certified Practitioner (SSCP) - "Risk, Response, and Recovery" domain covered
  • National Institute of Standards and Technology (NIST) - "Incident Response" domain covered
  • 8570.01 - "Compliance and Operational Security" domain covered

What You'll Learn

TOP
  • Basic concepts of and need for risk management
  • Compliancy laws, standards, best practices, and policies of risk management
  • Components of an effective organizational risk management program
  • Techniques for identifying relevant threats, vulnerabilities, and exploits
  • Risk mitigation security controls
  • Concepts for implementing risk mitigation throughout an organization
  • Perform a business impact analysis for a provided scenario
  • Create a business continuity plan (BCP) based on the findings of a given risk assessment for an organization
  • Create a disaster recovery plan (DRP) based on the findings of a given risk assessment for an organization
  • Create a computer incident response team (CIRT) plan for an organization in a given scenario

Outline

TOP
Viewing outline for:

Classroom Live Outline

1. Risk Management Business Challenges

  • Risk Management Fundamentals
  • Managing Risk: Threats, Vulnerabilities, and Exploits
  • Maintaining Compliance
  • Developing a Risk Management Plan

2. Mitigating Risk

  • Defining Risk Assessment Approaches
  • Performing a Risk Assessment
  • Identifying Assets and Activities to Be Protected
  • Identifying and Analyzing Threats, Vulnerabilities, and Exploits
  • Identifying and Analyzing Risk Mitigation Security Controls
  • Planning Risk Mitigation Throughout the Organization
  • Turning Your Risk Assessment into a Risk Mitigation Plan

3. Risk Mitigation Plans

  • Mitigating Risk with a Business Impact Analysis
  • Mitigating Risk with a Business Continuity Plan
  • Mitigating Risk with a Disaster Recovery Plan
  • Mitigating Risk with a Computer Incident Response Team Plan

Labs

TOP
Viewing labs for:

Classroom Live Labs

Lab 1: How to Identify Threats and Vulnerabilities in an IT Infrastructure

Lab 2: Align Threats and Vulnerabilities to the COBIT P09 Risk Management Controls

Lab 3: Define the Scope and Structure of an IT Risk Management Plan

Lab 4: Perform a Qualitative Risk Assessment for an IT Infrastructure

Lab 5: Identify Risks, Threats, and Vulnerabilities in an IT Infrastructure Using Zenmap GUI (Nmap) and

NessusĀ® Reports

Lab 6: Develop a Risk Mitigation Plan Outline for an IT Infrastructure

Lab 7: Perform a Business Impact Analysis for a Mock IT Infrastructure

Lab 8: Develop an Outline for a Business Continuity Plan for an IT Infrastructure

Lab 9: Develop Disaster Recovery Back-up Procedures and Recovery Instructions

Lab 10: Create a CIRT Response Plan for a Typical IT Infrastructure

Who Should Attend

TOP
  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • People who decide which information technology and cybersecurity products to acquire for their organization

Follow-On Courses

TOP
Course Delivery

This course is available in the following formats:

Classroom Live

Receive face-to-face instruction at one of our training center locations.

Duration: 5 day

Virtual Classroom Live

Experience expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 5 day

Request this course in a different delivery format.
Enroll