Get the knowledge and skills you need to lock down your information and information systems
Competency based training for today's cybersecurity professionals
Access Control - Organizations must limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems) and to the types of transactions and functions that authorized users are permitted to exercise.
Certification and Accreditation - Applies principles, policies, and procedures that enable an enterprise to meet applicable information security laws, regulations, standards, and policies to satisfy statutory requirements, perform industry-wide best practices, and achieve information security program goals.
Configuration Management - Organizations must: establish and maintain baseline configurations and inventories of organizational information systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; and establish and enforce security configuration settings for information technology products employed in organizational information systems.
Contingency Planning - Organizations must establish, maintain, and effectively implement plans for emergency response, backup operations, and post-disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in emergency situations.
Data Security - Applies principles, policies, and procedures necessary to ensure the confidentiality, integrity, availability, and privacy of data in all forms of media (electronic and hardcopy) throughout the data life cycle.
Forensics - Applies knowledge, tools, and techniques necessary to locate, process, and secure computer evidence.
Incident Management - Applies knowledge and understanding of the process to prepare and prevent, detect, contain, eradicate, recover, and apply lessons learned from incidents impacting the mission of an organization.
Risk Management - Applies policies, processes, procedures, and technologies used by an organization to create a balanced approach to identifying and assessing risks to information assets, personnel, facilities, and equipment, and to manage mitigation strategies that achieve the security needed at an affordable cost.