נושאי הלימוד בתוכנית מנהלי אבטחת מידע וסייבר CISO
(Domain 1: Security Architecture (10 Classes – CISSP
The CISO Organization
- The CISO Career Path
- Executive Role of a CISO
- Security as a Business Enabler
- Information Security Fundamentals
- Network Security Fundamentals
- Network and Communication Engineering
- Network Architecture
- Securing Network Components
- Wireless Security-
- Multi Factor Authentication -
- VoIP Security -
Design a Secured Network Diagram
- Theoretical Studies-
- Hands on Practice Test – Factor Score
- Principles of Security by Design
- Access and Identity Management
- Identity and Authentication
- Types of Access Controls
- Controlling and Monitoring Access
Security Engineering
- Cryptography, Hashing and PKI
- Cryptographic Attacks
- Access Control Models
- Trusted Computing Base
- Physical Security
(Domain 1 Exam (Total Domain Score: 17.5%
(Domain 2: Security Governance (10 Classes – CISSP & CISM
Asset Security
- Protecting Security of Assets
- Data Classification
- Data Retention
- Security Roles Information Security Audit
- Audit Fundamentals
- Auditing Security
- Privacy
- Global Privacy Regulations
- Privacy by Design
Policies and Procedures
- Develop Security Policies
- Deploy Security Procedures and Standards
- Successful Policy Implementation
- Develop a Security Governance Program
- Theoretical Studies
Hands on Practice Test – Factor Score
Laws
- Technology Laws
- Commercial Laws
- US Federal, EU and Israel Case Studies-
Regulations
- GDPR
- Financial, Government and Military
- Energy and Critical Infrastructures
Industry Standards
- PCI DSS
- ISO 27001
- NIST, SANS, COBIT
(Domain 2 Exam (Total Domain Score: 17.5%
(Domain 3: Security Threats & Vulnerabilities (14 Classes - CISSP
Ransomware
- Ransomware Analysis
- Kill Chain
- Prevent, Detect, Respond and Recover
( Advanced Persistent Threat (APT
- APT Landscape
- Defend Against APT
Social Engineering
- Social Engineering Methods & Techniques
- Case Studies
- Vulnerability Management Program
- Security Assessment
- Static and Dynamic Testing
- Code Testing
Application Security
- Software Development Security
- Database Security
- Malicious Code
- OWASP Top 10
Hands on Practice Test – Factor Score
Cyber Attack Vectors
- Attack Vector Analysis
- Penetration Tests + Hands on Practice
Cyber Threat Analysis
- Cyber Intelligence
- Darknet Introduction + Hands on Practice
- Cyber Profiling
Cyber Reconnaissance
- Passive Reconnaissance
- Active Reconnaissanc
(Domain 3 Exam (17.5%
(Domain 4: Security Controls (12 Classes – CISSP, CISM, CRISC
Security Control Analysis
- Current State of Controls
- Control Monitoring and Effectiveness
- Control Activities, Objectives, Practices and Metrics
- (Key Risk Indicators (KRIs
- (Key Performance Indicators (KPIs
- Monitoring Controls
Security Operations
- Managing Security Operations
- Third Party Security
- Patch Management
- (Design Your Cyber Security Operations Center (CSOC
- (Security Orchestration, Automation and Response (SOAR
Information Security Response Plan
- (Cyber Incident Response Team (CIRT
- (Cyber Incident Response Program (CIRP
- Cyber Incident Management
Hands on Practice Test – Factor Score
Cloud Security
- Virtual, Cloud and Mobile Security
- Third Party Security Evaluation
- IaaS and PaaS Security Program
Critical Infrastructure Protection
- Critical Infrastructure Systems Introduction
- SCADA - Non-TCP/IP Industrial Networks
- Critical Infrastructure Threats & Vulnerabilities
Cyber Forensic
- Cyber Forensics Methodologies
- Cyber Forensics Tools
- Cyber Forensics Investigations + Hands on Practice
(Domain 4 Exam (17.5%
(Domain 5: Security Strategy (14 Classes – CISSP, CISM, CRISC
Cyber Security Risk Management Program
- Risk Identification
- Risk Culture and Communication
- Risk Formula
- IT Risk Strategy
- Risk Identification
- Ownership and Accountability
- Risk Register
- Risk Assessment
- Risk Response and Mitigation
- Risk Control Monitoring and Reporting
Hands on Practice Test – Factor Score
Cyber Security Program
- Security Blueprint
- Security Obligations
- Service Catalog
Business Continuity Management
- Business Continuity Management
- Business Continuity Plan Elements – CIR, DRP, IT Contingency, CIPP, Crisis Communication, OEP, COOP-
Security Awareness and Training Program
- Security Awareness, Education and Training
- Awareness Campaign and Content Development
Hands on Practice Test – Factor Score
Fraud Management
- Fraud Management or Prevention
- Effective Fraud Management Controls
- Handling Fraudsters and Reputational Damage
Final CISO Certification Exam (30%)
(Final CISO Certification Exam (30%