לימודי אבטחת מידע וסייבר CISO

  1. אתם כאן:  
  2. עמוד הבית /
  3. הכשרות מקצועיות
  4. אבטחת מידע וסייבר CISO
  5. מנהלי אבטחת מידע וסייבר - נושאי הלימוד בתוכנית CISO

נושאי הלימוד בתוכנית מנהלי אבטחת מידע וסייבר CISO

(Domain 1: Security Architecture (10 Classes – CISSP

 The CISO Organization

  •  The CISO Career Path
  •  Executive Role of a CISO
  •  Security as a Business Enabler
  •  Information Security Fundamentals
  •  Network Security Fundamentals 
  •  Network and Communication Engineering
  •  Network Architecture
  •  Securing Network Components
  •  Wireless Security-
  •  Multi Factor Authentication -
  •  VoIP Security -

 Design a Secured Network Diagram

  •  Theoretical Studies-
  •  Hands on Practice Test – Factor Score 
  •  Principles of Security by Design
  •  Access and Identity Management
  •  Identity and Authentication
  •  Types of Access Controls
  •  Controlling and Monitoring Access 

 Security Engineering

  •  Cryptography, Hashing and PKI
  •  Cryptographic Attacks
  •  Access Control Models
  • Trusted Computing Base
  •  Physical Security

(Domain 1 Exam (Total Domain Score: 17.5%

 

(Domain 2: Security Governance (10 Classes – CISSP & CISM

 Asset Security

  •  Protecting Security of Assets
  •  Data Classification 
  •  Data Retention
  •  Security Roles Information Security Audit
  •  Audit Fundamentals
  • Auditing Security
  •  Privacy
  •  Global Privacy Regulations
  •  Privacy by Design

 Policies and Procedures

  •  Develop Security Policies
  • Deploy Security Procedures and Standards
  •  Successful Policy Implementation 
  •  Develop a Security Governance Program
  •  Theoretical Studies

 Hands on Practice Test – Factor Score 

 Laws

  •  Technology Laws
  •  Commercial Laws
  •  US Federal, EU and Israel Case Studies-

 Regulations

  • GDPR
  •  Financial, Government and Military
  •  Energy and Critical Infrastructures

 Industry Standards 

  •  PCI DSS
  •  ISO 27001
  •  NIST, SANS, COBIT

(Domain 2 Exam (Total Domain Score: 17.5%

 

(Domain 3: Security Threats & Vulnerabilities (14 Classes - CISSP 

 Ransomware

  •  Ransomware Analysis
  •  Kill Chain
  •  Prevent, Detect, Respond and Recover

( Advanced Persistent Threat (APT

  •  APT Landscape
  •  Defend Against APT

 Social Engineering

  •  Social Engineering Methods & Techniques
  •  Case Studies
  • Vulnerability Management Program
  •  Security Assessment
  •  Static and Dynamic Testing
  •  Code Testing

 Application Security

  •  Software Development Security
  •  Database Security
  •  Malicious Code
  •  OWASP Top 10

 Hands on Practice Test – Factor Score 

 Cyber Attack Vectors

  •  Attack Vector Analysis
  •  Penetration Tests + Hands on Practice

 Cyber Threat Analysis

  •  Cyber Intelligence
  •  Darknet Introduction + Hands on Practice
  •  Cyber Profiling 

 Cyber Reconnaissance 

  •  Passive Reconnaissance
  •  Active Reconnaissanc

(Domain 3 Exam (17.5%

 

(Domain 4: Security Controls (12 Classes – CISSP, CISM, CRISC

 Security Control Analysis

  •  Current State of Controls
  •  Control Monitoring and Effectiveness
  •  Control Activities, Objectives, Practices and Metrics
  •  (Key Risk Indicators (KRIs
  •  (Key Performance Indicators (KPIs
  •  Monitoring Controls

 Security Operations

  •  Managing Security Operations
  •  Third Party Security
  •  Patch Management
  • (Design Your Cyber Security Operations Center (CSOC
  •  (Security Orchestration, Automation and Response (SOAR

 Information Security Response Plan

  •  (Cyber Incident Response Team (CIRT
  • (Cyber Incident Response Program (CIRP
  •  Cyber Incident Management

 Hands on Practice Test – Factor Score 

 Cloud Security

  •  Virtual, Cloud and Mobile Security
  •  Third Party Security Evaluation
  • IaaS and PaaS Security Program

Critical Infrastructure Protection

  • Critical Infrastructure Systems Introduction
  • SCADA - Non-TCP/IP Industrial Networks
  •  Critical Infrastructure Threats & Vulnerabilities

 Cyber Forensic 

  •  Cyber Forensics Methodologies
  •  Cyber Forensics Tools
  •  Cyber Forensics Investigations + Hands on Practice

(Domain 4 Exam (17.5%

 

(Domain 5: Security Strategy (14 Classes – CISSP, CISM, CRISC

 Cyber Security Risk Management Program

  •  Risk Identification
  • Risk Culture and Communication
  • Risk Formula
  •  IT Risk Strategy
  •  Risk Identification
  •  Ownership and Accountability
  • Risk Register
  •  Risk Assessment
  • Risk Response and Mitigation
  •  Risk Control Monitoring and Reporting

 Hands on Practice Test – Factor Score 

 Cyber Security Program

  •  Security Blueprint
  •  Security Obligations
  •  Service Catalog

 Business Continuity Management

  •  Business Continuity Management
  •  Business Continuity Plan Elements – CIR, DRP, IT Contingency, CIPP, Crisis Communication, OEP, COOP-

 Security Awareness and Training Program

  •  Security Awareness, Education and Training
  •  Awareness Campaign and Content Development

 Hands on Practice Test – Factor Score  

 Fraud Management 

  •  Fraud Management or Prevention
  •  Effective Fraud Management Controls
  •  Handling Fraudsters and Reputational Damage

Final CISO Certification Exam (30%)

(Final CISO Certification Exam (30%

 

לכל המידע על לימודי אבטחת מידע וסייבר