Software Engineering Institute Carnegie Mellon

Course Offerings
Prices
Locations, Travel, and Lodging
Cancellation Policy
Courses FAQ
Privacy Information (FERPA)
Registration
Contact Information
Credentials Program
SEI Certification

Managing Enterprise Information Security: A Practical Approach for Achieving Defense-in-Depth

Dates

2009* Prices (USD)

2009 Dates
June 2-4, 2009 (SEI Arlington, VA)
October 13-15, 2009 (SEI Pittsburgh, PA)

Course Registration
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Phone: 412 / 268-7388
FAX: 412 / 268-7401
Questions: courseregistration@sei.cmu.edu

To Register: 2009 Click Here

This course may also be offered by arrangement at customer sites. E-mail training-info@cert.org or call +1 412-268-9564 for details.

*Course dates and fees are subject to change.

U.S.
Course Fee:
Industry: $1750
Government: $1400
Academic: $1400

International
Course Fee:
$3500


  Register for
2009 Dates

Course Description

 

This three-day course begins with a brief review of the conceptual foundations of information security. Next, students will be introduced to the CERT® Defense-in-Depth Framework: eight operationally focused and interdependent management components which will be synergistically applied to a fictitious organization's Information Technology (IT) enterprise (see "Topics" below). Through lectures, demonstrations, scenario-based exercises, small group activities, and open discussions, students will learn high-level best practices for effectively integrating each of these eight components into all aspects of IT operations. Further, the course scenario is used extensively to reinforce these best practices with technical information security implementations.

This course is designed for individuals charged with implementing information security throughout the IT enterprise. Therefore, this course is an ideal pursuit for IT and Security managers, and/or system administrators and IT security personnel who would like to step up to the management level.

Audience   ·    Prerequisites    ·    Objectives   ·    Logistics

 

AUDIENCE
Technical staff members who manage or support networked information systems and have

  • two years of practical experience with networked systems or equivalent training/education
  • some degree of specific familiarity with the ISO/OSI 7- layered reference model as well as Ethernet, TCP/IP, and major network operating systems such as Windows NT/2000/ XP and Unix

PREREQUISITES
This course has no prerequisites.

TOPICS

  • Foundations of Information Assurance
  • The CERT® Defense-in-Depth Framework
  • Components of Defense-in-Depth
    • Compliance Management
    • Risk Management
    • Identity Management
    • Authorization Management
    • Accountability Management
    • Availability Management
    • Configuration Management
    • Incident Management

OBJECTIVES
Successful completion of this course will enable participants to

  • describe the CERT® Defense-in-Depth framework and its components
  • holistically examine IT operations for IA threats and vulnerabilities
  • apply the framework to improve the overall security posture of IT operations

Course Materials
Participants will receive a course notebook and a CD containing course materials.

LOGISTICS

Class Schedule
This three-day course meets at the following times:
Days 1 & 2: 9:00 a.m.-5:00 p.m.
Day 3: 9:00 a.m. - 2:30 p.m.

Hotel and Travel Information
Information about traveling to the SEI offices is available on our Travel and Lodging Web pages.

Questions about this course?
Please see our Frequently Asked Questions Web page for answers to some of the more common inquiries about SEI Education and Training.

If you need more information, contact us via e-mail at training-info@cert.org or telephone at +1 412-268-9564.



 

 

Related Products and Services

 

Courses
Information Security for Technical Staff
Advanced Information Security for Technical Staff

Publications
Handbook: Defense-in-Depth: Foundations for Secure and Resilient Enterprises

Related Podcasts
Concrete Steps for Implementing an Information Security Program
Getting Real About Security Governance
Information Compliance: A Growing Challenge for Business Leaders
Inside Defense-in-Depth
Making Information Security Policy Happen
Protecting Information Privacy - How To and Lessons Learned
Real-World Security for Business Leaders
Using High Fidelity Online Training to Stay Sharp

Other Related Information
CERT Training and Education
CERT-Certified Incident Handler Certification

Additional information and publications can be found on the CERT Web site.

Course Registration

 

  Register for 2009 Dates
 

^
TOP