Main › EC-Council СHFI v9

EC-Council СHFI v9

EC-Council СHFI v9

The purpose of the course is to give students the knowledge and skills to work with key techniques for detecting computer crimes both in the local network and when interacting on the Internet with mobile clients and cloud services. Also in the course are widely presented software products for collecting and recovering information that indicates an intrusion into the system.

This course provides extensive knowledge of security analysis of modern computer networks and will be useful to all interested IT professionals, including network and system administrators and IT managers. The course will be of interest to information security officers, law enforcement officers and military officials involved in investigating computer network intrusions. In addition, the course is useful for security professionals in preparation for international certification.

At the end of the course students will be able to:
– Independently detect intrusions into the OS, web applications, mobile devices and cloud services;
– Use proven methods of intrusion detection;
– Gather evidence to support the invasion;
– Use specialized tools for analysis of intrusions;
– Analyze text, graphic or media traffic flows for bookmarks;
– Analyze storage systems to detect traces of intrusion;
– Restore and analyze the state of non-volatile (non-volatile) and random access (volatile) memory from Windows, Mac and Linux;
– Recover deleted files and partitions in Windows, Mac and Linux;
– Analyze the state of systems against insider attacks;
– Apply the technique of reverse engineering to analyze the attacking code;
– Detect hacking (or attempted hacking) of password files;
– Extract and analyze logs of proxy servers, firewalls, intrusion detection / prevention systems, workstations, servers, switches, routers, domain controllers, DNS and DHCP servers, access control systems and other devices;
– Take the necessary measures to transfer evidence to law enforcement agencies.

Certification exams
The course helps to prepare for the following certification exams:
312-49: Computer Hacking Forensic Investigator

Preparation required
To learn effectively, students must have the following knowledge and skills:
– Experience working with client and server operating systems;
– Understanding the operation of the network and network devices;
– understanding of basic security concepts;
– CEH and CND courses or equivalent knowledge and skills.

Listener’s materials
Students are provided with a branded textbook and manual for laboratory work (electronically), as well as other materials and software needed to perform these works.

Module 1: Investigating IS incidents around the world

  • Identification of computer threats
  • Classification of cyber-attacks
  • Challenges for cybercrime researchers
  • Types of cyber-attacks and basic rules of investigation
  • Evidence collection rules and basic types of digital evidence
  • Assessment of incident preparedness and action plan
  • The scope of activities of computer security incident investigators and the area of ​​responsibility
  • Review of legal, ethical and confidential issues during the investigation of the incident

Module 2: IS Incident Investigation Process

  • The process of investigating the IS incident
  • Stages of the IS incident investigation process
  • Requirements for the laboratory environment and the team of incident investigators
  • Research software
  • Tasks of the first researchers of the IS incident
  • Finding evidence and gathering evidence
  • Placement and storage of evidence
  • Deduplication of data, recovery of deleted data and verification of evidence
  • Writing a report
  • Data recovery using EasyUS Data Recovery Wizard;
  • Use HashCalc to calculate a hash, checksum, or HMAC;
  • Using MD5 Calculator;
  • View files of various formats through File Viewer;
  • Detection of traces of work with data by means of P2 Commander;
  • Create a partition image using R-Drive Image.

Module 3: Collecting evidence from disks and file systems

  • Classification of computer network security tools
  • Methods and means of access control
  • Methods and means of authentication, authorization and audit of access
  • A brief overview of the main methods of cryptographic protection of information
  • Basic classes of hardware and software for computer network protection and principles of their operation
  • Network protocols designed to ensure security and the principles of their operation
  • Detect deleted files using WinHex;
  • File system analysis using The Sleuth Kit;
  • Raw image analysis using Autopsy.

Module 4: Investigating Operating System Incidents

  • Methods of obtaining data
  • Getting current data
  • Teaching static data
  • Duplication of data
  • Device change lock
  • Methods and means of obtaining data
  • Get data in Windows and Linux
  • Research the NTFS partition using DiskExplorer for NTFS;
  • View graphic content with the FTK Imager Tool.

Module 5: Countering methods of concealing evidence

  • Countering methods of concealing evidence and the purpose of counteraction
  • Review of techniques for counteracting methods of concealing evidence
  • Extraction of evidence from deleted files and sections, files with password protection and steganography
  • Code entanglement, artifact stripping, data / metadata overwriting and encryption
  • Methods for detecting encryption protocols, program packers and rootkits.
  • Countermeasures to counter methods of concealing evidence
  • Hacking application passwords;
  • Detection of steganography.

Module 6: Methods of data collection and copying

  • Check for data that changes and does not change Windows
  • Windows memory and registry analysis
  • Check cache, cookies and browser history
  • Check Windows files and metadata
  • Analyze text logs and Windows event logs
  • Linux log commands and files
  • Check Mac logs
  • Detection and removal of materials hidden on the computer using OSForensics;
  • Get information about the download process using ProcessExplorer;
  • View, monitor and analyze events using Event Log Explorer;
  • Computer research on penetration using Helix;
  • Obtaining variable (operational) data in Linux;
  • Analysis of immutable (static) data in Linux.

Module 7: Investigation of network technology incidents

  • Network intrusions
  • Basic concepts of journaling
  • An overview of ways to compare events
  • Check routers, firewalls, IDS, DHCP and ODBC logs
  • Checking network traffic
  • Collection of evidence of network penetration
  • Reconstruction of the invasion
  • Interception and analysis of events using GFI EventsManager;
  • Incident investigation and data collection using XpoLog Center Suite;
  • Investigate network attacks with Kiwi Log Viewer;
  • Track network traffic with Wireshark.

Module 8: Investigating Web Application Attacks

  • Threats to web applications
  • Web application architecture
  • Web attacks and steps to implement them
  • Web attacks on a Windows server
  • IIS server architecture and work with its log
  • Apache web server architecture and work with its log
  • Ways to attack web applications
  • Domain network analysis and IP address requests using SmartWhois.

Module 9: Investigation of DBMS incidents

  • Database threats
  • MSSQL threats
  • Signs of database intrusion
  • Collect evidence of intrusion using SQL Server Management Studio and Apex SQL DBA
  • MySQL threats
  • MySQL architecture and definition of data directory structure
  • Utilities for analyzing and collecting evidence of penetration into MySQL
  • MySQL threats to WordPress web application databases
  • Extract database from Android devices using Andriller;
  • SQLite database analysis using DB Browser for SQLite;
  • Study the MySQL database.

Module 10: Investigation of incidents related to cloud programs

  • Description of the principles of cloud computing
  • Cloud attacks
  • Ways to protect the clouds
  • Cloud protection stakeholders
  • DropBox and GoogleDrive cloud services
  • Detection of vulnerabilities in DropBox;
  • Google Drive research.

Module 11: Investigation of malicious code incidents

  • Ways to penetrate malware into the OS
  • Basic components and malware distribution
  • Malware protection concept
  • Detection and removal of malware from systems
  • Malware analysis – analysis rules and test environment
  • Static and dynamic analysis of malware
  • Static analysis of suspicious files;
  • Dynamic analysis of malicious code;
  • Analysis of infected PDF-files;
  • Scanning PDF files using web resources;
  • Scan suspicious MS Office files.

Module 12: Investigating Email Incidents

  • Mail systems, mail clients and mail servers
  • Account management
  • Email attacks
  • Components of e-mail messages
  • Common headers and X-headers
  • Detect mail attacks
  • Tools for analyzing e-mails
  • American law CAN-SPAM
  • Recover deleted emails with Recover My Email;
  • Detection of dangerous messages with Paraben’s Email Examiner;
  • Track emails with eMailTrackerPro.

Module 13: Investigating Mobile Incidents

  • Threats to mobile devices
  • Features of hacking of mobile devices and mobile OS
  • Mobile device architecture
  • Android stack architecture and download process
  • IOS stack architecture and download process
  • Mobile data storage
  • Preparation and invasion of mobile OS
  • Analysis of dangerous images and recovery of deleted files using Autopsy;
  • Explore your Android device with Andriller.

Module 14: Preparation of Incident Investigation Reports

  • The structure of the incident investigation report
  • Signs of a good report
  • Incident investigation report template
  • Classification of reports and manuals for their writing
  • Expert opinions in the report
  • Differences between technical and expert opinions
  • Daubert and Fyre standards
  • Ethical standards during the investigation

Complete information about the course computer-hacking-forensic-investigator-v9

The course price is $ 1,500

Main › EC-Council CEH v11

EC-Council CEH v11

EC-Council CEH v11

Course description

The Certified Ethical Hacker Certificate (CEH) is the most trusted certification and ethical hacking achievement recommended by employers worldwide. It is the most coveted certificate of information security and is one of the fastest growing cyber resources needed by critical infrastructure and major service providers. Since the introduction of CEH in 2003, it has been recognized as a standard in the information security community. CEH v11 continues to implement the latest hacking methods and state-of-the-art hacking and use tools used today by hackers and information security professionals. The five phases of ethical hacking and CEH’s initial core mission remain relevant today: “To defeat a hacker, you have to think like a hacker.”

The purpose of the course

To provide students with knowledge and skills to form a systematic approach to computer security, to teach methods to check the security of various nodes of a computer network and to acquaint students with the tools of attackers, their advantages and limitations.

To learn effectively, students must have the following knowledge and skills:

– Experience working with client and server operating systems;
– Understanding the operation of the network and network devices;
– Understanding of basic security concepts.

Course program

Module 1: Introduction to Ethical Hacking
Module 2: Traces and Intelligence
Module 3: Network Scanning
Module 4: Enumeration
Module 5: Vulnerability Analysis
Module 6: System Hacking
Module 7: Threats to Malware
Module 8: Sniffing
Module 9: Social Engineering
Module 10: Denial of Service
Module 11: Abduction Session
Module 12: Evasion of IDS, Firewalls and Honeypots
Module 13: Hacking Web Servers
Module 14: Hacking Web Applications
Module 15: SQL injection
Module 16: Hacking Wireless Networks
Module 17: Hacking mobile platforms
Module 18: IoT and OT hacking
Module 19: Cloud Computing
Module 20: Cryptography

What you will receive as part of the course:

– authorized educational literature
– access to practical laboratory works iLabs
– EC-Council certified trainer
– certificate of official training at the CEH course
– voucher for passing the exam
– after successfully passing the exam – a certificate confirming the competencies of a certified ethical hacker.

Full course description cehv11-brochure-hacker-v11

The course price is 2000$ 1200$





Many organizations require them to identify critical issues and propose effective audit solutions. And this will require in-depth knowledge of system auditors (System Auditor’s). The set of knowledge and skills included in the curriculum of vendors-independent course “Certified Information Systems Security Auditor – C) ISSA” will not only help prepare for the relevant ISACA® exam, but also provide another important certification in information systems auditing. Thus, the Certified Information Systems Security Auditor course provides the knowledge and skills to identify vulnerabilities, compatibility reports, and implement controls for all types of organizations.

Duration 4 days / 32 hours

At least a year of working with information systems.
course objectives

Use in their work advanced knowledge and practical skills of auditing.
Obtain an international auditor’s certificate if you pass the exam


  • IS Security Officers
  • IS Managers
  • Risk Managers
  • Auditors
  • Information Systems Owners
  • IS Control Assessors
  • System Managers
  • Government


  • The Process of Auditing Information Systems
  • Risk Based Auditing
  • Audit Planning and Performance
  • Reporting on Audit
  • IT Governance and Management
  • Strategic Planning and Models
  • Resource Management
  • Business Continuity Planning
  • Systems Acquisition, Development and Implementation
  • Systems Development Models
  • Types of Specialized Business Applications
  • Application Controls
  • Information Systems Operations, Maintenance and Support
  • System and Communications
  • Hardware

Related to the certification course:

Mile2 C) ISSA – Certified Information Systems Security Auditor
CISACA® CISA are the objectives of this exam

Main › CompTIA Security +

CompTIA Security +

CompTIA Security +

Course description
CompTIA Security + (SY0-501 exam) is a basic course you will need to take if your job responsibilities include providing network services, devices, and traffic to your organization. You can also take this course to prepare for the CompTIA Security + certification exam. In this course, you will build on your knowledge and expertise in the basics of security, networking, and organizational security, gaining the specific skills needed to implement basic security services in any type of computer network.

This course can benefit you in two ways.
If you intend to take the CompTIA Security + certification exam (SY0-501 exam), this course can be an important part of your preparation. But certification is not the only key to professional success in computer security. Today’s job market requires people to demonstrate skills, and the information and activities in this course can help you build a set of computer security skills so that you can confidently perform your duties in any security-related role.

Target audience
This course is aimed at an information technology (IT) professional with network and administrative skills in Windows-based Transmission Control / Internet Protocol (TCP / IP) networks; familiarity with other operating systems, such as mac OS, Unix or Linux; and who wants to pursue a career in IT by gaining fundamental knowledge of security; preparation for the CompTIA Security + certification exam; or use Security + as a basis for advanced security certificates or career roles.

Knowledge that you will gain during the course:
• basics of authentication and authorization;
• types of attacks and malicious code;
• how to ensure security when working with remote access;
• security of e-mail and web applications;
• wireless network security;
• design of security systems;
• security control and intrusion detection;
• physical security;
• security expertise.

What is included in the course:
• 5 online lectures from 10:00 to 18:00
• practical work
• laboratory work

Promotional price: UAH 12,000 without VAT (old price UAH 24,000)

* if desired, each participant of the course will be able to buy a voucher for certification separately.




Domain 1:Security and Risk Management

1.1 Understand and apply concepts of confidentiality, integrity and availability

1.2 Apply security governance principles through:

1.3 Compliance:

– Legislative and regulatory compliance

– Privacy requirements compliance

1.4 Understand legal and regulatory issues that pertain to information security in a global context

1.5 Understand professional ethics

– Exercise (ISC)² Code of Professional Ethics

– Support organization’s code of ethics

1.6 Develop and implement documented security policy, standards, procedures, and guidelines

1.7 Understand business continuity requirements

– Develop and document project scope and plan

– Conduct business impact analysis

– Alignment of security function to strategy, goals, mission, and objectives (e.g., business case, budget and resources)

– Organizational processes (e.g., acquisitions,divestitures, governance committees)

– Security roles and responsibilities

– Control frameworks

– Due care

– Due diligence

– Computer crimes

– Licensing and intellectual property (e.g., copyright, trademark, digital-rights management)

– Import/export controls

– Trans-border data flow

– Privacy

– Data breaches

1.8 Contribute to personnel security policies

1.9 Understand and apply risk management concepts

1.10 Understand and apply threat modeling

1.11 Integrate security risk considerations into acquisition strategy and practice

1.12 Establish and manage information security education, training, and awareness

– Appropriate levels of awareness, training, and education required within organization

– Periodic reviews for content relevancy

– Employment candidate screening (e.g., reference checks, education verification)

– Employment agreements and policies

– Employment termination processes

– Vendor, consultant, and contractor controls

– Compliance

– Privacy

– Identify threats and vulnerabilities

– Risk assessment/analysis (qualitative, quantitative,hybrid)

– Risk assignment/acceptance (e.g., system authorization)

– Countermeasure selection

– Implementation

– Types of controls (preventive, detective, corrective, etc.)

– Control assessment

– Monitoring and measurement

– Asset valuation

– Reporting

– Continuous improvement

– Risk frameworks

– Identifying threats (e.g., adversaries, contractors, employees, trusted partners)

– Determining and diagramming potential attacks (e.g., social engineering, spoofing)

– Performing reduction analysis

– Technologies and processes to remediate threats (e.g., software architecture and operations)

– Hardware, software, and services

– Third-party assessment and monitoring (e.g., onsite assessment, document exchange and review, process/policy review)

– Minimum security requirements

– Service-level requirements

Domain 2:Asset Security

2.1 Classify information and supporting assets (e.g., sensitivity, criticality)

2.2 Determine and maintain ownership (e.g., data owners, system owners, business/mission owners)

2.3 Protect privacy

2.4 Ensure appropriate retention (e.g., media, hardware, personnel)

2.5 Determine data security controls (e.g., data at rest, data in transit)

2.6 Establish handling requirements (markings, labels, storage, destruction of sensitive information)

– Data owners

– Data processers

– Data remanence

– Collection limitation

– Baselines

– Scoping and tailoring

– Standards selection

– Cryptography

Domain 3:Security Engineering

3.1 Implement and manage engineering processes using secure design principles

3.2 Understand the fundamental concepts of security models (e.g., Confidentiality, Integrity, and Multi-level Models)

3.3 Select controls and countermeasures based upon systems security evaluation models 3.4 Understand security capabilities of information systems (e.g., memory protection, virtualization, trusted platform module, interfaces, fault tolerance)

3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements

3.6 Assess and mitigate vulnerabilities in web-based systems (e.g., XML, OWASP)

3.7 Assess and mitigate vulnerabilities in mobile systems

3.8 Assess and mitigate vulnerabilities in embedded devices and cyber-physical systems (e.g., network-enabled devices, Internet of things (loT))

3.9 Apply cryptography

– Client-based (e.g., applets, local caches)

– Server-based (e.g., data flow control)

– Database security (e.g., inference, aggregation, data mining, data analytics, warehousing)

– Large-scale parallel data systems

– Distributed systems (e.g., cloud computing, grid computing, peer to peer)

– Cryptographic systems

– Industrial control systems (e.g., SCADA)

– Cryptographic life cycle (e.g., cryptographic limitations, algorithm/protocol governance)

– Cryptographic types (e.g., symmetric, asymmetric, elliptic curves)

– Public Key Infrastructure (PKI)

– Key management practices

– Digital signatures

– Digital rights management

– Non-repudiation

– Integrity (hashing and salting)

– Methods of cryptanalytic attacks (e.g., brute force, cipher-text only, known plaintext)

3.10 Apply secure principles to site and facility design

3.11 Design and implement physical security

– Wiring closets

– Server rooms

– Media storage facilities

– Evidence storage

– Restricted and work area security (e.g., operations centers)

– Data center security

– Utilities and HVAC considerations

– Water issues (e.g., leakage, flooding)

– Fire prevention, detection and suppression

Domain 4:Communications and Network Security

4.1 Apply secure design principles to network architecture (e.g., IP & non-IP protocols, segmentation)

4.2 Secure network components

4.3 Design and establish secure communication channels

4.4 Prevent or mitigate network attacks

– OSI and TCP/IP models

– IP networking

– Implications of multilayer protocols (e.g., DNP3)

– Converged protocols (e.g., FCoE, MPLS, VoIP, iSCSI)

– Software-defined networks

– Wireless networks

– Cryptography used to maintain communication security

– Operation of hardware (e.g., modems, switches, routers, wireless access points, mobile devices)

– Transmission media (e.g., wired, wireless, fiber)

– Network access control devices (e.g., firewalls, proxies)

– Endpoint security

– Content-distribution networks

– Physical devices

– Voice

– Multimedia collaboration (e.g., remote meeting technology, instant messaging)

– Remote access (e.g., VPN, screen scraper, virtual application/desktop, telecommuting)

– Data communications (e.g., VLAN, TLS/SSL)

– Virtualized networks (e.g., SDN, virtual SAN, guest operating systems, port isolation)

Domain 5:Identity and Access Management

5.1 Control physical and logical access to assets

– Information

– Systems

– Devices

– Facilities

5.2 Manage identification and authentication of people and devices

5.3 Integrate identity as a service (e.g., cloud identity)

5.4 Integrate third-party identity services (e.g., on-premise)

5.5 Implement and manage authorization mechanisms

– Role-Based Access Control (RBAC) methods

– Rule-based access control methods

– Mandatory Access Control (MAC)

– Discretionary Access Control (DAC)

5.6 Prevent or mitigate access control attacks

5.7 Manage the identity and access provisioning lifecycle (e.g., provisioning, review)

– Identity management implementation (e.g., SSO, LDAP)

– Single/multi-factor authentication (e.g., factors, strength, errors)

– Accountability

– Session management (e.g., timeouts, screensavers)

– Registration and proofing of identity

– Federated identity management (e.g., SAML)

– Credential management systems

Domain 6:Security Assessment and Testing

6.1 Design and validate assessment and test strategies

6.2 Conduct security control testing

6.3 Collect security process data (e.g., management and operational controls)

6.4 Analyze and report test outputs (e.g., automated, manual)

6.5 Conduct or facilitate internal and third party audits

– Vulnerability assessment

– Penetration testing

– Log reviews

– Synthetic transactions

– Code review and testing (e.g., manual, dynamic, static, fuzz)

– Misuse case testing

– Test coverage analysis

– Interface testing (e.g., API, UI, physical)

– Account management (e.g., escalation, revocation)

– Management review

– Key performance and risk indicators

– Backup verification data

– Training and awareness

– Disaster recovery and business continuity

Domain 7:Security Operations

7.1 Understand and support investigations

7.2 Understand requirements for investigation types

7.3 Conduct logging and monitoring activities

7.4 Secure the provisioning of resources

7.5 Understand and apply foundational security operations concepts

7.6 Employ resource protection techniques

– Media management

– Hardware and software asset management

– Evidence collection and handling (e.g., chain of custody, interviewing)

– Reporting and documenting

– Investigative techniques (e.g., root-cause analysis, incident handling)

– Digital forensics (e.g., media, network, software, and embedded devices)

– Intrusion detection and prevention

– Security information and event management

– Continuous monitoring

– Egress monitoring (e.g., data loss prevention, steganography, watermarking)

– Asset inventory (e.g., hardware, software)

– Configuration management

– Physical assets

– Virtual assets (e.g., software-defined network, virtual SAN, guest operating systems)

– Cloud assets (e.g., services, VMs, storage, networks)

– Applications (e.g., workloads or private clouds, web services, software as a service)

– Need-to-know/least privilege (e.g., entitlement, aggregation, transitive trust)

– Separation of duties and responsibilities

– Monitor special privileges (e.g., operators, administrators)

– Job rotation

– Information lifecycle

– Service-level agreements

– Operational

– Criminal

– Civil

– Regulatory

– Electronic discovery (eDiscovery)

7.7 Conduct incident management

7.8 Operate and maintain preventative measures

7.9 Implement and support patch and vulnerability management

7.10 Participate in and understand change management processes (e.g., versioning, baselining, security impact analysis)

7.11 Implement recovery strategies

7.12 Implement disaster recovery processes

7.13 Test disaster recovery plans

7.14 Participate in business continuity planning and exercises

7.15 Implement and manage physical security

– Perimeter (e.g., access control and monitoring)

– Internal security (e.g., escort requirements/visitor control, keys and locks)

7.16 Participate in addressing personnel safety concerns (e.g., duress, travel, monitoring)

– Detection

– Response

– Mitigation

– Reporting

– Recovery

– Remediation

– Lessons learned

– Firewalls

– Intrusion detection and prevention systems

– Whitelisting/Blacklisting

– Third-party security services

– Sandboxing

– Honeypots/Honeynets

– Anti-malware

– Backup storage strategies (e.g., offsite storage, electronic vaulting, tape rotation)

– Recovery site strategies

– Multiple processing sites (e.g., operationally redundant systems)

– System resilience, high availability, quality of service, and fault tolerance

– Response

– Personnel

– Communications

– Assessment

– Restoration

– Training and awareness

– Read-through

– Walkthrough

– Simulation

– Parallel

– Full interruption

Domain 8:Software Development Security

8.1 Understand and apply security in the software development lifecycle

8.2 Enforce security controls in development environments

8.3 Assess the effectiveness of software security

– Auditing and logging of changes

– Risk analysis and mitigation

– Acceptance testing

8.4 Assess security impact of acquired software

Main › Cryptography Intro

Cryptography Intro

Cryptography Intro

Cryptography is an indispensable tool for protecting information in computer systems. In this course you will learn the inner workings of cryptographic systems and how to correctly use them in real-world applications. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two parties generate a shared secret key. Throughout the course participants will be exposed to many exciting open problems in the field and work on fun (optional) programming projects.


1. Basics

  • Course Overview
  • What is Cryptography?
  • History of Cryptography
  • Discrete Probability (Crash Course)
  • Discrete Probability (Crash Course, Cont.)
  • Information Theoretic Security and The One Time Pad
  • Stream Ciphers and Pseudo Random Generators
  • Attacks on Stream Ciphers and The One Time Pad
  • Real-World Stream Ciphers
  • PRG Security Definitions
  • Semantic Security
  • Stream Ciphers are Semantically Secure

2. Block Ciphers

  • What are Block Ciphers?
  • The Data Encryption Standard
  • Exhaustive Search Attacks
  • More Attacks on Block Ciphers
  • The AES Block Cipher
  • Block Ciphers From PRGs
  • Review: PRPs and PRFs
  • Modes of Operation: One Time Key
  • Security for Many-Time Key (CPA security)
  • Modes of Operation: Many Time Key (CBC)
  • Modes of Operation: Many Time Key (CTR)

3. Message Integrity

  • Message Authentication Codes
  • MACs Based On PRFs
  • CBC-MAC and NMAC
  • MAC Padding
  • PMAC and the Carter-Wegman MAC
  • Introduction
  • Generic Birthday Attack
  • The Merkle-Damgard Paradigm
  • Constructing Compression Functions
  • HMAC
  • Timing attacks on MAC verification

4. Authenticated Encryption

  • Active Attacks on CPA-Secure Encryption
  • Definitions
  • Chosen Ciphertext Attacks
  • Constructions From Ciphers and MACs
  • Case Study: TLS 1.2
  • CBC Padding Attacks
  • Attacking Non-Atomic Decryption
  • Key Derivation
  • Deterministic Encryption
  • Deterministic Encryption: SIV and Wide PRP
  • Tweakable Encryption
  • Format Preserving Encryption

5. Basic Key Exchange

  • Trusted 3rd Parties
  • Merkle Puzzles
  • The Diffie-Hellman Protocol
  • Public-Key Encryption
  • Notation
  • Fermat and Euler
  • Modular e’th Roots
  • Reading: More background on number theory
  • Arithmetic algorithms
  • Intractable Problems

6. Public-Key Encryption

  • Definitions and Security
  • Constructions
  • The RSA Trapdoor Permutation
  • PKCS 1
  • Is RSA a One-Way Function?
  • RSA in Practice
  • The ElGamal Public-key System
  • ElGamal Security
  • ElGamal Variants With Better Security
  • A Unifying Theme

Main › CISRM) Certified Information System Risk Management

CISRM) Certified Information System Risk Management

CISRM) Certified Information System Risk Management


A minimum of 1 year of Information Systems

Student Materials:
  • Student Workbook
  • Student Reference Manual
  • Key Security Concepts & Definitions Book
Certification Exam:
  • Mile2 C)ISRM
  • Covers ISACA CRISC®
CPEs: 24
According to this course, you’ll have:
  • Certified by Mile2 Trainer, International Cyber Security Professional and practitioner
  • Authorized training materials
  • Friendly Placement Classroom
  • High Quality Classroom Equipment
  • The Best Catering
  • EXAM Voucher


  • Information System Security Officers
  • Risk Managers
  • Information Systems Owners
  • Info Security Control Assessors
  • System Managers
  • State & Local Government Risk Managers
  1. The Big Picture
  2. Domain 1 Risk Identification Assessment and Evaluation
  3. Domain 2 – Risk Response
  4. Domain 3 – Risk Monitoring
  5. Domain 4 – IS Control Design and Implementation

C)ISRM Part 1: The Big Picture

  • About the C)ISRM Exam
  • Exam Relevance
  • About the C)ISRM Exam
  • Section Overview
  • Part 1 Learning Objectives
  • Section Topics
  • Overview of Risk Management
  • Risk
  • Risk and Opportunity Management
  • Responsibility vs. Accountability
  • Risk Management
  • Roles and Responsibilities
  • Relevance of Risk Management Frameworks, Standards and Practices
  • Frameworks
  • Standards
  • Practices
  • Relevance of Risk Governance
  • Overview of Risk Governance
  • Objectives of Risk Governance
  • Foundation of Risk Governance
  • Risk Appetite and Risk Tolerance
  • Risk Awareness and Communication
  • Key Concepts of
  • Risk Governance
  • Risk Culture
  • Case Study
  • Practice Question 1
  • Practice Question 2
  • Practice Question 3
  • Practice Question 4
  • Practice Question 5
  • Acronym Review
  • Definition Review
C)ISRM Part II – Domain 1 Risk Identification Assessment and Evaluation
  • Section Overview
  • Exam Relevance
  • Domain 1 Learning Objectives
  • Task Statements
  • Knowledge Statements
  • The Process
  • Describing the Business Impact of IT Risk
  • IT Risk in the Risk Hierarchy
  • IT Risk Categories
  • High Level Process Phases
  • Risk Scenarios
  • Definition of Risk Scenario
  • Purpose of Risk Scenarios
  • Event Types
  • Risk Scenario Development
  • Risk Registry & Risk Profile
  • Risk Scenario Development
  • Risk Scenario Components
  • Risk Scenario Development
  • Risk Scenario Development Enablers
  • Systemic, Contagious or Obscure Risk
  • Generic IT Risk Scenarios
  • Definition of Risk Factor
  • Examples of Risk Factors
  • Risk Factors— External Environment
  • Risk Factors— Risk Management Capability
  • Risk Factors— IT Capability
  • Risk Factors— IT Related Business Capabilities
  • Methods for Analyzing IT Risk
  • Likelihood and Impact
  • Risk Analysis Output
  • Risk Analysis Methods
  • Risk Analysis Methods—Quantitative
  • Risk Analysis Methods—Qualitative
  • Risk Analysis Methods—for HIGH impact risk types
  • Risk Analysis Methods
  • Risk Analysis Methods—Business Impact Analysis (BIA)
  • Methods for Assessing IT Risk
  • Identifying  and Assessing IT Risk
  • Definitions
  • Adverse Impact of Risk Event
  • Business Impacts From IT Risk
  • Business Related IT Risk Types
  • IT Project-Related Risk
  • Risk Components—Inherent Risk
  • Risk Components—Residual Risk
  • Risk Components—Control Risk
  • Risk Components—Detection Risk
  • Business Risk and Threats
  • Addressed By IT Resources
  • Identifying  and Assessing IT Risk
  • Methods For Describing
  • IT Risk In Business Terms
  • Case Study
  • Acronym Review
  • Definition Review
  • Domain 1 – Exercises
C)ISRM Part II Domain 2 – Risk Response 
  • Section Overview
  • Exam Relevance
  • Domain 2 Learning Objectives
  • Task Statements
  • Knowledge Statements
  • Risk Response Objectives
  • The Risk Response Process
  • Risk Response Options
  • Risk Response Parameters
  • Risk Tolerance and Risk Response Options
  • Risk Response Prioritization Options
  • Risk Mitigation Control Types
  • Risk Response Prioritization Factors
  • Risk Response Tracking, Integration and Implementation
  • Process Phases
  • Phase 1—Articulate Risk
  • Phase 2—Manage Risk
  • Phase 3—React To Risk Events
  • Sample Case Study
  • Domain 2 – Exercise 1
C)ISRM Part II – Domain 3 – Risk Monitoring 
  • Course Agenda
  • Exam Relevance
  • Learning Objectives
  • Task Statements
  • Knowledge Statements
  • Essentials
  • Risk Indicators
  • Risk Indicator Selection Criteria
  • Key Risk Indicators
  • Risk Monitoring
  • Risk Indicator Types and Parameters
  • Risk Indicator Considerations
  • Criteria for KRI Selection
  • Benefits of Selecting Right KRIs
  • Disadvantages of Wrong KRIs
  • Changing KRIs
  • Gathering KRI Data
  • Steps to Data Gathering
  • Gathering Requirements
  • Data Access
  • Data Preparation
  • Data Validating Considerations
  • Data Analysis
  • Reporting and Corrective Actions
  • Optimizing KRIs
  • Use of Maturity Level Assessment
  • Assessing Risk Maturity Levels
  • Risk Management Capability Maturity Levels
  • Changing Threat Levels
  • Monitoring Changes in Threat Levels
  • Measuring Changes in Threat Levels
  • Responding to Changes in Threat Levels
  • Threat Level Review
  • Changes in Asset Value
  • Maintain Asset Inventory
  • Risk Reporting
  • Reporting Content
  • Effective Reports
  • Report Recommendations
  • Possible Risk Report Recipients
  • Periodic Reporting
  • Reporting Topics
  • Risk Reporting Techniques
  • Sample Case Study
  • Practice Question 1
  • Practice Question 2
  • Practice Question 3
  • Practice Question 4
  • Acronym Review
  • Definition Review
  • Domain 3 – Exercises
C)ISRM Part II Domain 4 – IS Control Design and Implementation 
  • Section Overview
  • Exam Relevance
  • Domain 4 Learning Objectives
  • Task Statements
  • Knowledge Statements
  • C)ISRM Involvement
  • Control Definition
  • Control Categories
  • Control Types and Effects
  • Control Methods
  • Control Design Considerations
  • Control Strength
  • Control Strength
  • Control Costs and Benefits
  • Potential Loss Measures
  • Total Cost of Ownership For Controls
  • Role of the C)ISRM in SDLC
  • The SDLC Process
  • The Systems
  • Development Life Cycle (SDLC)
  • ‘Meets and Continues to Meet’
  • SDLC
  • SDLC Phases
  • Addressing Risk Within the SDLC
  • Business Risk versus Project Risk
  • Understanding Project Risk
  • Addressing Business Risk
  • Understanding Business
  • and Risk Requirements
  • Understand Business Risk
  • High Level SDLC Phases
  • Project Initiation
  • Phase 1 – Project Initiation
  • Phase 1 Tasks
  • Task 1—Feasibility Study
  • Feasibility Study Components
  • Determining Feasibility
  • Outcomes of the Feasibility Study
  • Task 1—Define Requirement
  • Requirement Progression
  • Business Information Requirements (COBIT)
  • Requirements Success Factors
  • Task 3—Acquire Software “Options”
  • Software Selection Criteria
  • Software Acquisition
  • Software Acquisition Process
  • Leading Principles for Design and Implementation
  • C)ISRM Responsibilities
  • Key System Design Activities:
  • Steps to Perform Phase 2
  • Phase 2 – Project Design and Development
  • System Testing
  • Test Plans
  • Project Testing
  • Types of Tests
  • UAT Requirements
  • Certification and Accreditation
  • Project Status Reports
  • Phase 3 – Project Testing
  • Testing Techniques
  • Verification and Validation
  • Phase 4 – Project Implementation
  • Project Implementation
  • Implementation Phases
  • Phase 4 – Project Implementation
  • End User Training Plans & Techniques
  • Training Strategy
  • Data Migration/Conversion Considerations
  • Risks During Data Migration
  • Data Conversion Steps
  • Implementation Rollback
  • Data Conversion Project Key Considerations
  • Changeover Techniques
  • Post-Implementation Review
  • Performing Post-Implementation Review
  • Measurements of Critical Success Factors
  • Closing a Project
  • Project Management and Controlling
  • Project Management Tools and Techniques
  • Project Management Elements
  • Project Management Practices
  • PERT chart and critical path
  • PERT Attribute
  • Sample Case Study
  • Practice Question 1
  • Practice Question 2
  • Practice Question 3
  • Practice Question 4
  • Practice Question 5

Main › CISSM) Certified Information System Security Manager

CISSM) Certified Information System Security Manager

CISSM) Certified Information System Security Manager


A minimum of 1 year in Information Systems


Student Workbook

  • Mile2 C)ISSM – Certified Information Systems Security Manager
  • Covers ISACA® CISM exam objectives
  • IS Security Officers
  • IS Managers
  • Risk Managers
  • Auditors
  • Information Systems Owners
  • IS Control Assessors
  • System Managers
  • Government

The Certified Information Systems Security Manager covers the skills and knowledge to assess threat analysis and risks, Risk & incident management, Security programs and CISO roles, IS security strategy and frameworks, Audit and Risk management creation of policies, compliance and awareness, as well as DR and BCP development, deployment and maintenance.

  • Information Security Governance
  • Information Risk Management & Compliance
  • Information Security Program Development & Management
  • Information Security Incident management.
  • Welcome
  • Agenda
  • CISM
  • CISM Exam Review Course Overview
  • CISM Qualifications
  • The Learning Environment
  • Daily Format
  • Domain Structure
  • Course Structure
  • Logistics
  • Course Agenda
  • Examination Content
  • Chapter 1 Learning Objectives
  • The First Question
  • Information Security Governance Overview
  • Selling the Importance of Information Security
  • The First Priority for the CISM
  •  Business Goals and Objectives
  • Outcomes of Information Security Governance
  • Benefits of Information Security Governance
  • Performance and Governance
  • Information Security Strategy
  • Developing Information Security Strategy
  • Elements of a Strategy
  • Objectives of Security Strategy
  • The Goal of Information Security
  • Defining Security Objectives
  • Business Linkages
  • Business Case Development
  • The Information Security Program
  • Security Program Priorities
  • Security versus Business
  • Security Program Objectives
  • What is Security?
  • Security Integration
  • Security Program
  • Architecture
  • Information Security Frameworks
  • Using an Information Security Framework
  • The Desired State of Security
  • The Desired State cont.
  • The Maturity of the Security Program Using CMM
  • Using the Balanced Scorecard
  • The ISO27001:2013 Framework
  • Examples of Other Security Frameworks
  • Examples of Other Security Frameworks
  • Constraints and Considerations for a Security Program
  • Constraints and Considerations for a Security Program cont.
  • Elements of Risk and Security
  • Risk Management
  • Information Security Concepts
  • Information Security Concepts cont.
  • Security Program Elements
  • Security Program Elements cont.
  • Third Party Agreements
  • Roles and Responsibilities of Senior Management
  • Senior Management Commitment
  • Steering Committee
  • CISO Chief Information Security Officer Responsibilities
  • Business Manager Responsibilities
  • IT Staff Responsibilities
  • Centralized versus Decentralized Security
  • Evaluating the Security Program
  • Audit and Assurance of Security
  • Evaluating the Security Program
  • Effective Security Metrics
  • Effective Security Metrics cont.
  • Key Performance Indicators (KPIs)
  • End to End Security
  • Correlation Tools
  • Reporting and Compliance
  • Regulations and Standards
  • Effect of Regulations
  • Reporting and Analysis
  • Ethics
  • Ethical Standards
  • Ethical Responsibility
  • Practice Questions
  • Exam Relevance
  • Information Asset Classification
  • Roles and Responsibilities
  • Roles and Responsibilities
  • Information Classification Considerations
  • Regulations and Legislation
  • Asset Valuation
  • Valuation Process
  • Information Protection
  • Information Asset Protection
  • Definition of Risk
  • Why is Risk Important
  • Risk Management Definition
  • Risk Management Objective
  • Risk Management Overview
  • Risk Management Overview
  • Defining the Risk Environment
  • Threats to Information and Information Systems
  • Threat Analysis
  • Aggregate Risk
  • Cascading Risk
  • Identification of Vulnerabilities
  • The Effect of Risk
  • Impact
  • Impact cont.
  • Risk Management Process
  • Risk Assessment Methodology
  • Annualized Loss Expectancy (ALE)
  • Qualitative Risk Assessment
  • Data Gathering Techniques
  • Results of Risk Assessment
  • Alignment of Risk Assessment and BIA
  • Risk Treatment
  • Risk Treatment
  • Risk Mitigation and Controls
  • Control Recommendations
  • Cost Benefit Analysis of Controls
  • Cost Benefit Analysis of Controls cont.
  • Risk Mitigation Schematic
  • Control Types and Categories
  • Control Types and Categories cont.
  • Security Control Baselines
  • Ongoing Risk Assessment
  • Measuring Control Effectiveness
  • Building Risk Management In (Agenda)
  • Risk Related to Change Control
  • Controlling Risk in Change Control
  • Risk Management During SDLC
  • Ongoing Risk Management Monitoring and Analysis
  • Audit and Risk Management
  • Audit and Risk Management cont.
  • Risk in Business Process Re-Engineering
  • Risk in Project Management
  • Risk During Employment Process
  • New Employee Initiation
  • Risk During Employment
  • Risk at Termination of Employment
  • Risks During Procurement
  • Risk During Procurement cont.
  • Reporting to Management
  • Documentation
  • Training and Awareness
  • Training and Awareness
  • Training for End Users
  • Practice Questions
  • Security Strategy and Program Relationship
  • Information Security Management
  • Importance of Security Management
  • Definition
  • Effective Security Management
  • Reasons for Security Program Failure
  • Program Objectives
  • Security Program Development
  • Security Program Development cont.
  • Outcomes of Information Security Program Development
  • Governance of the Security Program
  • Role of the Information Security Manager (Agenda)
  • Strategy
  • Policy
  • Creating Effective Policy
  • Awareness
  • Implementation
  • Monitoring
  • Compliance
  • Developing an Information Security Road Map
  • Defining Security Program Objectives
  • Inventory of Information Systems
  • Challenges in Developing an Information Security Program
  • Challenges in Developing an Information Security Program cont.
  • Elements of a Security Program Road Map
  • Security Programs and Projects
  • Security Program and Project Development
  • Security Project Planning
  • Selection of Controls
  • Common Control Practices
  • Security Program Elements (Agenda)
  • Policies
  • Acceptable Use Policy
  • Acceptable Use Policy cont.
  • Standards
  • Procedures
  • Guidelines
  • Technology
  • Personnel Security
  • Training and Skills Matrix
  • Organizational Structure
  • Outsourced Security Providers
  • Third-party Service Providers
  • Facilities
  • Facilities Security
  • Environmental Security
  • Information Security Concepts (Agenda)
  • Information Security Concepts (Agenda)
  • Access Control
  • Identification
  • Authentication
  • Authorization
  • Accounting / Auditability
  • Criticality
  • Sensitivity
  • Trust Models
  • Technology-based Security
  • Technologies
  • Security in Technical Components
  • Operations Security
  • Technologies – Access Control Lists
  • Filtering and Content Management
  • Technologies – SPAM
  • Technologies – Databases and DBMS
  • Encryption
  • Technologies – Cryptography
  • Technologies – Cryptography cont.
  • Technologies – Encryption cont.
  • Technologies – Hashing Algorithms
  • Technology – Communications OSI Model
  • Technology – Communications TCP/IP
  • Technologies – Operating Systems
  • Technology – Firewalls
  • Emerging Technologies
  • Intrusion Detection Policies and Processes
  • Intrusion Detection Systems
  • IDS / IPS
  • Password Cracking
  • Vulnerability Assessments
  • Penetration Testing
  • Penetration Testing cont.
  • Third Party Security Reviews
  • Integration into Life Cycle Processes
  • Security in External Agreements
  • Security in External Agreements
  • Security Program Implementation
  • Phased Approach
  • Challenges During Implementation
  • Evaluating the Security Program
  • Evaluating Security Program cont.
  • Evaluating the Security Program cont.
  • Measuring Information Security Risk and Loss
  • Measuring Effectiveness of Technical Security Program
  • Measuring Effectiveness of Security Management
  • Security Project Management
  • Review of Security Compliance
  • Practice Questions
  • Learning Objectives
  • Definition
  • Goals of Incident Management and Response
  • Goals of Incident Response cont.
  • What is an Incident – Intentional
  • What is an Incident – Unintentional
  • History of Incidents
  • Developing Response and Recovery Plans
  • Incident Management and Response
  • Incident Management and Response cont.
  • Incident Management and Response cont.
  • Importance of Incident Management and Response
  • Incident Response Functions
  • Incident Response Manager Responsibilities
  • Incident Response Manager Responsibilities cont.
  • Requirements for Incident Response Managers
  • Senior Management Involvement
  • The Desired State
  • Strategic Alignment of Incident Response
  • Detailed Plan of Action for Incident Management
  • Detailed Plan of Action for Incident Management – Prepare
  • Detailed Plan of Action for Incident Management – Prepare cont.
  • Detailed Plan of Action for Incident Management – Protect
  • Detailed Plan of Action for Incident Management – Detect
  • Detailed Plan of Action for Incident Management – Triage
  • Detailed Plan of Action for Incident Management – Response
  • Elements of an Incident Response Plan
  • Crisis Communications
  • Challenges in Developing an Incident Management Plan
  • Personnel
  • Personnel cont.
  • Personnel cont.
  • Team Member Skills
  • Skills cont.
  • Skills cont.
  • Security Concepts and Technologies
  • Organizing, Training and Equipping the Response Staff
  • Value Delivery
  • Performance Measurement
  • Reviewing the Current State of Incident Response Capability
  • Audits
  • Gap Analysis – Basis for
  • an Incident Response Plan
  • When an Incident Occurs
  • During an Incident
  • During an Incident cont.
  • Containment Strategies
  • The Battle Box
  • Evidence Identification and Preservation
  • Post Event Reviews
  • Disaster Recovery Planning (DRP) and Business Recovery Processes
  • Development of BCP and DRP
  • Plan Development
  • Plan Development cont.
  • Recovery Strategies
  • Recovery Strategies
  • Basis for Recovery Strategy Selections
  • Disaster Recovery Sites
  • Disaster Recovery Sites cont.
  • Recovery of Communications
  • Notification Requirements
  • Notification Requirements cont.
  • Response Teams
  • Insurance
  • Testing Response and Recovery Plans
  • Types of Tests
  • Test Results
  • Test Results cont.
  • Plan Maintenance Activities
  • BCP and DRP Training
  • Practice Questions

Main › CCISO | EC-Council Certified CISO

CCISO | EC-Council Certified CISO

CCISO | EC-Council Certified CISO

Main › Information Security Risk Management and Business Continuity Planning (HL947S)

Information Security Risk Management and Business Continuity Planning (HL947S)

Information Security Risk Management and Business Continuity Planning (HL947S)


As we’ve learned, Information Security is ultimately about protecting the assets most crucial to your business through preserving the Confidentiality, Integrity and Availability of your information. In this 3-day course, IT professionals and security officers learn to assess and manage risk in their organization and plan for the unexpected.


Risk management includes recognizing the assets key to your business success, documenting known threats and their likelihood, calculating the impact of a potential breach and implementing specific controls to avoid breaches or minimize the impact if any occur. Further, for those assets, you identify processes to recover from a breach, and explicitly recognize the remaining risk that you choose to accept.

Business continuity and disaster recovery planning extends this by responding when the unexpected happens and preparing to continue conducting business as usual, and as quickly as possible with as little impact on day to day operations. When disaster strikes, how much will it affect your company? Your reputation? Your customers?

In this course, you learn to identify and evaluate risk to your highest priority assets, and also how to design, implement and maintain effective, risk treatment controls. This course is also helpful for those working toward industry certifications like CRISC, ABCP, CFCP, CBCI, Security+ or others.

  • HP Enterprise Security Essentials (HL945S) or equivalent knowledge
  • New System or Network Administrators who want to understand how to determine and manage risk, including an appropriate business continuity strategy
  • IT Professionals who need an overview of risk management and BCP/DR concepts and techniques
  • Individuals working towards (or considering) an information security or risk management-focused certification
  • Professionals who want to know more about risk management because it’s important for their job as a security practitioner
  • Professionals who want to know more about business continuity strategies because everybody needs to be ready for the unexpected!

Students attending this course will:

Describe generalized risk management lifecycle as starting point in organizational discussions and how processes fit together

  • Identify models/frameworks related to Risk Management and Business Continuity Planning/Disaster Recovery Planning
  • Paraphrase the process for business impact analysis interviews and calculating values
  • Paraphrase the process for assessing and analyzing risk scenarios quantitatively and qualitatively
  • Outline the contents expected in in a Risk Treatment Plan and BCP/DRP documents
  • Participate in risk management implementation audit

Describe the role of governance in managing risk and compliance

  • Describe management support and identify team responsibilities
  • Scope the current situation in terms of documents to gather and questions to ask

Describe the management requirements to implement risk and resiliency strategy

  • Recognize the scope of potential risk response and BCP/DRP strategies appropriate to level of risk
  • Categorize investment requirements

Discuss requirements and proposals with security professional

Begin to prepare for various security-related certification exams or a security lead position

  • CSA Certificate of Cloud Security Knowledge Foundation (H1L09S)

Module 1: Mapping Risk Management and Continuity Planning to Your Business

  • Describe risk management
  • Discuss the relationship between security, business continuity management and risk management
  • Define risk terms
  • Describe the risk equation
  • Define the key words relating to BCP/DRP
  • Position resiliency in your management strategy
  • Describe the types of response strategies
  • Describe the role of governance in managing risk and compliance

Module 2: Making the Case for Risk Management and Business Continuity Planning

  • Discuss the importance of risk management and the need for BCP/DRP in any environment
  • List business considerations and drivers for risk management and business continuity planning
  • Determine which drivers apply to your environment

Module 3: Managing Risk as a Process

  • Describe the purpose of frameworks, reference models, standards
  • List possible risk management models or frameworks as your guide
  • Compare BCP/DRP frameworks for your environment
  • Describe the lifecycle of risk management
  • Distinguish between risk assessment, risk analysis, and business impact analysis
  • Promote the ongoing need for training and plan updates
  • Define the activities involved in managing risk
  • List responsibilities and potential members for a risk management team
  • Define the activities involved in developing and maintaining a BCP/DRP
  • List responsibilities and potential members for a BCP team
  • Describe elements of a proposal for board approval
  • Identify stakeholders and their concerns

Module 4: Analyzing Business Impact: Where to Focus

  • List detailed steps to conduct a business impact analysis project
  • Describe steps to conduct interviews to gather data
  • Describe how to increase success with BIA interviewing
  • Define analytical terms for business impact and recovery requirements
  • Explain the process to calculate and document recovery requirements for your critical business functions

Module 5: Assessing Risk: What Threats and Vulnerabilities Exist

  • List the requirements of a risk assessment team
  • Describe how to select assessment targets based on BIA
  • Outline the steps in a risk assessment project
  • Define the scope of an assessment
  • Identify what goes into a plan for examination activities (interviews and vulnerability scanning)
  • Compare data gathering methods
  • Compare risk assessment methods and tools
  • List expectations for documenting assessment results
  • List steps to mitigate risks of being a risk assessor

Module 6: Analyzing Risks: How Much It’s Worth

  • Compare quantitative and qualitative risk analysis
  • Describe methods to calculate quantitative risk
  • Define probability classes

Module 7: Documenting Risk Treatment Plans: How to Protect Assets

  • Define risk management strategies
  • Describe how to select risk treatment plans (physical, technical, social) appropriate to analysis results
  • Describe the importance of documenting a policy to review risk management needs

Module 8: Planning for Resiliency: How to Continue Your Business

  • List the sections of a Business Continuity Plan document
  • Describe the BCP’s underlying plans
  • List other BC-related plans and their contents
  • Position the Disaster Recovery Plan with respect to the BCP
  • List key elements for a Disaster Recovery plan
  • Compare Disaster Recovery strategies for your company
  • Compare levels of redundancy and retention
  • Identify roles and responsibilities for recovery teams
  • Optimize distribution and utility of documents

Module 9: Implement Risk Treatment Plan

  • Integrate the project requirements across risk, BCP, and DRP plans
  • Follow project management best practices to implement plans for risk treatment across the organization
  • Describe the steps to take during a security incident
  • List the elements of a security incident report
  • Identify what constitutes an incident
  • Describe the process to collect evidence related to an incident

Module 10: Failing Back

  • Discuss what happens when you’re ready to go back
  • Evaluate the opportunity to upgrade business effectiveness and/or resiliency
  • Describe the steps

Module 11: Auditing Risk Management Implementation and Testing BCP Procedures

  • Differentiate between an audit and an assessment
  • Define the characteristics of an audit
  • Describe when an audit may be applicable
  • Predict evidence requested during an audit process
  • Compare risk management audit, compliance audit, and BCP testing
  • Describe the levels of testing for BCP/DRP plans

Module 12: Summary and Case Study

  • Test your knowledge
  • Given sufficient detail, design an appropriate risk strategy

Module 13: Business Continuity Planning – Next Steps

  • Ask the right questions to determine where your company currently stands
  • Champion the need for Business Continuity Planning with your management
  • Determine how much help you need and get it


Appendix A: Vulnerability Scanning Tools
Appendix B: Selecting Technical Controls

For more information about HP training programs in Ukraine visit the web site at