Information Security Review

A baseline review of an organization's current strengths and weaknesses against a comprehensive set of information security controls.

Plan Health Check / Capability Review

A review of existing Business Continuity or Disaster Recovery plans and their underlying strategies to determine an organization's preparedness and recovery capability.

Business Impact Analysis

An assessment of a business detailing the impact that would be felt if it were unable to operate normally due to a major incident. Expressed in both quantitative (financial) and qualitative (reputation) terms, the BIA is used to determine and justify a Business Continuity Planning strategy.

Risk Analysis

An assessment of the threats to a company, both commercial and environmental. The categorization of such threats and means of mitigation.

Emergency Response Planning

The means by which the evacuation, escalation and notification part of a company's response to an incident is managed. The 'front-end' of a Business Continuity Plan.

Recovery Strategy Development

An examination of external and internal recovery solutions appropriate to the company's recovery requirements. The determination of cost-effective solutions to meet a company's Recovery Time Objectives (RTOs) and recovery needs. Usually follows and is driven by the Business Impact Analysis.

Plan Development

The formal documentation of procedures to enable a company to carry out its Business Continuity Planning strategy at time of disaster.

Implementation of Solutions

Project management of creating the recovery solution(s) identified at the Recovery Strategy Development stage. Includes the acquisition, delivery and installation of equipment and facilities, and the release and issue of Business Continuity Plans and associated documentation.

Exercising and Testing

A company should have no real confidence in a developed plan until it has actually been tested. The tests and drills prepare personnel for what they may be faced with and enable them to learn the tasks expected of them.

Exercise and testing could take several forms including:

• A Checklist Test
• A Structured Walk-Through Test
• A Simulation Test
• A Parallel Test
• A Full-Interruption Test

Continuous Improvement Programs

A methodology that aims to ensure a company's BCP program is appropriately maintained. Typically consists of four elements:

Training and Awareness Program

These can take many forms but are designed to ensure that all staff are kept informed (in varying degrees of detail) about the company's Business Continuity Plans and have the skills necessary to carry them out.

Electronic Discovery

Our forensics experts utilize accepted applications to forensically examine electronically stored data. We locate and review electronically stored documents, files, and correspondences including email. The identification or restoration of stored, deleted, and erased files (including email) from a computer, combined with certifying the authenticity of the files is of paramount importance.

• Data Recovery and Investigation
• Network Investigation
• PDA Forensics
• Telephone Investigation

Writing Security Policies

• Acceptable use of corporate assets
• Server and workstation configuration
• Patch management
• Network infrastructure
• User accounts

Security policies guide the technical team in choosing and configuring equipment. They also define the responsibilities for users and administrators, the consequences for policy violation, and the appropriate response and escalations to recognized threats.

Defense in Depth

A good defense goes beyond placing security devices at the gateway to your network. Potential targets of attack include routers, firewalls, switches, networks, hosts, applications, data, and management components.

Cyber Plus security professionals can examine and strengthen a variety of components that are used for a defense in-depth strategy, including:

• the security policy
• use of authentication, authorization and accounting
• VPN connectivity
• network segmentation
• dynamic perimeter security
• host-based defense, including intrusion detection/prevention
• effective monitoring

Security Appliance Configuration
(Routers, Firewalls, IDS Sensors)

After a company has assessed its risks and vulnerabilities, has made decisions on what is critical, and has defined its security policy, it is time to take steps to actually secure the corporate infrastructure. This may include installing, configuring, administering and managing hardware routers, firewalls, IDS sensors, and VPN concentrators and various host-based security software.

Virtual Private Network Establishment

VPNs can provide security through point-to-point encryption of data, data integrity by ensuring that the data packets have not been altered en route, and authentication to ensure that the packets are coming from the right source.

Integrating Voice and Data Networks Securely

Disaster Recovery

This course presents methods to identify vulnerabilities and take appropriate countermeasures to prevent and mitigate failure risks for an organization. This course provides the networking professional with a foundation in disaster recovery principles, including preparation of a disaster recovery plan, assessment of risks in the enterprise, development of policies and procedures, an understanding of the roles and relationships of various members of an organization, implementation of the plan, testing and rehearsal of the plan, and actually recovering from a disaster.

• Introduction to Disaster Recovery
• Preparing to Develop the Disaster Recovery Plan
• Assessing Risks in the Enterprise
• Prioritizing Systems and Functions for Recovery
• Developing Plans and Procedures
• Organizing Relationships in Disaster Recovery
• Procedures for Responding to Attacks on Computers
• Developing Procedures for Special Circumstances
• Implementing Disaster Recovery Plans
• Testing and Rehearsal
• Continued Assessment of Needs, Threats, and Solutions
• Living Through a Disaster

Ethical Hacking and Network Defense

With the threats of cyber terrorism and corporate espionage increasing, the need for trained network security professionals continues to grow. This course covers penetration-testing tools and techniques that ethical hackers and security testers use to protect computer networks. This course provides a structured knowledge base for preparing security professionals to discover vulnerabilities and recommend solutions for tightening network security and protecting data from potential attackers.

Specific topic coverage includes:

• Ethical Hacking Overview
• TCP/IP Concepts Review
• Network and Computer Attacks
• Footprinting and Social Engineering
• Port Scanning
• Enumeration
• Programming for Security Professionals
• Microsoft Operating System Vulnerabilities
• Linux Operating System Vulnerabilities
• Hacking Web Servers
• Hacking Wireless Networks
• Cryptography
• Protecting Networks with Security Devices

Firewalls and Network Security

This course provides a comprehensive overview of building and maintaining firewalls in a business environment. It is designed for the student and network administrator who need to learn the basics of network firewall security. It covers basic installation techniques, discusses how to make an intelligent choice of firewall technology, and presents basic firewall troubleshooting. Specific topics covered include: planning/design, security, configuration, packet filtering, proxy servers, authentication, encryption, and VPNs.

Forensics and Investigation

This course presents methods to properly conduct a computer forensics investigation, beginning with a discussion of ethics while mapping to the objectives of the International Association of Computer Investigative Specialists (IACIS) certification. Students should have a working knowledge of hardware and operating systems (OSs) to maximize their success on projects and exercises throughout the text.

Specific topics covered include:

• Computer Forensics and Investigations as a Profession
• Understanding Computer Investigations
• The Investigator's Office and Laboratory
• Current Computer Forensics Tools
• Processing Crime and Incident Scenes
• Digital Evidence Controls
• Working with Windows and DOS Systems
• Macintosh and Linux Boot Processes and Disk Structures
• Data Acquisition
• Computer Forensic Analysis
• Recovering Image Files
• Network Forensics
• E-Mail Investigations
• Becoming an Expert Witness and Reporting Results of Investigations

Linux Networking Security

This course begins by introducing networking technologies and protocols, then moves into configuring a Linux network using a variety of command line and graphical utilities. Specific protocols and applications are covered in the networking chapters, including the r-utilities, NFS, Samba, and FTP, plus business-critical services such as e-mail, Web, and DNS.

The second half of the course includes a discussion of security in the context of protecting business assets and user privacy, with emphasis on system administrator ethics. Cryptography and encrypted protocols lay a foundation for discussion of specific Linux security tools, including PAM, sudo, and GPG. User, file, and network security are covered. The network security discussion includes firewalls, VPNs, and utilities such as nmap, ethereal, and the SAINT profiling tool. Throughout, the text provides examples of sample commands and output, plus screen shots of related graphical utilities.

• Networking Fundamentals
• Configuring Basic Networking
• Configuring Client Services
• Using Simple Network Services
• Configuring File Sharing Services
• Configuring Major Network Services
• Security, Ethics, and Privacy
• Making Data Secure
• User Security
• File Security
• Network Security Fundamentals
• Network Intrusion Detection

Network Defense and Countermeasures

The primary emphasis of this course is on intrusion detection, but the course also covers such essential practices as developing a security policy and then implementing that policy by performing Network Address Translation, setting up packet filtering, and installing proxy servers, firewalls, and virtual private networks. The course provides the student with a solid foundation in network security fundamentals, but assumes familiarity with the Internet and basic networking concepts.

Specific topic coverage includes:

• Network Defense Fundamentals
• Security Policy Design: Risk Analysis
• Security Policy Implementation
• Network Traffic Signatures
• Virtual Private Network (VPN) Concepts
• VPN Implementation
• Intrusion Detection System Concepts
• Intrusion Detection: Incident Response
• Choosing and Designing Firewalls
• Firewall Topology
• Strengthening and Managing Firewalls
• Strengthening Defense through Ongoing Management

Operating System Security

This course provides an in depth look at operating system security concepts and techniques. We will examine theoretical concepts that make the world of security unique. Also, this course will adopt a practical hands-on approach when examining operating system security techniques. Along with examining different security strategies, this course will explore the advancement of security implementation, as well as, timeless problem solving strategies.

Specific topic coverage includes:

• Operating Systems Security: Keeping Computers and Networks Secure
• Viruses, Worms, and Malicious Software
• Security Through Authentication and Encryption
• Account-Based Security
• File, Directory, and Shared Resource Security
• Firewalls and Border Security
• Physical and Network Topology Security
• Wireless Security
• Web, Remote Access, and VPN Security
• E-Mail Security
• Security Through Disaster Recovery
• Security Through Monitoring and Auditing

SecurityAwareness

The goal of this course is to provide students with a comprehensive overview of computer and network security issues including the numerous types of attacks computers are vulnerable to, the types of attacker profiles, and the hardware and software defense solutions available. This course emphasizes corporate security and policy issues involving e-mail, Internet access, passwords, Incident Response and Disaster Recovery. Internet Security and Network Security are addressed focusing on the threats to WAN and LAN networks and methods of protecting each type of network.

Web Security for Network and System Administrators

Students will learn about technologies, terms, and processes related to Internet security.

• Security Processes
• Threats to IT Assets
• Encryption
• Fundamentals of Network Security
• Network Security Threats
• Intrusion Detection
• Fundamentals of System Security
• UNIX System Security
• Windows System Security
• Standards and Compliance
• Security Testing

CWNA Wireless LANs

This course provides a hands-on guide to planning, designing, installing and configuring wireless LANs that prepares students for the Certified Wireless Network Administrator (CWNA) certification. The text used offers in-depth coverage of wireless networks with extensive step-by-step coverage of IEEE 802.11b/a/g/pre-n implementation, design, security, and troubleshooting. Material is reinforced with hands-on projects at the end of each chapter from two of the principal wireless LAN vendors, Cisco and Linksys. Specific topic coverage includes:

• Wireless LAN Devices and Standards
• How Wireless Works
• IEEE 802.11 Physical Layer Standards
• IEEE 802.11 Medium Access Control and Network Layer Standards
• Planning and Building a Wireless LAN
• Conducting a Site Survey
• Wireless LAN Security and Vulnerabilities
• Implementing Wireless LAN Security
• Managing a Wireless LAN
• Network Settings and Wireless LAN Troubleshooting
• Personal, Metropolitan, and Wide Area Wireless Networks

DB Security and Auditing

This course is broken into three sections: Security, Auditing and Implementation. Students will fully understand how to implement database security on modern business databases using practical scenarios and step-by-step examples that are presented. Hands-on projects and case projects are used to reinforce and showcase the topics learned. The course allows the students to apply their knowledge in a presentation of four real-world cases using security and auditing. Specific topic coverage includes:

• Security Architecture
• Operating System Security Fundamentals
• Administration of Users
• Profiles, Password Policies, Privileges, and Roles
• Database Applications Security Models
• Virtual Private Databases
• Database Auditing Models
• Application and Data Auditing
• Auditing Database Activities
• Security and Auditing Cases Project Security

Adopting an Information Security Governance Framework

• understand the value of ISG
• interpret the content of the Corporate Gevernance task force's ISG framework
• implement a self-assessment process that is in line with ISO 17799 standards
• drive awareness/acceptance of Information Security Governance as a corporate responsibility

Targeted Information Security Audits

• Wireless Security
• Telecom, Networking and Convergence (e.g., VoIP)
• Access Control
• Operations Security
• Physical Security
• Business Continuity Planning
• Security Management Practices
• Operating System Security (Windows, Linux, Macintosh)
• Network Operating System Security (Windows, NetWare, Unix)
• Application Security (Oracle, SQL, Notes, etc.)

Targeted Perimeter Audit

• web servers
• operating systems
• databases
• e-commerce applications
• routers
• load balancing servers
• LDAP servers
• FTP servers
• firewalls
• hubs & switches

Complete Enterprise Information Security Audit

• security management practices
• telecommunciation and network security
• operations security
• physical security
• access controls systems and methodology
• application and system development security
• cyrptography
• security architecture and models
• legal compliance
• business continuity planning and disaster recovery planning

Sarbanes-Oxley Section 404 Compliance

• a statement of management's responsibilities for establishing and maintaining an adequate system
• the identification of the framework used to evaluate the internal controls
• a statement as to whether the internal control system is effective as of yearend
• the disclosure of any material weaknesses in the internal control system
• a statement that the company's external auditors have issued an audit report on management's assessment of its internal controls

HIPAA Privacy Rule 45 CFR Parts 160 & 164

1. Administrative Procedures - procedures and policies governing confidentiality, integrity, and access of patient data



2. Physical Safeguards - business continuity planning to safeguard patient data, control its access and protect the computer systems and networks that store and communicate that data from fire and other types of catastrophic disasters



3. Technical Safeguards - access, authentication, authorization, auditing, integrity and the transmission of sensitive data

• Workforce Identity and Account Management
• Information Management
• Continuity Planning and Disaster Recovery
• Electronic Mail
• Data Centers
• Remote Access
• Information for Users

Gramm-Leach-Bliley Act

• establish track and trace capabilities for auditable data movement & transfers across the enterprise
• proactively manage logical access to systems, services, devices, and data
• track and document the change control process
• monitor and track unauthorized attempts to access customer data
• track and document procedures associated with an incident