Course Overview:

Certified in Risk and Information Systems Control (CRISC), is for professionals responsible for an organization's risk management program.  Students looking to acquire CRISC qualify themselves as IT security analyst, security engineer architect, information assurance program manager and senior IT auditor.  CRISC certified professionals manage risk, design and oversee response measures, monitor systems for risk, and ensure the organization's risk management strategies are met.

The CRISC exam will primarily align with the terminology and concepts described in The Risk IT Framework, The Risk IT Practioner Guide, and COBIT 5.  This will include applications in the evaluation and monitoring of IT-based risk, as well as the design and implementation of IS controls. 

The CRISC exam covers four domains that are periodically updated to reflect the changing needs of the profession:

  • Domain 1: Risk Identification 
  • Domain 2: Risk Assessment
  • Domain 3: Risk Response and Mitigation
  • Domain 4: Risk and Control Monitoring and Reporting

This course is designed to assist in your exam preparation for the CRISC exam.

Attendees to TN-835: Certified in Risk and Information Systems Control (CRISC) Seminar will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Risk IT Framework—Purpose and Principles
  • Essentials of Risk Governance, Evaluation, and Response
  • Risk and Opportunity Management Using CobiT, Val IT and Risk IT
  • The Risk IT Framework Process Model Overview
  • Managing Risk in Practice—The Practitioner Guide Overview
  • Overview of the Risk IT Framework Process Model 
  • The Risk IT Framework

Prerequisites:

A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least three (3) CRISC domains is required for certification. There are no substitutions or experience waivers.

Comments

Latest comments from students


User: tracycampbell

Instructor comments: Dave had great command of the class and the flow of information. The lessons seem relevant to the exam and the course material should assist greatly with passing. As a bonus, his breakdown of PKI helped with my current job requirements.

Facilities comments: The Home2Suites by Hilton was FANTASTIC!



Liked the class?  Then let everyone know!

Course Overview:

This concentration was developed in conjunction with the U.S. National Security Agency (NSA) providing an invaluable tool for any systems security engineering professional. CISSP®-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. Security professionals are hungry for workable methodologies and best practices that can be used to integrate security into all facets of business operations. The SSE model taught in the IATF portion of the course is a guiding light in the field of information security and the incorporation of security into all information systems.

Attendees to TN-812: Information Systems Secuirty Engineering Professional (ISSEP) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Systems Security Engineering
  • Certification and Accreditation
  • Technical Management
  • U.S. Government Information Assurance Governance

Prerequisites:

Comments

Latest comments from students


User: fsarisen

Instructor comments: Thank you Tim for all the great information! I am confident that I'll do well on the ICND exam.


User: storoy30

Instructor comments: The instructor, Tim Burkard, was very knowledgeable on the course material and skilled at explain more complex ideas.


Liked the class?  Then let everyone know?

Course Overview:

As VoIP (Voice-over IP) is integrated into the operations of many missions, it is imperative to understand its security ramifications.  In the N-595: VoIP Security Analysis and Design class the objectives are designed for those who are chartered with the responsibility of securing networks and application environments that incorporate VoIP.   Topics include how VoIP works, its interactions with the network, its vulnerabilities and mitigations.  Focus is on leading open source and proprietary technologies utilizing Asterisk and Cisco and the protocols SIP, H.323, RTP, MGCP, and Skinny.  Other protocols such as Nortel's UNIStim will be addressed.  As for Cisco, security pieces in the VoIP CallManager servers, Catalyst switches, IOS-based routers, and ASA firewalls, amounts to several different platforms, each with its own management interface and lockdown procedures.   Various open source tools including those in BackTrack are used for VoIP attacks.  A task list of actions for securing enterprise VoIP is carried out in hands-on labs, performed on Cisco phones, routers, switches, and ASA firewalls.

Attendees to N-595: VoIP Security Analysis and Design will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • VoIP Architecture
  • VoIP Signaling and media protocols
  • Common VoIP authentication mechanisms
  • Common VoIP encryption techniques
  • VoIP protocol analysis with Wireshark
  • Maintaining QoS while mitigating DoS
  • VoXML, XML, and application integration security
  • Converged network security design and implementation
  • Impact of NAT and firewalls
  • SIP, H.323, and MGCP vulnerabilities
  • VPN, IPsec and SRTP to secure VoIP services
  • Penetration testing with open source tools
  • Attacks for Eavesdropping, call redirection, and DoS
  • Design of hacked firmware virtualization layer
  • Concise lockdown steps for network hardware and VoIP

Prerequisites:

  • This is an advanced Information Security Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • As well as an understanding of TCP/IP

Comments

Latest comments from students


Liked the class?  Then let everyone know!

 

Course Overview:

This FastTrack course combines combines two VMware courses (VMware Cloud Essentials and vCloud Architecting the VMware Cloud) into a single week course that adds extra exercises and labs to exemplify the techniques presented.  The course begins with how to adopt, operate, and govern the cloud. The course enables participants to successfully complete the associated CompTIA Cloud Essentials™ Exam to become a Cloud Essentials™ Professional(CEP). This course also covers the subject matter specified by the VCP-Cloud certification.

This course is designed to guide students through the decision points and policy choices available for designing and implementing a VMware vCloud environment. Detailed labs and exercises for VMware vSphere™, VMware vCloud Director, VMware vCenter™ Chargeback, and the VMware® vShield Edge capability that is included with vCloud Director. A comprehensive VMware cloud design is demonstrated and discussed.

Attendees to VM-335:  VMware Cloud Essentials and vCloud – Architecting the VMware Cloud FastTrack will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Understand the common terms and definitions of cloud computing.
  • Understand the business benefits and business considerations of cloud computing.
  • Understand cloud computing from a technical perspective and recognize the various techniques, methods, challenges, and types of clouds.
  • Understand the impact and changes of cloud computing on IT service management.
  • Explain typical steps that lead to the successful adoption of cloud computing and understand the implications for organizations.
  • Recognize the compliance, risk, and regulatory consequences of cloud computing and its financial and strategic impact on an organization.
  • Evaluate and design a multitenant environment to address both private cloud and public cloud customer needs.
  • Configure vCloud providers that can accommodate heterogeneous server, storage, and network resources
  • Design a network infrastructure optimized for vCloud.
  • Integrate vCloud Director security with existing LDAP systems and design appropriate security hierarchies with security rolesnderstand the common terms and definitions of cloud computing.
  • Understand the business benefits and business considerations of cloud computing.
  • Understand cloud computing from a technical perspective and recognize the various techniques, methods, challenges, and types of clouds.
  • Understand the impact and changes of cloud computing on IT service management.
  • Explain typical steps that lead to the successful adoption of cloud computing and understand the implications for organizations.
  • Recognize the compliance, risk, and regulatory consequences of cloud computing and its financial and strategic impact on an organization.
  • Evaluate and design a multitenant environment to address both private cloud and public cloud customer needs.
  • Configure vCloud providers that can accommodate heterogeneous server, storage, and network resources.
  • Design a network infrastructure optimized for vCloud.
  • Integrate vCloud Director security with existing LDAP systems and design appropriate security hierarchies with security roles.
  • Design a vCenter Chargeback implementation.

Course Prerequisites:

  • VM-315  or equivalent experience.
  • Managing or administering at least one of UNIX, Windows, databases, networking, or security.

Comments

Latest comments from students


 

Liked the class?  Then let everyone know!

 

 

 

Course Overview:

TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment.  Security teams wrestle with the impact and liability of Cloud computing on an organization.  This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).

Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment.  Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy.  Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds.   Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.

Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 3 days

Course Objectives:

  • Cloud computing introduction
  • Security challenges in the cloud
  • Infrastructure security in the cloud
  • Policy, risk, and governance for cloud computing
  • Compliance and legal considerations
  • Audit and assessment for the cloud
  • Data security in the cloud
  • Identity and Access Management (IAM)
  • Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
  • Intrusion detection and incident response

Course Prerequisites:

  • GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
  • Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students


User: reedrobt

Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?

Facilities comments: Home2 location was well-kept and convenient to other services.


 

Liked the class?  Then let everyone know!