Course Overview:
Certified in Risk and Information Systems Control (CRISC), is for professionals responsible for an organization's risk management program. Students looking to acquire CRISC qualify themselves as IT security analyst, security engineer architect, information assurance program manager and senior IT auditor. CRISC certified professionals manage risk, design and oversee response measures, monitor systems for risk, and ensure the organization's risk management strategies are met.
The CRISC exam will primarily align with the terminology and concepts described in The Risk IT Framework, The Risk IT Practioner Guide, and COBIT 5. This will include applications in the evaluation and monitoring of IT-based risk, as well as the design and implementation of IS controls.
The CRISC exam covers four domains that are periodically updated to reflect the changing needs of the profession:
- Domain 1: Risk Identification
- Domain 2: Risk Assessment
- Domain 3: Risk Response and Mitigation
- Domain 4: Risk and Control Monitoring and Reporting
This course is designed to assist in your exam preparation for the CRISC exam.
Attendees to TN-835: Certified in Risk and Information Systems Control (CRISC) Seminar will receive TechNow approved course materials and expert instruction.
Dates/Locations:
Duration: 5 Days
Course Objectives:
- Risk IT Framework—Purpose and Principles
- Essentials of Risk Governance, Evaluation, and Response
- Risk and Opportunity Management Using CobiT, Val IT and Risk IT
- The Risk IT Framework Process Model Overview
- Managing Risk in Practice—The Practitioner Guide Overview
- Overview of the Risk IT Framework Process Model
- The Risk IT Framework
Prerequisites:
A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least three (3) CRISC domains is required for certification. There are no substitutions or experience waivers.
Comments
Latest comments from students
User: tracycampbell
Instructor comments: Dave had great command of the class and the flow of information. The lessons seem relevant to the exam and the course material should assist greatly with passing.
As a bonus, his breakdown of PKI helped with my current job requirements.
Facilities comments: The Home2Suites by Hilton was FANTASTIC!
Liked the class? Then let everyone know!
Course Overview:
Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.
Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.
Dates/Locations:
Duration: 5 Days
Course Objectives:
- Introduction to Pen Testing using the PTES model
- Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
- Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
- Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
- Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
- Exploitation
- Using the Metasploit Framework and console to exploit
- Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
- Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
- Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
- Metasploit Auxiliary Modules
- Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
- Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
- Meterpreter Scripting
- Capture The Flag Exercise
Prerequisites:
- This is an advanced Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
- Certification or 2 years of experience in these operating systems is highly recommended
- An understanding of TCP/IP
Comments
Latest comments from students
Liked the class? Then let everyone know!
We are often asked what is the recommended sequence of classes. Here is our recommended sequence of classes for The Security Field.
Certified Information Security Manager (CISM)
Certified Information Systems Auditor(CISA)
Certified Information Systems Security Professional(CISSP)
TechNow Provides Integrated Solutions
TechNow delivers enterprise hardware, software, and consulting that implements technologies in the areas of virtualization, IP telephony, open source systems, or security. If your company is interested in the benefits of cost effective and secure hardware, software and consulting solutions, please contact us for further information.
TechNow Virtualization Solutions: TechNow delivers virtualization solutions in several virtualization stacks: Microsoft HyperV, Oracle VM, and VMware. TechNow integrates open system RAID NAS storage solutions that enable high availability solutions for all stacks. High performance I/O is critical to virtualized solutions and TechNow delivers the hardware, software, and consulting to make that happen. Mission critical environment and optimized for be both scalable and secure. If you are interested in purchasing a virtualization solution please contact TechNow to setup an appointed to discuss your requirements.
TechNow VoIP Solutions: TechNow delivers VoIP affordable solutions utilizing SIP and integrating desktop softphones, physical handset phones, iPad/iPod clients, cell phones, web status, email, voicemail, extisting landlines, and VoIP SIP Trunks. There are many marketing terms for highly integrated solutions, the term our product is "Great". If you are interested in purchasing a VoIP solution please contact TechNow to setup an appointed to discuss your requirements.
TechNow Security Solutions: TechNow delivers security solutions that are enterprise centric. As organizations grapple with managing security in their infrastructure, TechNow can architect, deliver, and implement hardware, software, and consulting required to insure a responsive and integrated approach to infastructure security.
TechNow,Inc is an Accredited Training Center. As an ATC we are authorized to conduct EC-Council curriculum courses. Students will receive official EC-Council Curriculum and access to iLabs and when applicable access to EC-Council Cyber Range.
Here are the EC-Council course offerings:
