Course Outline

EC-Council CCISO Bootcamp

CEH1002 | Day | 5 Days

The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security.

Bringing together all the components required for a C-Level positions, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program. Material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information, but rather on the application of technical knowledge to an information security executive’s day-to-day work. The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.

Who should take this course

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view.

This boot camp is intended for students seeking to earn their CCCISO certification and who need an expert instructor to guide them throughout the training and exam preparation process.

Course Objectives

This boot camp will cover the following topics:

Course Outline

Domain 1 - Governance

Qualifying areas under Domain 1 include the following:

 

Domain 2 – Security Risk Management, Controls, and Audit Management

Qualifying areas under Domain 2 include the following:

Information Security Management Controls:

Auditing Management

 

Domain 3 – Security Program Management and Operations

Qualifying areas under Domain 3 include the following:

Domain 4 – Information Security Core Concepts

Qualifying areas under Domain 4 include (but are not limited to) the following:

Access Control

Social Engineering, Phishing Attacks, Identity Theft

Physical Security

Risk Management

Disaster Recovery and Business Continuity Planning

Firewall, IDS/IPS and Network Defense Systems

Wireless Security

Virus, Trojans and Malware Threats

Secure Coding Best Practices and Securing Web Applications

Hardening OS

Encryption Technologies

Computer Forensics and Incident Response

Domain 5 – Strategic Planning, Finance, and Vendor Management

Qualifying areas under Domain 1 include (but are not limited to) the following:

Strategic Planning

Finance

Understand the IA security requirements to be included in statements of work and other appropriate procurement documents.