Security School Course Catalog from SearchSecurity.com
Welcome to SearchSecurity.com's Security School Course Catalog. We offer a variety of free online information security training courses you can take on your own time at your own pace. They each arm you with the foundational and tactical information you need to deal with the increasingly challenging job of keeping your organization's information secure.
Select a course from the options below and get started today!
| FEATURED LESSON - MESSAGING SECURITY SCHOOL |
 |
|
 |
|
|
|
|
|
 Spam 2.0: New threats and new strategies
NEW It's no wonder the spam problem continues unabated. The proliferation of botnets and profit motives are spurring new spam techniques that are getting through filters and clogging inboxes. Innovative techniques, such as embedding them in PDFs or within images, are tricking spam filters and users alike. While inroads have been made, the war on spam is certainly not over. In this lesson, learn how to stay on top of these emerging tricks.
Featuring Michael Cobb, managing director, Cobweb Applications Ltd.
|
|
|
|
|
|
|
|
|
|
MORE SECURITY SCHOOL LESSONS  |
|
|
|
|
|
|
|
|
|
Data Protection Security School
In this school, SearchSecurity.com provides information security professionals with the tools and tactics they need to successfully secure data throughout the enterprise -- whether in motion or at rest.
LESSONS:
 Executing a data governance strategy
NEW Implementing a data governance strategy amid disparate corporate data.
Featuring Russell L. Jones, partner AERS - Security & Privacy Services, Deloitte & Touche
 Data encryption demystified
What to encrypt, how to encrypt it and other key considerations.
Featuring Tom Bowers, managing director, Security Constructs
 Preventing data leaks
Policies and processes to contain threats from within.
Featuring Richard Bejtlich, founder, Tao Security
 Enterprise strategies for protecting data at rest
Storage-security synergies and e-discovery tactics.
Featuring Perry Carpenter, security practitioner, major telco firm
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Intrusion Defense School
Putting the pieces of intrusion defense -- antivirus, antispyware, IDS/IPS, etc. -- in perspective to help you implement an intrusion defense strategy that meets your organization's needs.
LESSONS:
Getting started with perimeter defense
Discover what you may not know about intrusion defense.
 Intrusion defense in the era of Windows Vista
NEW Preparing for Vista's unique intrusion defense challenges.
Featuring Peter Gregory, author and infosec practitioner
Security information management systems
How information/event management can improve defense posture.
Featuring Tom Bowers, managing director, Security Constructs
 Web attack prevention and defense
Checklists and best practices for Web server hardening, testing and monitoring.
Featuring Michael Cobb, managing director, Cobweb Applications Ltd.
Network perimeter security
Getting started with perimeter-based intrusion defense.
Network content security
Antivirus and antispyware from architectural and technological perspectives.
Unified threat management
Introduction to UTM, different technologies and implementation choices.
ROI of intrusion defense: Finding the return on a security investment
Estimating costs, working with executives and getting full benefit from products.
Defense beyond the network perimeter
Defending a perimeterless network.
 Featured instructor
Joel Snyder, senior partner, Opus One
Snyder has worked in information security for more than 25 years.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Identity and Access Management Security School
Explores critical topics to help establish and maintain an effective enterprise identity and access management plan.
LESSONS:
 Next-generation authentication
NEW Innovative, cost-effective user authentication approaches.
Featuring Mark Diodati, identity/privacy analyst, Burton Group
Using IAM tools to improve compliance
How provisioning and password management tools can save money and ease complexity.
Featuring Tom Bowers, managing director, Security Constructs
 Endpoint security
Endpoint defense tactics, policy controls and technology futures.
Featuring Ben Rothke, CISSP
 VPNs and remote access
Innovations in VPN technology, including IPsec VPN identity and authentication.
Featuring Lisa Phifer, vice president, Core Competence Inc.
 Automated provisioning
Leveraging directory services and policies, and Active Directory automated provisioning.
Featuring Laura Hunter, CISSP, MCSE: Security, MCDBA, Microsoft MVP
 Building an identity and access management architecture
Foundational IAM, from the role of directories to effectively establishing approval workflows.
Featuring Richard Mackey, ISACA, CISM, SystemsExperts
Authentication options
Authentication basics and developing an implementation strategy.
Featuring Tom Bowers, managing director, Security Constructs
 Integrating security into the network
A look behind the network/security evolution and how to harness it as a strategic trend.
Featuring Mike Rothman, president, Security Incite
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Integration of Networking and Security School
In this school, SearchSecurity.com and SearchNetworking.com offer you an in-depth look at how security-related and networking-related teams, products and processes are affecting enterprise network security.
LESSONS:
 Securing the converged infrastructure
NEW Staying secure while integrating email, IM, video, VoIP and voice messaging.
Featuring John Burke, principal research analyst, Nemertes Research
 Integrating security and network fabric
NEW Discovering how the network infrastructure can meet security needs.
Featuring David Piscitello, president, Core Competence Inc.
Using the network to secure the application layer
Protecting Layer 7 with new and existing network assets.
Featuring Michael Cobb, managing director, Cobweb Applications
 Locking down the endpoint: How network access control (NAC) can boost host security
The latest endpoint options for network security.
Featuring Joel Snyder, senior partner, Opus One
 Securing your first remote office: Solutions for less than $10k
Securing data and devices beyond corporate headquarters.
Featuring David Strom, noted network security expert/writer/speaker
Fitting security into your network
The convergence of NAC and SSL VPN concepts.
Featuring Lisa Phifer, vice president, Core Competence Inc.
Mitigating wireless security threats
Protecting the over-the-air network.
Featuring Lisa Phifer, vice president, Core Competence Inc.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Messaging Security School
In this school, learn strategies and techniques for keeping email, IM and mobile device messaging systems secure.
LESSONS:
Spam 2.0: New threats and new strategies
NEW Mitigation techniques for the new wave of spam-related threats.
Featuring Michael Cobb, managing director, Cobweb Applications
Managing traffic: Keeping your content where it belongs
Advice and technology for outbound email content filtering.
Featuring Mike Rothman, president, Security Incite
The changing threat of email attacks
Aligning messaging defenses to meet tomorrow's challenges.
Featuring Mike Rothman, president, Security Incite
 Defending mobile devices from viruses, spyware and malware
Top mobile threat vectors and mobile malware misconceptions.
Featuring Sandra Kay Miller, technical editor, Information Security
Essential practices for securing mobile devices
Locking down mobile platforms and thwarting emerging threats.
Featuring Lisa Phifer, vice president, Core Competence Inc.
Secure instant messaging
An IM security overview, plus the latest attacks and safe usage tips.
Featuring Michael Cobb, managing director, Cobweb Applications
Countermeasures for malicious email code
Learn how to thwart email malware and future email attacks.
Featuring Tom Bowers, managing director, Security Constructs
 Securing Microsoft Exchange
Protect Exchange 2003 from spam, malware and Web-based attacks.
Featuring Lee Benjamin, Microsoft MVP, ExchangeGuy Consulting
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Compliance School
A comprehensive look at ongoing information security compliance issues, regulations and practices.
LESSONS:
PCI DSS compliance: Two years later
NEW Breaking down PCI DSS struggles to protect cardholder data.
Featuring Diana Kelley, vice president, Burton Group
Must-have compliance technologies
Emerging and battle-tested technologies that really work.
Featuring Trent Henry, senior analyst, Burton Group
Ensuring compliance across the extended enterprise
SLAs and best practices for partners and providers.
Compliance improvement: Get better as you go forward
Mixing technology, governance and policy for continuous process improvement.
Gauging your SOX progress
Understanding the various SOX-related security standards; SOX Scorecard.
SOX compliance basics: Taking action
SOX goals, COSO and COBIT, audits, provisioning, vulnerability management, and responsibilities.
Understanding compliance-related technology
SOX product requirements, validity and usage.
Featured instructor
Richard Mackey, vice president, SystemExperts
Mackey, ISACA, CISM, is the former director of collaborative development for The Open Group.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CISSP Certification Training School
Benefit from a series of 10 training lessons that explore the fundamental concepts, technologies and practices of information systems security. Each lesson corresponds to a subject domain in the exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know.
DOMAINS:
Lesson/Domain 1: Security management practices
Security management responsibilities and the core components of security management.
Lesson/Domain 2: Access control
Identification methods and technologies, biometrics and more.
Lesson/Domain 3: Cryptography
Cryptographic components and their relationships, and government involvement in cryptography.
Lesson/Domain 4: Security models and architecture
Outlining how security is to be implemented, and the framework and structure of a security system.
Lesson/Domain 5: Telecommunications and networking
How networks work, how data is transmitted from one device to another, and how protocols transmit information.
Lesson/Domain 6: Applications and system development
Different types of software controls and implementations, change-control methods and more.
Lesson/Domain 7: Business continuity
Critical aspects of availability, including business continuity planning and disaster recovery.
Lesson/Domain 8: Law, investigations and ethics
Computer crime investigation processes and evidence collection; incident-handling procedures.
Lesson/Domain 9: Physical security
Administrative, technical and physical controls pertaining to physical security.
Lesson/Domain 10: Operations security
Administrative and management responsibilities, product evaluation and operational assurance and change-configuration management.
 About the instructor
Featuring Shon Harris, president, Logical Security
Harris specializes in security education and training, and has authored two best-selling CISSP training manuals.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Email Security School
Tactics for securing your e-mail systems, beginning with the essentials, moving on to spam and virus defense, and wrapping up with policy control.
LESSONS:
Email security essentials
Standards-based ways to increase the security of SMTP-based email; architecture best practices.
Spam and virus mitigation strategies
Spam and virus incident response, including implementing end user controls and quarantines.
Email policy control
Centralize e-mail security efforts and construct requirements definitions for e-mail security.
About the instructor
Featuring Joel Snyder, senior partner, Opus One
Snyder has worked in information security for more than 25 years.
|
|
|
|
|
|
|
|
|
|
Dig Deeper
-
People who read this also read...
This was first published in July 2006
Winter 2011: Password security standards and trends