This three-day course begins with a brief review of the conceptual foundations of information security. Next, students will be introduced to the CERT Defense-in-Depth Framework: eight operationally focused and interdependent management components which will be synergistically applied to a fictitious organization's Information Technology (IT) enterprise (see "Topics" below). Through lectures, demonstrations, scenario-based exercises, small group activities, and open discussions, students will learn high-level best practices for effectively integrating each of these eight components into all aspects of IT operations. Further, the course scenario is used extensively to reinforce these best practices with technical information security implementations.
This course is designed for individuals charged with implementing information security throughout the IT enterprise. Therefore, this course is an ideal pursuit for IT and Security managers, and/or system administrators and IT security personnel who would like to step up to the management level.
Technical staff members who manage or support networked information systems and have
This course has no prerequisites.
Participants will receive a course notebook and a CD containing course materials.
This three-day course meets at the following times:
Days 1 & 2: 9:00 a.m.-5:00 p.m.
Day 3: 9:00 a.m. - 2:30 p.m.
Please tell us what you
think with this short
(< 5 minute) survey.