Skip Ribbon Commands
Skip to main content
Version HistoryVersion History

Course ID

CSLO

Title

Certified Security Leadership Officer

Price

$3,395.00

Duration

5 Days

Audience

 

Level

 

Delivery Method

 

Software Assurance

 

Microsoft CPE

 

Course Audience

​The C)SLO is a course on cyber security designed for those who want to lead. If you are currently in charge of a company's security or are preparing to be a leader in the near future, the Certified Security Leadership Officer course and certification will prepare you to excel in your responsibilities.

Course Objectives

​Upon CompletionStudents will:

        Have knowledge to understand current security issues

        Have knowledge to manage security component of projects

        Be ready to sit for the C)SLO Exam


Related / Follow-on Courses:

After completing the C)SLO course and achieve certification, we recommend you to further develop your security skillset by being certified as a C)IHE: Certified Incident Handling Engineer, which will prepare you to handle the toughest security situations effectively.


C)DRE:Disaster Recovery Engineer

Course Content

With 30 up-to-date Modules, the Certified Security Leadership Officer will teach you security best practices applicable to keeping the information you are entrusted secure and how to respond in the toughest situations


Course Description

​The Certified Security Leadership Officer course is designed to give management an essential understanding of current security issues, best practices, and security technology. Because a C)SLO understands security, he or she is prepared to manage the security component of a business and its information technology security projects. A C)SLO can be seen as the bridge between those who understand security and those who don’t. These skills can be put to use the day the a C)SLO returns to work.

Essentials topics covered in this management track include:

Network Fundamentals and Applications, Hardware Architecture, Information Assurance Foundations, Computer Security Policies, Contingency and Continuity Planning, Business Impact Analysis, Incident Handling, Architectural Approaches to Defense in Depth, Cyber Attacks, Vulnerability Assessment and Management, Security Policies, Web Security, Offensive and Defensive Information Warfare, culminating with Management Practicum


Course Prerequisites

​One year of IT Employment

OR C)ISSO: Information Systems Security Officer


Course Outline

​Wireless Networks 802.11

Overview

Airborne Viruses

Types of Wireless

Standards Comparison

Wireless Network Topologies

SSID (Service Set Identity)

Wireless Technologies: Service Set ID

Securing and Protecting Wireless Best Practices

Typical Wired/Wireless Network

802.1X: EAP Types

EAP Advantages/Disadvantages

EAP/TLS Deployment

New Age Protection

New Age Protection

Wireless Security Technologies

MAC Filtering

Wired Equivalent Privacy

Wireless Technologies: WEP

XOR: Basics

How WPA improves on WEP

How WPA improves on WEP

TKIP

802.11i: WPA2

WPA and WPA2 Mode Types

WPA-PSK Encryption

LEAP

Wireless Security Weaknesses

Weak IV Packets

WEP Weaknesses

The WPA MIC Vulnerability

LEAP Weaknesses

Wireless Threats

NetStumbler

Tool: Kismet

Analysis Tool: OmniPeek Personal

Omni Peek Console

Tool: Aircrack-ng Suite

Tool: Airodump-ng

Tool: Aireplay

DOS: Deauth/disassociate attack

Tool: Aircrack

Aircrack for Windows

Attacking WEP

Attacking WPA

coWPAtty

Exploiting Cisco LEAP

asleap

WiFiZoo

Wesside-ng

Review


Access Control

Role of Access Control

Layers of Access Control

Access Control Mechanism Examples

Access Control Characteristics

Preventive Control Types

Control Combinations

Models for Access

Discretionary Access Control Model

Enforcing a DAC Policy

Mandatory Access Control Model

MAC Enforcement Mechanism: Labels

Where Are They Used?

MAC Versus DAC

Role-Based Access Control (RBAC)

Acquiring Rights and Permissions

Rule-Based Access Control

Access Control Matrix

Access Control Administration

Access Control Mechanisms in Use Today

Strong Authentication

Memory Cards

Smart Card

Administrating Access Control

Accountability and Access Control

Trusted Path

Access Criteria

Fraud Controls

Thin Clients

Administrative Controls

Controlling Access to Sensitive Data

Other Ways of Controlling Access

Technical Access Controls

Physical Access Controls

Accountability

IDS

Network IDS Sensors

Types of IDSs

Behavior-Based IDS

IDS Response Mechanisms

Trapping an Intruder

Access Control Methods

Remote Centralized Administration

RADIUS Characteristics

RADIUS

TACACS+ Characteristics

Diameter Characteristics

Decentralized Access Control Administration

Biometrics Technology

Biometrics Enrolment Process

Downfalls to Biometric Use

Biometrics Error Types

Crossover Error Rate (CER)

Biometric System Types

Passwords

Password “Shoulds”

Password Attacks

Countermeasures for Password Cracking

Cognitive Passwords

One-Time Password Authentication

Synchronous Token

Asynchronous Token Device

Cryptographic Keys

Passphrase Authentication

Definitions

More Definitions

Single Sign-on Technology

Different Technologies

Scripts as a Single Sign-on Technology

Directory Services as a Single Sign-on Technology

Kerberos as a Single Sign-on Technology

Kerberos Components Working Together

More Components of Kerberos

Kerberos Authentication Steps

Tickets

Why Go Through All of this Trouble?

Issues Pertaining to Kerberos

SESAME as a Single Sign-on Technology

SESAME Steps for Authentication


Computer Forensics and Legalities

Lesson Objectives

The Legal System

State Law & Criminal Incidents

Federal of laws

US Title 18: Fraud Criminal Codes

Case study: Criminal Incidents

Case Study: Criminal Incidents

Case study: Criminal Incidents

Criminal Incidents

International Legal Treaties and Orgs

Civil Incidents

Criminal Incidents

Criminal Incidents


Cryptography Applications

Digital Certificates

What Do You Do with a Certificate?

Components of PKI: Repository and CRLs

PGP

Digital Signatures: PGP

IPSEC

IPSec Network Layer Protection

IPSec Key Management

IPSec Handshaking Process

IPSec Is a Suite of Protocols

IPSec Modes of Operation

IPSec

PKI

Public Key Infrastructure

Why Do We Need a PKI?

PKI and Its Components

Let’s Walk Through an Example

Public Key Infrastructure

Asymmetric Encryption

Public Key Cryptography Advantages

Symmetric versus Asymmetric

SSL/TLS

PPP

VPN

Site-to-Site VPN

www.facebook.com

Others From Around the World

Identity Theft and Social Media


Cryptography Algorithms and Concepts

Symmetric Cipher: AES

Crack Times

Crypto and Password Recovery Concepts

Crypto Attacks

Caesar Cipher Example

Polyalphabetic Substitution

Ways of Breaking Cryptosystems—Brute Force

Attacks on Cryptosystems

Encryption

Cryptographic Definitions

SSH

Attack Vectors

More Attacks (Cryptanalysis)

Type of Symmetric Cipher: Stream Cipher

Characteristics of Strong Algorithms

Block Cipher Modes: CBC

Implementation

Block Cipher Modes: CFB and OFB

DES

Symmetric Ciphers We Will Dive Into

Symmetric Algorithm Examples

Symmetric Algorithms: DES

Evolution of DES

Different Modes of Block Ciphers: ECB

Other Symmetric Algorithms

Symmetric Encryption

Symmetric Encryption

Symmetric Downfalls

Symmetric Algorithms

SSL/TLS

ECC

Quantum Cryptography

Asymmetric Algorithm Examples

Asymmetric Algorithms We Will Dive Into

Asymmetric Algorithm: RSA

U.S. Government Standard

Asymmetric Encryption


Key Management

Using the Algorithm Types Together

Hybrid Encryption

Strength of a Cryptosystem

Symmetric Key Management Issue

Now What?

Key Management

IPSec Key Management

Key Issues Within IPSec

OPSEC

OPSEC

Types of Ciphers Used Today

Type of Symmetric Cipher: Block Cipher

S-Boxes Used in Block Ciphers

Type of Symmetric Cipher: Stream Cipher

Encryption Process

Symmetric Characteristics

Strength of a Stream Cipher

Let’s Dive in Deeper

Block Cipher Modes: CFB and OFB

Implementation

Attack Vectors

More Attacks (Cryptanalysis)

ROT: 13

ROT: 13

MD5 Collision Creates Rogue Certificate Authority

SSL/TLS

SSL Connection Setup

SSL Hybrid Encryption

SSH

XOR


Cryptosystems

Introduction

Encryption

Cryptographic Definitions

Encryption Algorithm

Implementation

Hashing

Common Hash Algorithms

Birthday Attack

Example of a Birthday Attack

Generic Hash Demo

Instructor Demonstration

Security Issues in Hashing

Hash Collisions

MD5 Collision Creates Rogue Certificate Authority

Digital Signatures

Asymmetric Encryption

Public Key Cryptography Advantages

Asymmetric Algorithm Disadvantages

Asymmetric Algorithm Examples

Symmetric Encryption

Symmetric Encryption

Symmetric Downfalls

Symmetric Algorithms

Crack Times


Digital Acquisition

Digital Acquisition Copy: Original

Digital Acquisition: Duplication

Digital Acquisition Procedures

DC3 Operations

DCFL Terabytes, Time, & Totals

Digital Forensic Analysis Tools

Forensic Toolkit (FTK)™

EnCase™

I-Look Investigator™

ProDiscover DFT™


Domain Name Registration

DNR Overview

Network Service: DNS

Countermeasure: DNS Zone Transfers

Cache Poisoning

What is DNS spoofing?

Tools: DNS Spoofing

Active Sniffing Methods

ARP Cache Poisoning

ARP Normal Operation

ARP Cache Poisoning

ARP Cache Poisoning (Linux)

Countermeasures

Cybersquatting

Domain Hijacking

Host Names

Hierarchy

Host Table

Nslookup

DNS Databases

Using Nslookup

Dig for Unix / Linux

Protecting Domain Names

(Mis)Uses of Host Tables


Disaster Recovery and Business Continuity

Business Continuity Objectives

Pieces of the BCP

Where Do We Start?

Why Is BCP a Hard Sell to Management?

Agenda

Plan Development Delegated to a Committee

BCP Risk Analysis

How to Identify the Most Critical Company Functions

Interdependencies

Identifying Functions’ Resources

How Long Can the Company Be Without These

Resources?

Preventative Measures

What Items Need to Be Considered?

Proper Planning

Executive Succession Planning

Identify Vulnerabilities and Threats

Categories

Loss Criteria

Agenda

Disk Shadowing

Backing Up Over Telecommunication

Serial Lines

HSM

SAN

Co-Location

Agenda

Facility Backups: Hot Site

Facility Backups: Warm Site

Facility Backups: Cold Site

Compatibility Issues with Offsite Facility

Which Do We Use?

Choosing Offsite Services

Subscription Costs

Choosing Site Location

Other Offsite Approaches

Agenda

Results from the BIA

Now What?

Priorities

Plan Objectives

Defining Roles

Environment

Operational Planning

Preventive Measures

Emergency Response

Recovery

Return to Normal Operations

Reviewing Insurance

When Is the Danger Over?

Now What?

Testing and Drills

Types of Tests to Choose From

What Is Success?

BCP Plans Commonly and Quickly

Become Out of Date

Phases of Plan

Who Is Ready?

Review


Endpoint Security

3rd Party Applications

Anti-Virus Limitations

Browser Defense

SSL/TLS

SSL Connection Setup

SSL Hybrid Encryption

SSH

IPSec: Network Layer Protection

IPSec

IPSec

Public Key Infrastructure

Quantum Cryptography

Endpoint Whitelist

Firewalls, IDS and IPS

Firewall: First line of defense

IDS: Second line of defense

IPS: Last line of defense?

Firewalls

Firewall Types: (1) Packet Filtering

Firewall Types: (2) Proxy Firewalls

Firewall Types: Circuit-Level Proxy Firewall

Type of Circuit-Level Proxy: SOCKS

Firewall Types: Application-Layer Proxy

Firewall Types: (3) Stateful

Firewall Types: (4) Dynamic Packet-Filtering

Firewall Types: (5) Kernel Proxies

Firewall Placement

Firewall Architecture Types: Screened Host

Risks of Portable Devices


Honeypots, Honeynets, Honeytokens, Tarpits, oh my

Benefits and Drawbacks

Honeypots Defined

Legal Issues

Trying to Trap the Bad Guy

Companies Can Be Found Liable

Technologies

Incident Handling and the Legal System

Chain of Custody

Digital Evidence Collection Objectives

Evidence Collection & Incident Assessment

Identifying an Incident

Steps to handling an Incident

Digital Incident Assessment

Incident Response Checklist

Responding to An Incident

Suggested Guidelines for Securing Digital Evidence

Secure Digital Evidence

Common Incident Handling Mistakes

Securing Digital Evidence Procedure

Chain of Custody

Potential Digital Evidence

Search and Seizure

Incident/Equipment Location

Available Response Resources

Securing Digital Evidence

Digital Evidence Presentation

The Best Evidence Rule

Duplication and Recordings, Evidence Law


IP Terms and Concepts

OSI: Application Layer

Devices Work at Different Layers

Network Devices: Gateway

Data Encapsulation

Protocols: ICMP

Dial-Up Protocol: SLIP

Dial-Up Protocol: PPP

WAN Technologies Are Circuit

or Packet Switched

Packets

Frame

Protocols: ICMP

Port and Protocol Relationship

Example Packet Sniffers

Tool: Wireshark

Tool: OmniPeek

Sniffer Detection using Cain & Abel

Network Protocol

Network Protocol

Protocols

UDP versus TCP

Port and Protocol Relationship

An Older Model

TCP/IP Suite

Traceroute Operation

Traceroute (cont.)

Other Traceroute Tools

IP

Method: Ping


Logging

syslog

Events


Malicious Software

Malware

Types of Malware

Distributing Malware

Malware Capabilities

Auto Starting Malware

Countermeasure: Monitoring Auto-start Methods

Malicious Browser Content

Malware Defense Techniques

Spy Sweeper Enterprise

CM Tool: Port Monitoring Software

CM Tools: File Protection Software

CM Tool: Windows File Protection

CM Tool: Windows Software

Restriction Policies

Company Surveillance Software

CM Tool: Hardware-based Malware

Detectors

Countermeasure: User Education

Propagation Techniques

Trojan Horse Characteristics

Trojan Horses

Executable Wrappers

Benign EXE’s Historically Wrapped with Trojans

The Infectious CD-Rom Technique

Trojan: Backdoor.Zombam.B

Trojan: JPEG GDI+

All in One Remote Exploit

Advanced Trojans: Avoiding Detection

BPMTK

Virus Types

Types of Malware Cont...

Types of Viruses

Worm Characteristics


Managing Security Policy

Approach to Security Management

Policy Types

Policies with Different Goals

Industry Best Practice Standards

Components that Support the Security Policy

Senior Management’s Role in Security

Security Roles

Information Classification

Information Classification Criteria

Declassifying Information

Types of Classification Levels

Information Classification

Issue Specific Policy

Policy Assessment

Policy Benefits

Policy Development Tools

Security Posture and Culture


Methods of Attack

Enumeration Overview

DNS Enumeration

Backtrack DNS Enumeration

SNMP Enumeration Tools

SNMP Enumeration Countermeasures

Active Directory Enumeration

AD Enumeration countermeasures

Hacking Tool: RootKit

Windows RootKit Countermeasures

Advanced Trojans: Avoiding Detection

Benign EXE’s Historically Wrapped with Trojans

Google and Query Operators

Google (cont.)

SPUD: Google API Utility Tool

Goolag

Denial of Service

Denial of Service

Threat Methodologies (STRIDE)

DDoS Issues

DDoS

Buffer Overflow Definition

Overflow Illustration

Buffer OverFlows

Phishing

Spear Phishing

E-Mail Links

Logic Bomb

Duronio Case

Attacks

Man-in-the Middle

Replay Attack

SPAM and e-mail Flooding


Mitnick-Shimomuro

IP Address Spoofing

TCP

DoS


Physical Security

Physical Security

Physical Security Checklist

Physical Security Checklist

Items of Interest

Physical Controls

Physical Access

Tool Kit: Picks

Tool Kit: Snap Gun

Tool Kit: Electric Pick

Bump Keying

Lock Picking Countermeasures

Controlling Access

Agenda

Facility Attributes

Electrical Power

Problems with Steady Power Current

Power Interference

Power Preventive Measures

Fire Prevention

Automatic Detector Mechanisms

Fire Detection

Fire Types

Suppression Methods

Fire Suppression

Fire Extinguishers


Risk Management & Security Frameworks

Overview

IT Governance Best Practices

IT Risk Management

Types of Risks

Risk Management

Information Security Risk Evaluation

Information Security Risk Evaluation

Improving Security Posture

Risk Evaluation Activities

Risk Assessment

Information Gathering

Information Gathering

Data Classification

Threats and Vulnerabilities

Analytical Methods

Evaluate Controls

Evaluate Controls

Risk Ratings

Important Risk Assessment Practices

Review

Security Incentives & Motivations

Security Incentives & Attack Motivations

Risk Management II

What is Your Weakest Link?

What Is the Value of an Asset?

Examples of Some Vulnerabilities that Are

Not Always Obvious

Categorizing Risks

Some Examples of Types of Losses

Different Approaches to Analyzing Risks

Who Uses What Analysis Type?

Qualitative Analysis Steps

Quantitative Analysis

Can a Purely Quantitative Analysis Be Accomplished?

Comparing Cost and Benefit

Cost of a Countermeasure

Security Frameworks & Compliance

ISO 27002

ISO 27002: Control Components

Review


Security and Organizational Structure

Capacity Analysis

Employee Discipline and Termination

Employee Performance

Employee Retention

Filling Positions

Conflicts of Interest


Security Awareness

Security Awareness Program

4 steps

3 Common Training Models

Security Awareness Goals

Role of metrics

Steps to develop a metrics program


Steganography

Crypto and Password Recovery Background

Steganalysis

Steganography Methods

Injection

Substitution

File Generation


The Intelligent Network:  Unified Threat Management (UTM)

UTM product criteria}Firewalls, IDS and IPSFirewall: First line of defense

IDS: Second line of defense

IPS: Last line of defense?

Firewalls

Firewall Types: (1) Packet Filtering

Firewall Types: (2) Proxy Firewalls

Firewall Types: Circuit-Level Proxy Firewall

DDoS Issues

HIPS

HIPS

Unified Threat Management

Unified Threat Management

Virtualization: Type 1

Type 1 Examples

Virtualization: Type 2

Type 2 Examples


Network Infrastructure

Wikto Web Assessment Tool

Agenda

Network Topologies: Physical Layer

Network Topologies: Mesh

Summary of Topologies

Wireless Technologies: War Driving

TCP Model

TCP/IP Suite

OSI Model

OSI: Application Layer

OSI: Presentation Layer

OSI: Session Layer

OSI: Transport Layer

OSI: Network Layer

OSI: Data Link

OSI: Physical Layer

Wide Area Network Technologies

Voice Over IP

VLAN

Network Segmentation



Vulnerability Assessment:  Outside View

Basic Hacker Process

Potential Threats, Vulnerabilities, & Risks

What is a Penetration Test

Types of Penetration Testing

Vulnerability Assessment vs Pentest

“Hacking-life-cycle”: a Methodology

Methodology for Penetration

Testing / Ethical Hacking

Hacker vs. Penetration Tester

Not Just Tools

Exploitation Tools vs. Vulnerability Scanners

Vulnerability Scanners

Nessus

Nessus Report

SAINT

SAINT: Sample Report

Tool: Retina

Qualys Guard

Tool: LANguard

Number of Exploitable Vulnerabilities from NVD Detected

Scan Process Best Practices

Inside, outside and user view

Manager’s Role in Remediation

Risks of non-Remediation

Pentesting in Vulnerability Management

Scanning Techniques

Threat Concerns

Threat Vectors

War Dialing


Vulnerability Assessment:  Inside View

Inside view, tools, approach

cisecurity.org

SP 800-40 Version 2.0


Vulnerability Assessment:  User View

Peer to Peer Networks

P2P Cautions

Instant Messaging

IM issues

Social engineering


Web Communications

CGI

Wikto Web Assessment Tool

OWASP Top 10 for 2010

Reflected Cross Site Scripting Illustrated

IIS Directory Traversal

Injection Flaws

SQL Injection

Cookies

HTTP

HTTPS

FTP


Wireless and Bluetooth Contrast

Bluetooth Attacks

Cabir Infection

Bluetooth Defenses

Bluetooth & Wireless Comparison

Bluetooth & Wireless Comparison


Status

Active

Technology

CyberSecurity

Category

Cybersecurity

SubCategory

Security Leadership and Management

Details

Certified Security Leadership Officer

Attachments

Version: 5.0
Created at 5/12/2015 4:35 PM by Cole
Last modified at 1/4/2016 3:56 PM by Steve Rosso