How to plan and execute a security architecture that matches your technology infrastructure from top to bottom.
This 3-day class brings the whole network together and delivers a secure infrastructure. Merge today's security technologies into your network with the assurance that your layering defense tactics and providing early warning systems. Bring together the separate, tactical, diverse parts of your network with the services, mechanisms, and objects that reflect the security policies, business functions, and technologies into a process involving risk assessment, policy, awareness, technology and security management, and audit functions. Building a security architecture involves close examination of current business processes, technical capability, information security documentation, and existing risk. Students will leave this class with a document template outlining a best practice for an information security architecture framework.
Key topics:
• Defined policy and practice — including audit programs and compliance metrics
• Physical security mechanics and human interaction
• Network perimeter protection and countermeasures
• Enterprise information access management — including remote access, network and data exposure, network account control, audit and accounting capability
• Application development security
• Network and platform systems safeguarding
• Data availability and reliability issues
• Disaster recovery and contingency planning
Who should attend:
CIOs with responsibility over information security, Network Security Administrators, Information Security Architects, Auditors, and Consultants, as well as others seeking to tie together their organization's discreet tactical advanced security solutions into a strategic information security framework.
| Course Fee: | $1,995 |
| Time: | 8:30am - 5pm |
| Location: | Click here to view the course schedule |
| Learning Level: | Intermediate |
| CPE Credits: | 24 |
| Prerequisites: | TCP/IP |
Class agenda:
Section I — Security Architecture Component Review
A review of current network security architecture standards and practices, with special emphasis on the technology, processes, and people involved.
• Defining an information security architecture
• Critical information security domains
• Determining your organizational needs
• People, policy, process, and technology
• Component dependencies
• Information security program layers
• Technical architecture models
Section II — Advanced Security Architecture Discussion
The nuts and bolts of advanced network security architecture — including examinations of data integrity, systems audits, and recovery plans
• Awareness and training
• Governance, compliance, and audit
• Perimeter protection and countermeasures
• Authentication, authorization, and accounting
• Systems audit and event monitoring
• Data availability, integrity, and confidentiality
• Incident escalation and response
• Operations, administration, and maintenance security
• Application development and integration security
• Continuity and recovery planning
Section III — Building the Plan
How to take advanced network security knowledge and translate it into enterprise-specific strategies, plans, and processes
• Information collection and amalgamation
• Baseline assessments
• Conducting reviews of existing infrastructure and processes
• Performing gap analysis and risk assessments
• Understanding synergistic relationships — policy, procedures, standards, and guidelines
• Creating the architecture framework designs — logical, physical, process flow
• Creating an integration roadmap — budgets, scheduling
Section IV— Integration Strategies
Once all the strategies and plans are worked out, the final step to success is putting it all into practice.
• Information security roles and responsibilities
• Logistics planning
• Technology vs. process
• Effective change management practices
• Executing pilot programs and proofs-of-concept
• Business process reengineering
• Establishing the continual information security program
In-Class Exercises
• Defining the "enterprise" environment
• Establishing a case-study enterprise and performing a gap analysis
• Creating a complete information security program for the enterprise
• Creating a technology comparison matrix
• Designing an advanced security architecture
*Course fees are subject to change
