Welcome to cissp CISSP training Certified Information Systems Security Professional
Search
Nickname Password Security Code Security Code Type Security Code  

You are certified but are your qualified?  Become qualified today.


Rated #1 Training

Surveys

Where do you find the best price for books?

Amazon.Com
Bookpool.Com
The ISC2 webstore
CISSPS.COM
Cheapbooks.com
Ecampus.com
Other (Please leave a comment with name of site)



Results
Polls

Votes: 1314
Comments: 33

Who's Online

There are currently, 86 guest(s) and 11 member(s) that are online.

You are Anonymous user. You can register for free by clicking here

Training Classes Calendar

Test of Widget

 

cissp CISSP training Certified Information Systems Security Professional: Training News

Search on This Topic:   
[ Go to Home | Select a New Topic ]

Top 10 Certifications for 2010
Posted by boss on Friday, 25 December 2009 @ 13:15:16 EST (1981 reads)
Topic Training News

cdupuis writes "
CISSP, CISM Are Most Sought by Professionals

Upasana Gupta, Contributing Editor
December 22, 2009

Information Security Media Group (ISMG) recently conducted its first annual Information Security Today Career Trends survey. The main objective was to benchmark 2010 trends in information security careers across industries. Survey results show that professionals are committed to growing their competencies and will invest their time and resources in certifications bodies in 2010.

chart

Based on survey results, here is a list of top 10 certifications most sought after by security professionals -

1. CISSP - Certified Information Systems Security Professional

Certified Information Systems Security Professional offered by ISC2 is generally the most recognized internationally and popular with information security professionals. For security practitioners planning to build a career in information security and holding at least five full years of experience in information security, the CISSP credential is an ideal career goal. Increasingly recruiters look for this credential in potential candidates as a validation of their commitment toward this profession. Thirty percent of survey respondents said they want to pursue CISSP certification in the next year.

2. CISM - Certified Information Security Manager

Certified Information Security Manager certification is offered by ISACA and is developed specifically for experienced information security managers and those who have information security management responsibilities. The CISM certification is for the individual who manages designs, oversees and/or assesses an enterprise's information security (IS). The CISM certification promotes international practices and provides executive management with assurance that those earning the CISM certification have the required experience and knowledge to provide effective security management and consulting services. In the survey, 22% of respondents said they want to pursue CISM certification in the next year.

3. GIAC - The Global Information Assurance Certification

The Global Information Assurance Certification validate the real-world skills of IT security professionals. GIAC currently offers certifications for over 20 job-specific responsibilities that reflect the current practice of information security including digital forensics, intrusion and incident handling, security administration, management, operations, legal, audit and software security. The demand for GIAC certifications is increasing as organizations today is driving the need for hands-on technical personnel. According to the survey, 19% of respondents said they want to pursue GIAC certification in the next year.

4. CISA - Certified Information Systems Auditor

Certified Information Systems Auditor designation demonstrates proficiency in information security audit, control and security skills. CISA has become a preferred certification program by individuals and organizations around the world. CISA certification signifies commitment to serving an organization and the IS audit, control and security industry with distinction.

5. CSFA - CyberSecurity Forensic Analyst

CyberSecurity Forensic Analyst is an emerging certification and skill within information security getting popular with increased cyber crimes and fraud taking place within organizations. Possessing the CSFA certification is proof that the analyst can conduct a thorough and sound forensic examination of a computer system and other digital/electronic devices, properly interpret the evidence, and communicate the examination results effectively and understandably. The CSFA designation is held exclusively by the most qualified digital forensic professionals and is a testament that the holder has the skills necessary to perform a comprehensive analysis within a limited time frame.

6. CEH - Certified Ethical Hacker

Certified Ethical Hacker is another certification gaining popularity as hacking and fraud activities are on the upswing. The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The CEH certification fortifies the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.

7. CBCP - Certified Business Continuity Professional

Certified Business Continuity Professional is another specialization gaining prominence within information security, with the outbreak of H1N1 pandemic and with organizations increasingly focusing their efforts in effective crises management and business continuity planning efforts. The CBCP certification offers competency on business continuity and disaster recovery planning responsibilities and accomplishments.

8. CPP - Certified Protection Professional

Certified Protection Professional is a designation for individuals who have demonstrated competency in all areas constituting security management. As the emphasis on protecting people, property, and information increases, it has strengthened the demand for professional managers, to meet these needs. The ASIS International administers the Certified Protection Professional program.

9. CCE - Certified Computer Examiner

Certified Computer Examiner is a certification provided by the International Society of Computer Forensic Examiners (ISFCE). This certification focuses to increase the level of professionalism and further the field and science of computer forensics. The foundation of this certification maintains a fair, uncompromised process for certifying the competency of forensic computer examiners and sets high forensic and ethical standards for forensic computer examiners.

10. Vendor Certifications

CISCO and Microsoft specific certifications top the list as the demand for technical and hands-on professionals increase within organizations including security architects, security and network engineers and administrators.

See original article at:  http://www.cuinfosecurity.com/p_print.php?t=a&id=2025

"

(comments? | Score: 0)


Security University has been selected to be added to 8570
Posted by boss on Monday, 16 November 2009 @ 21:22:22 EST (616 reads)
Topic Training News

cdupuis writes "


Security University


SU Brochure Brochure

4,000+ CISSP's were "Certified" from SU's CISSP Prep classes.
Special Pricing for CISSP® Prep Class - 2 attendees for $2,495 /same class!
Click here to learn more


Got your CISSP? 2,930 CISSP's are More than Certified...validate your tactical security skills with Q/ISP®!
Q/ISP® Qualified/ Information Security Professional Certification!


Security University Named Best Professional Training Program Finalist in 2009 SC Magazine Awards
Security University named Best Professional Training Program Finalist 2009 SC Magazine Awards!

Contact us at 877.357.7744 or info@securityuniversity.net
.

aaCISSPs, SSCPs and ISACA members can receive 40 CPE credit for attending each class. You can earn the credit by simply specifying your number on the registration form and correctly answering 3 multiple choice polling questions about the program at the end of the event.


CISSP® is a registered trademark of (ISC)2® SU CISSP® Prep classes are not endorsed, sponsored or delivered by (ISC)2®


DoD 8570M Information Assurance

Security University Q/ISP Certifications
Selected to be added to IA 8570M2


Q/ISP & related Certifications are selected to be added  to
IAT II and IAT III certifications! (pending approval)


Q/ISP  Q/EH  Q/SA  Q/PTL  Q/FE  Q/ND
Q/ISP® Information Security Professional Certification
Q/EH® Qualified/ Ethical Hacker Certification
Q/SA® Qualified/ Security Analyst Pen Tester Certification
Q/PTL® Qualified/ Penetration Tester License
Q/FE® Qualified/ Forensic Expert Certification
Q/ND® Qualified/ Network Defender Certification

UPCOMING SECURITY UNIVERSITY CLASSES

Security University

********************************
SU CISSP® Prep classes
Jan 18-22 VA
98% pass Rate First Time!
register now!


 
December 1-10 VA
January 19-29, 2010 VA
98% pass rate/4,800 grads
register now!


Q/EH®
Qualified/ Ethical Hacker
8570 IAT II Certification
December 7-11 VA
class outline

Q/EH
register now!

1,450+Q/SA® Q/PTL® Grads
Q/SA Q/PTL
February 8-12, 2010 VA
8570 IAT II Q/SA Cert
Qualified/ Security Analyst
Penetration Tester w/
Q/PTL License
class outline
register now!


Q/FE®
Qualified/ Forensic Expert
8570 IAT II Certification
April 19-23, 2010 VA
class outline
Q/FE
register now!


8570 IAT II Q/ND®
Qualified/ Network
Defender Certification
Nov 16-20 VA Confirmed
class outline
Q/ND
register now!


"

(Read More... | 2 comments | Score: 0)


Webcast: “SC Magazine’s 20 Influential Security Products of the Past 20 Years”
Posted by boss on Thursday, 12 November 2009 @ 15:35:12 EST (548 reads)
Topic Training News

cdupuis writes "

 

Webcast: "SC Magazine’s 20 Influential Security Products of the Past 20 Years”
with Peter Stephenson

YOU’RE INVITED: IT SECURITY WEBCAST 
 
“SC Magazine’s 20 Influential Security Products of the Past 20 Years” with Peter Stephenson
 
Presenter:  Peter Stephenson, technology editor at SC Magazine
Date:  Thursday, November 19, 2009
Time:  2pm EST / 11am PST (GMT -5:00, New York)
Register: http://www.coresecurity.com/Form/generic/campaign/CS20secProducts
 
*** A recording of the webcast will be sent to everyone who registers, so be sure to sign up even if you can’t attend the live session. ***
---------------------------------------------------------------------------------
 
SC Magazine recently marked its 20th anniversary with a special issue including the publication’s picks for 20 influential security products of the past 20 years. Please join Peter Stephenson for a webcast review of these products and how they have assisted SC Magazine’s security pros during tough situations, made their jobs easier, and helped them to make new discoveries about the current threat environment.
 
The webcast will detail the process through which SC Magazine editors and reviewers selected the 20 products, while also taking a closer look at some of the individual selections. In addition, Stephenson will touch upon some of the most interesting and valuable experiences that he and his team have had over their many years of testing products and using them in their own IT environments.

Core Security’s penetration testing software solution, CORE IMPACT Pro, will also be covered as part of SC Magazine’s list. Stephenson will offer his thoughts on the product’s evolution over time and why the experts have praised its ability to prioritize, benchmark and measure organizational exposure to real-world IT threats.
 
 
We look forward to seeing you on the webcast!

Best Regards,
 
Core Security Technologies
41 Farnsworth Street
Boston, MA 02210

 

"

(comments? | Score: 0)


FREE SC World Congress tickets from CCCure and Security University
Posted by boss on Thursday, 01 October 2009 @ 21:39:18 EDT (774 reads)
Topic Training News

cdupuis writes "
Oct 13-14 2009 SC World Congress 2009
Free Tickets Worth $1500!!

scworldcongress2009buttonsmall.jpgSU and CCCure are offering 3  free passport ticket to SC World Congress 2009 Oct 13 - 14 worth $1500. In addition to dozens of other presentations from esteemed security leaders, the conference has four information tracks designed to increase the security professionals' knowledge: Policy/Management, Emerging Threats/Risk Planning, Editor’s Choice and Technical requirements and advances. Through these tracks, attendees will examine topics ranging from data theft and compliance to establishing partnerships between government and the private sector, security awareness to critical infrastructure protection, and from SCADA attacks to cyberwarfare.

"For an entire year - since the success of our inaugural SC World Congress – we've been working to solicit input from our readers' about what they want to experience at the East Coast’s largest security event, and working to build an agenda that exceeds their expectations," said Illena Armstrong, editor-in-chief, SC Magazine. "We are proud to say that for the 2009 SC World Congress, we have put together the most comprehensive and exciting roster of informative experts, special events and talk tracks to share the latest and greatest the information security world has to share."

email SU your name, address and phone contact info to:  Info@securityuniversity.net
Tell us why you should win the free $1,500 passport tickets.
Drawing will for 3 FREE passport tickets to SC World Congress will be Oct 9th.

--
Qualified Training, Qualified Results

Sondra J. Schneider
Founder & CEO, Security University
109 Weed Ave
Stamford CT 06902
work 203.357.7744
cell 203.249.8364
www.securityuniversity.net

and

Clement Dupuis, CD
President and Founder
The CCCure Family of Portals

"

(comments? | Score: 1)


2-for-1 Security+ Class - Beat the 8570 Deadline!
Posted by boss on Tuesday, 22 September 2009 @ 19:01:18 EDT (889 reads)
Topic Training News

cdupuis writes "

2-for-1 Security+ Class - Beat the 8570 Deadline!

October 5-9, 2009 - Reston, VA

Delivered by Clément Dupuis

We have a small class size / an amazing passing rate!

Still pressured to get your Security+ training for 8570 Compliance? October 5-9, 2009 Security University's special 2 attendees @ $2,495 pricing in Reston, VA.

The last 7 Security+ classes had a 96 - 98% pass rate! Our track record for Security+ training and testing is impossible to match.

Our SU Security+ courseware is mature and you get a world class instructor that can lead you to success, regardless of who you are or your background. We will provide you with 75+ practice quizzes that will help you identify your weak domains and areas. Quizzing is one of the most effective ways to identify what you need to study and it is an effective tool to help you remember the key topics needed to pass this exam.

We will provide you with assistance before, during and after your class.

This is not a one-time affair; we wish to establish a long-term relationship and be your training provider of choice for years to come! We always work hard to earn this right and your business.

Don't wait - click here for more information and to view all of our current class dates.

For more information and to reserve your seat NOW, please call 1-877-357-7744.

Security University, Where "Qualified" Happens!

CU in class!

Sondra Schneider
CEO
Q/ISP, Q/EH, Q/SA Q/PTL, Q/FE Q/ND, Q/IAP, CISSP, ISMS Lead Auditor

"

(comments? | Score: 0)


Security Leaders to Convene, Address Today's Challenges at SC World Congres
Posted by boss on Wednesday, 26 August 2009 @ 08:28:02 EDT (877 reads)
Topic Training News

cdupuis writes "

Normal 0 false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif";}

East Coast's Largest Security Event to be Held October 13-14, 2009 at the Sheraton New York Hotel and Towers

New York - August 11, 2009:  Today, SC Magazine opened public registration and announced the preliminary agenda of events, speakers and conference tracks for the second annual SC World Congress Conference and Expo to be held in New York City on October 13-14, 2009.

Building on the success of last year's inaugural event, SC World Congress 2009 will feature timely keynote addresses and presentations from some of the security industry's most prominent and influential luminaries, including:

  • Bob Carr, chairman and CEO, Heartland Payment Systems

Bob Carr founded Heartland Payment Systems, the nation's fifth largest payments processor, in 1997. In this discussion, Carr details the lessons learned and the crusade he has undertaken to strengthen credit card payment data security in the wake of the Heartland Payment breach, including a huge push to mandate the use of encryption technologies in the process to benefit the industry, merchants and consumers.

William E. Kovacic has served on the Federal Trade Commission since January 2006, and served as chairman from March 2008 until March 2009. With the economy challenged with recession, many are turning to financial fraud and other information crimes. Kovacic will detail recent cases examples of how internet-related crime continues to increase and how it is being addressed by governing bodies like the Federal Trade Commission.

Since 1996, Jim Nelms has been responsible for the information security and risk management infrastructure for the Treasury as well as the security of all related financial services worldwide. In his presentation, Nelms will discuss the growing trend of the insider threat and how this danger is being amplified by the recession as organizations continue to lay off countless workers.

In addition to these and dozens of other presentations from esteemed security leaders, the conference has four information tracks designed to increase the security professionals' knowledge: Policy/Management, Emerging Threats/Risk Planning, Editor's Choice and Technical requirements and advances. Through these tracks, attendees will examine topics ranging from data theft and compliance to establishing partnerships between government and the private sector, security awareness to critical infrastructure protection, and from SCADA attacks to cyberwarfare.

 "For an entire year - since the success of our inaugural SC World Congress - we've been working to solicit input from our readers' about what they want to experience at the East Coast's largest security event, and working to build an agenda that exceeds their expectations," said Illena Armstrong, editor-in-chief, SC Magazine. "We are proud to say that for the 2009 SC World Congress, we have put together the most comprehensive and exciting roster of informative experts, special events and talk tracks to share the latest and greatest the information security world has to share."

A full list of speakers, a conference agenda, media partners, sponsors and participant registration can be found at www.scworldcongress.com.

In addition to the presentation tracks and keynotes, the SC World Congress has put together two events wholly unique to international security conferences:

Events Unique to SC World Congress

 

  • Your Day in Court - Turning Legalize and Security-ize into Jury-ize

-       A mock trial of a computer crime case presented by the U.S. Department of Justice, the Secret Service and Homeland Defense experts. As the jury, the audience will participate in a mock trial of a case relying heavily on electronic forensic evidence - while real prosecutors, lawyers, judges and FBI professional witnesses present the case. In today's world of cybercrime and e-discovery, this session will arm SC World Congress delegates with the facts and advice needed to find success in front of a judge and jury, in an innovative, interactive and unique format.

  • The Security Innovators Throwdown

-       During which leading young companies, chosen by SC Magazine, will present their goals for their newly developed technologies or services before a judging panel of experts.

Judges will assess which vendors have the most considered business plans and most robust tools that not only could garner interest from buyers, but also possible investment from venture capitalists (VCs).

The ultimate goal of this event is to help find ground-breaking cybersecurity technologies and services, showcase them before the industry, and educate and gather the venture capital and investor community to support continuing innovation.

SC Magazine is looking for individuals or start-up companies that want their technologies seen, critiqued and championed through the influential power and industry reach of SC Magazine. Additional information on event details and how to apply can be found at www.scmagazineus.com/SCWCThrowdown/section/1013/.

"With the innovative agenda and superb quality of the presenters, the 2009 SC Magazine World Congress is the place for security professionals to learn more about the latest in the ever-shifting security landscape," said Jim Nelms, CISO, The World Bank, Treasury. "I am looking forward to both presenting and attending. There will be a tremendous amount of collected knowledge that will help facilitate a better and more clear understanding of today's information security challenges."

Registration for the conference is currently open. To register for the conference, please visit www.scworldcongress.com.

 

About SC Magazine

SC Magazine provides IT security professionals with in-depth and unbiased information through timely news, comprehensive analysis, cutting-edge features, contributions from thought leaders and the best, most extensive collection of product reviews in the business.  By offering a consolidated view of IT security through independent product tests and well-researched editorial content that provides the contextual backdrop for how these IT security tools will address larger demands put on businesses today, SC Magazine enables IT security pros to make the right security decisions for their companies.  The brand's portfolio includes the SC World Conference and Expo,  SC Magazine Awards, SC Directory, SC Magazine Newswire and SC Magazine IT Security Executives Forums

Contacts:

Sponsorship / vendor showcase:

Mike Alessie

mike.alessie@haymarketmedia.com

646-638-6002

Media:

Matthew Mors

matthew@yourtechpr.com

206-992-7518

"

(Read More... | 2 comments | Score: 0)


CCCURE CISSP BOOT CAMP DUBLIN, IRELAND
Posted by boss on Saturday, 22 August 2009 @ 13:05:21 EDT (1505 reads)
Topic Training News

Anonymous writes "

FOR MORE INFO, REGISTRATION, AND PRICING, VISIT OUR PARTNER WEB SITE AT:
http://www.espion.ie

After delivering hundreds of CISSP Boot Camp and visiting dozens of countries around the world,  2009 will see the launch of our first boot camp in Ireland.  Please do pass the word to your Irish friends.

Recognizing the growing demand for security education and trainings, we have put together some of the most sought after trainings & certification classes.  Our goal is to deliver those classes where and when it is needed.  We have delivered our classes in multiple countries around the world and we are very proud to offer it in Dublin, Ireland this fall.

CISSP Seminar "By CCCure" and "Espion.ie"
Delivered by world renowned instructor Clement Dupuis
From 21st of September 2009 until the 25th of September 2009

Get Trained by Clement Dupuis, the owner and maintainer of the www.cccure.org web site.  Clement and his website is known as THE best place to get trained on the CISSP package and its ten domains. 

Clement has taught more CISSP's than any other instructor in the world.  He has helped thousands in reaching their certification goals.  This five days review Boot Camp will be very intensive and will answer all of your queries about the KEY topics of the 10 domains of the Common Body of Knowledge (CBK).

Our CISSP classes have been delivered in dozens of countries around the world.  Clement has delivered training to most of the top 100 companies in the USA.   This class combined with the prestudy tools that we will provide to you as part of your registration fees will really help you pass your exam on the first trial.   Training and review will commence prior to the class and the intensive five days of training will confirm and reinforce what you have learned and really validate that you are ready for your exam.

Your class tuition fees include all of the following class/training material:

Five full days of training
Student books with a copy of the slides and Notes
A copy of the Shon Harris, All In One Book, 4th edition
Access to the CCCure question bank of more than 2000 questions
Direct assistance from a Master of the CISSP certification: Clement Dupuis (prior, during, and after training).
A certificate of attendance awarded by CCCure upon completion

 

FOR MORE INFO, REGISTRATION, AND PRICING, VISIT OUR PARTNER WEB SITE AT:
http://www.espion.ie

 

"

(Read More... | 3 comments | Score: 0)


Combined Hampton Roads and Tidewater ISSA Chapter meeting
Posted by boss on Tuesday, 18 August 2009 @ 09:26:17 EDT (1224 reads)
Topic Training News

Anonymous writes "

ISSA Hampton Roads and Tidewater Chapters

In partnership with SANS Institute are proud to present

a joint meeting in Virginia Beach

 

Please note the change in date and Location for the September Meeting

 

Monday, August 31, 2009 (This is our September meeting)

 

Join the ISSA Hampton Roads meeting at Sheraton Ocean Front, 3501 Atlantic Avenue, Virginia Beach, Virginia

 

"Incorporating Advanced Man in the Middle (MitM) Attacks in Your Penetration Testing Regimen"

Speaker:  Bryce Galbraith, distinguished SANS Institute Instructor

5:00 - 6:30 PM – SANS Reception
6:30 – 7:00 PM - Business Meeting
7:00 PM – Speaker Introduction, Presentation, Q&A

Topic Description:

What else can be done when traditional attack vectors such as remote exploits and weak passwords fail, but start the report? No way! MitM attacks can open up systems that might otherwise be impregnable: systems with strong passwords, that are fully patched, that are protected by ACLs and employ other best practices. Bryce will discuss the tools and techniques needed to launch a wide variety of MitM-based attacks that leverage common scenarios found in most organizations today. Topics covered include:

*       Credential sniffing
*       VoIP interception
*       Command injection to bypass strong authentication
*       Crypto attacks on SSL, SSH and intercepting keystrokes from RDP sessions.
*       Downgrade attacks on common authentication protocols

*       Web traffic manipulation and malicious code injection from trusted sites
*       Side-channel attacks on web applications
*       Strategic DoS attacks (e.g. syslog suppression, AAA bypass)
*       Advanced wireless network attacks including a mobile, wireless attack rig!

 


Future Events:

On October 6th we are planning a presentation by Enough is Enough, an organization that provides presentations on internet safety to students and their parents.

Other subjects we are exploring include SRR/Retina Scan, live memory analysis, New federal rules/guidelines, rules of evidence, and a vendor presentation by Mobile Armor.

Please register and RSVP at: https://portal.sans.org/coins_event.php?eventid=242 

 

Details

 

Date: Monday, August 31, 2009

5:00 - 6:30 PM – SANS Reception
6:30 - 7:00 PM – Chapter Business, Announcements
7:00 PM – Speaker Introduction, Presentation, Q&A

Where: Sheraton Oceanfront, 3501 Atlantic Avenue, Virginia Beach, Virginia


More Information:

For more information about the Hampton Roads Chapter of ISSA, visit our website http://www.issa-hr.org
For the national organization: http://www.issa.org

"

(comments? | Score: 0)


Security Constructs announce a partnership with Security University
Posted by boss on Thursday, 06 August 2009 @ 17:38:42 EDT (1088 reads)
Topic Training News

cdupuis writes "

NOTE FROM CLEMENT:

I have some great news for our members and students today.  Tom Bowers who is very well known in the security community is joining force with Security University and will become part of our faculty.   It will be my great pleasure and privilege to work along side with Tom.   Tom will be taking care of some of our Hacking Classes.   He is an expert on the subject and rest assure that you will get outstanding quality of delivery, content, and intruction.   Welcome onboard Tom!

See official announcement below:

---------- Forwarded message ----------
From: Tom Bowers
Date: Wed, Aug 5, 2009 at 16:35
Subject: Security Constructs is pleased to announce a new partnership
To: Tom.bowers@securityconstructs.com


                    Security Constructs, LLC            

Dear Friends, Colleagues and Current Clients of Security Constructs,

We're pleased to announce that Security Constructs, LLC is partnering with Security University as an additional outlet for world class security training for our clients. Security Constructs is internationally recognized for High Value writing, speaking, consulting and instruction in the information security and project management spaces. Security Constructs continues to offer their current range of services and classes and is already confirming engagements for winter/spring 2010.

Security University prides itself in providing the very best hands on  (50/50 mix) training for a wide range of security disciplines including but not limited to ethical hacking, penetration testing, wireless, network defense, secure software development and digital forensics. Additionally they have partnered with CCCure.org to provide the gold standard in CISSP training.

We are happy to provide additional detail on these exciting new offerings so please do not hesitate to call or email.


Respectfully,
Tom Bowers
Managing Director
Security Constructs, LLC
484-240-4231  office

"

(Read More... | 2 comments | Score: 0)


Free Laptop, Free Airfare, $800 off, Free whatever....
Posted by boss on Tuesday, 04 August 2009 @ 11:09:18 EDT (1211 reads)
Topic Training News

cdupuis writes "

Do training providers think we are all stupids?

There is NOTHING free in this world,  there is always a price to pay,  sometimes it is our privacy and other time it is our wallet that will suffer.  When I read some of the advertising that I get from training providers  it seem they really believe we are stupid.

Lately I have seen lots of advertising proposing freebies (at least that's what they say).

How can they offer such freebies,  there is one simple answer:  Because their classes are totally overpriced.   This is how they can offer so called rebate.  You end up paying for the freebie yourself all the time.

I do not want email rebate, I do not want a cheap laptop, I do not want free airfare,  I want you to provide me with fair pricing all year long and not only once in a while when you feel like it. Give me value, content, great delivery, this is what I want.

My goal when I buy training is to get educated first and then reach my certification goals. The FREE laptop will not help me achive this,  the free airfare either.  Only quality of content and a skilled instructor will really help me achive my goals.

When a provider must lay carrots on the ground to attract the rabbits it means that they have a product that cannot attract the rabbits by itself. It is never a good sign.  It souds like Empty Classes....

Beware of company offering you a full bag of carrots, it might be all that you get:  The Freebie and no other value as far as education, quality of delivery, and content is concerned.

Training is a competitive market, do your homework and get the best value for your money from training providers who always offer fair pricing and are diligent in the delivery of their material. 

Best regards

Clement

"

(Read More... | 2 comments | Score: 0)


SC World Congress - Enterprise Data Security, October 13-14 in New York City
Posted by boss on Tuesday, 21 July 2009 @ 19:55:06 EDT (820 reads)
Topic Training News

cdupuis writes "

Make plans now to attend the second annual SC World Congress - Enterprise Data Security, October 13-14 in New York City.

The Congress features a comprehensive, two-day program presented in four tracks-including the unique Editors Choice sessions-and the industry's largest fall product expo showcasing IT security solutions from the leading vendors and hot start-ups. 

Emphasizing quality content, innovative formats and sessions, global perspectives and ROI, this is the one event you can't afford to miss.

Register by August 31 for big savings.  www.scworldcongress.com

 

"

(comments? | Score: 0)


Cybersecurity training: The battle over mandates
Posted by boss on Saturday, 20 June 2009 @ 10:34:53 EDT (1169 reads)
Topic Training News

cdupuis writes "

NOTE FROM CLEMENT:

Here is a great article written by Ben Bain a reporter for Federal Computer Week.  The article discuss certification versus licensing.   It seems that finally the US Government is looking at issuing licenses to practice information security.  So far there was no requirement to show competancy,  you only have to claim to be really good at what you are doing to get mandates.   The only other trade that has this approach is the oldest  trade in the world....

Of course this has spur lots of debates and open debates are always good for the community.   I like very much the comment from Allen Paller from SANS and his position on the subject,  on the job training and testing by an entity that is not commercially driven should be the norm.  I totally agree with him when he says: 

Yet another issue with licensing is what form the testing should take. Alan Paller, director of research at the SANS Institute, a cybersecurity training, certification and research organization, supports the idea of evaluating security professionals’ skills in operational situations, as airplane pilots are tested.

He added that if the government establishes a licensing program for IT security professionals, it shouldn’t belong to the commercial world. “It should be owned by a completely independent organization that isn’t trying to sell something already, and they should not be able to do any training at all — none,” Paller said.

See the whole article below and please use the comment feature to give us your opinion on the subject:

Will mandatory cybersecurity training or licensing make government systems more secure?

Few people would advocate putting cops on the street or soldiers into battle without first giving them proper training. Yet there is no standard governmentwide preparation program required for those who protect the government’s information systems and computer-controlled infrastructure from bad guys intent on mischief or harm.

 

 

Whether an obligatory return to the classroom will make a difference in countering those threats is at the heart of a debate spurred by a proposal to license cybersecurity professionals that work for or contract with the government. The mandate is part of an ambitious cybersecurity measure the Senate initiated, and it would affect tens of thousands of information technology workers.

Proponents see the measure as money well spent to improve information security through a more professional, better-trained cybersecurity workforce. But opponents believe mandatory licensing will tie up the industry in red tape and hinder its ability to keep training up-to-date with rapidly changing technology.

The measure, sponsored by Sens. John “Jay” Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine), would direct the Commerce Department to develop or coordinate and integrate a national licensing, certification and periodic recertification program for cybersecurity professionals.

It would then become unlawful for a person lacking the proper license and certification to provide cybersecurity services to an agency or for an information system or network designated as critical infrastructure.

Opinions about the proposal’s potential impact vary, but the different camps agree on one point: There are still many unanswered questions. For example, people wonder how “cybersecurity services” would be defined. They also speculate on which skills would need certification or licensing and whether using company-based certifications would be the right approach.

There are also questions about enforcement, legal liability, the value of certification versus licensing, and how federal requirements would impact states' rights and their traditional role in licensing various professions.

The Senate measure would apply to all federal IT systems and any others the president deems critical infrastructure, which could include privately owned assets such as the electric grid.

It wouldn’t be the federal government’s first attempt at demanding proof of training for cybersecurity professionals. The Defense Department has had a mandatory certification — but not licensing — requirement for its information assurance workforce since 2004. The program has certified only one-third of the department’s information assurance workforce so far, and though officials have yet to complete an extensive assessment of the program’s performance, they see signs that it is having a positive impact.

Licenses vs. certifications

The new proposal would affect the entire federal IT industry — from contractors to government employees and the many companies that provide information assurance certification and training.

The use of certification as a tool for hiring, placing and promoting employees is certainly nothing new. However, a mandatory licensing program would be unprecedented, and that proposal has proven particularly contentious.

“A lot of people have problems with where do you draw the line: Who has to get a license, who doesn’t, who would be the licensing authority, what would be the extra cost, what are the liability issues?” said Lynn McNulty, director of government affairs at (ISC)² and a former federal information security program manager. (ISC)² is one of numerous organizations that constitute an expansive training and certification industry.

McNulty said he’s not hearing a lot of complaints about the certification requirement, but many people have a problem with the licensing requirement.

During a roundtable discussion on certifications (ISC)² hosted in early June, several participants said the licensing requirement would represent a departure from the state-based approach to validating the qualifications of professionals such as doctors and lawyers.

Federal licensing of cybersecurity professionals “would fly against that principle, and it just doesn’t make a lot of good sense in my opinion,” said John Lainhart, public-sector service area leader for security, privacy, wireless and IT governance at IBM’s Global Business Services. He participated in the (ISC)2 roundtable discussion as a representative of the Information Systems Audit and Control Association, which provides cybersecurity training and certifications.

Critics say another problem with licensure and its added layers of federal oversight is that the government’s training and testing programs would not evolve as quickly as industry-driven certification programs.

That would be a significant slowdown for an industry that changes as rapidly as IT does, and could dampen rather than boost the growth of a newly trained cybersecurity workforce, said Dan Liutikas, another roundtable participant and senior vice president, chief legal officer and corporate secretary at CompTIA, an IT industry and training association.

Yet another issue with licensing is what form the testing should take. Alan Paller, director of research at the SANS Institute, a cybersecurity training, certification and research organization, supports the idea of evaluating security professionals’ skills in operational situations, as airplane pilots are tested.

He added that if the government establishes a licensing program for IT security professionals, it shouldn’t belong to the commercial world. “It should be owned by a completely independent organization that isn’t trying to sell something already, and they should not be able to do any training at all — none,” Paller said.

The current state of play

Establishing certification or licensing requirements would force the government to define skill sets and career paths for cybersecurity professionals. Such tracks are common for other government jobs but nonexistent for IT security.

“Everything always points back to the fact that we are calling things apples and oranges and grapes,” said Brenda Oldfield, director of cyber education and workforce development in the Homeland Security Department’s National Cybersecurity Division. “We do not have common terminology across the mission areas. Everything that we attempt to do in developing any plans for training and education of the civilian workforce or of the federal workforce depends upon this common lexicon.”

On that issue, the legislation might be getting ahead of itself, said Patricia Titus, former chief information security officer at the Transportation Security Administration and currently CISO at Unisys Federal Systems.

The Office of Personnel Management still hasn’t designated a job series for IT security professionals, she said. Right now, such workers are categorized as IT specialists, managers or program analysts.

“I think OPM needs to develop an IT security job series, and part of that series then would be the requirements of what the individuals have to do,” Titus said. Those might include certification, appropriate training and relevant job responsibilities, she added.

Oldfield has been working for years to establish a common set of skills for information security professionals in the government. Most recently, that effort has been folded into the education component of the Comprehensive National Cybersecurity Initiative, the multiyear, multibillion-dollar program launched by the Bush administration. Oldfield co-leads the education initiative for DHS in cooperation with DOD.

“We have to be able to validate that cyber professionals have the skills needed, but we have to identify what those skills are uniformly,” she said.

Officials have identified numerous federal documents that specify different IT security competencies that workers should possess. The challenge is to bring them all together. That’s the job of an interagency work group being established to identify critical roles and unify agencies’ training efforts. Such consolidation will also likely produce cost savings by eliminating duplicative efforts.

“Many times there are high-end training classes and laboratory experiences conducted that have empty seats, and they could offer those seats to other agencies if we were comparing apples to apples,” Oldfield said.

DOD’s experience

As experts weigh the potential value of a governmentwide cybersecurity certification or licensing requirement, they are turning to DOD for lessons about how its program has fared.

DOD’s certification requirements cover a spectrum of management and technical information assurance roles for some 90,000 military, civilian and contract employees. Officials created the program in 2004 in response to departmental Directive 8570, released a manual of instructions in 2005 and updated that manual in 2008. Under the program, they identified commercially available, accredited certifications that information assurance employees and contractors need to have to work on DOD systems.

“The idea of a common lexicon that’s provided by these certifications is something that was lacking before,” said George Bieber, director of DOD’s Information Assurance Workforce Improvement Program.

At the launch of the program, Pentagon officials created a working group with representatives from the military services to define the functions or skills the certifications would cover. Then they examined which existing certifications aligned most closely with the desired skills.

DOD’s legal representative originally said they needed to use certifications rather than licensure because the latter is not a federal or DOD function, Bieber said. Officials also decided to take advantage of existing commercial certifications rather than develop custom programs so that employees would have skills they could use in the private sector or at other agencies.

DOD’s program hasn’t moved as quickly as officials had hoped. Their goal was to have about 40 percent of targeted workers certified by now, but only about 30 percent have been. Bieber blamed the shortfall on an aggressive schedule, funding constraints, changing culture and the extra work needed to make changes in supporting systems, such as personnel databases. However, DOD officials still hope to have all 90,000 certifications done by 2011.

Studies conducted by a couple of DOD offices have shown that security seems to improve as more employees are certified. DOD officials are in the process of collecting data to assess the program more broadly.

Bieber said he has heard that certifications help increase a cybersecurity staff’s problem-solving abilities by providing them with a common lexicon when addressing incidents.

“It’s really enabled the security issues to be handled at a lower level, whereas before it was going up,” he said.

The DOD model expanded?

It’s uncertain whether the requirements outlined in the Rockefeller-Snowe bill would expand the DOD model of using commercial certifications or prompt the development of new standards. And experts disagree on which approach is best.

Paller said the way DOD developed its program by surveying commercial certifications was a huge error. He believes a certification program should measure specific skills that people use in specific jobs — something he said DOD’s approach doesn’t do. Rather, it found a lowest common denominator, he said.

“My sense is if we care about this enough to make it a national law, we ought to make it much more technical and much more sophisticated,” Paller said.

However, others see expanding DOD’s approach as the way to go.

Lainhart said DOD’s program, which is based on U.S. and internationally recognized certifications, is preferable.

“Let’s not reinvent the wheel,” Lainhart said. “We’ll achieve a global standard that way by using the certifications that are out there, and I think that’s again consistent with [President Barack Obama’s] cybersecurity policy review.”

Indeed, what will follow from the administration’s recently completed 60-day review of cybersecurity policy could be a big factor in determining the new proposal’s fate.

The reviewers’ report recommends that the federal government initiate a national public awareness and education campaign. It adds that shared training and rotational assignments across agencies — and potentially with the private sector — would be efficient and beneficial. However, the administration hasn’t said whether it favors mandatory certifications and licenses for cybersecurity professionals.

Even with all the unanswered questions, some experts are happy just to be having the conversation. Bieber said he thinks all the focus on cybersecurity will turn more attention on training and certification efforts.

“One of the things I love about the Rockefeller-Snowe bill is it's provocative, and it’s creating these discussions,” said Mason Brown, director of the SANS Institute and a participant in the (ISC)2 roundtable discussion. “If we expect something in draft format and out of committee or out of the gates to be perfect, we’re a little bit nutty.”

About the Author

Ben Bain is a reporter for Federal Computer Week.

Original article at: 
http://fcw.com/Articles/2009/06/22/feat-cybersecurity-training.aspx?s=fcwdaily_190609&p=1

"

(Read More... | 1 comment | Score: 0)


Get a platinum pass and save BIG!
Posted by boss on Tuesday, 21 April 2009 @ 09:11:14 EDT (1432 reads)
Topic Training News

cdupuis writes "

Now is the time to get the best deal ever

"

(Read More... | 1 comment | Score: 0)


Clement is now Security Curriculum Manager at Security University
Posted by boss on Tuesday, 07 April 2009 @ 03:43:46 EDT (1394 reads)
Topic Training News

cdupuis writes "


CCCure / Security University

Clement Dupuis, CD

Senior Security Specialist & Security Curriculum Manager

Security University 

(http://www.securityuniversity.net)

CCCure is joining forces with Security University

Good news for all Security University Students and CCCure Members

Good day to all,

Today I am very proud to announce some great news to all CCCure members and Students of Security University.

As the owner of the CCCure Family of portal I am very happy to inform you of my latest appointment as part of the Security University team.  In my capacity as Senior Security Specialist and Security Curriculum Manager it will be a pleasure to interact with you in the near future for all of your security education needs.

It will be my duty to ensure that all of Security University Security Courses remains at the forefront of today's security needs.  I will ensure that our curriculum will allow you to achieve your professionals as well as your certification goals.

We have the ability to deliver training onsite, online, or within live classrooms.   I invite you to visit our extensive offering at the following URL:

http://www.securityuniversity.net/classes.php

CISSP® CLASSES

The CISSP® classes and it's curriculum has been my specialty for the past 12 years.  I have taught over 200 boot camp classes around the world.  Through my website at http://www.cccure.org I have helped many thousands more in their goals of becoming CISSP®'s.

I know the CBK from A to Z and I will be pleased to bring this expertise in class with me to help you reach your certification goals.

I invite you to join me for a CISSP® class that will be delivered from the 18th to the 22nd of May 2009 in Reston, VA.  It will be my pleasure to guide you before, during, and after class until you reach your certification goals.

You can register or get more information at:

https://www.securityuniversity.net/reg.php

Do not hesitate to contact me if you have any questions.

Best regards

Clement Dupuis, CD
Owner and Founder of the CCCure Family of Portals
Senior Security Specialist & Curriculum Manager
Security University  (http://www.securityuniversity.net)
clement.dupuis@gmail.com

 

 

"

(Read More... | 3 comments | Score: 0)


EC-Council Secure aid Program
Posted by boss on Thursday, 19 March 2009 @ 12:28:44 EDT (1330 reads)
Topic Training News

cdupuis writes "

EC-Council announces a US$100,000 allocation toward an Information Security scholarship fund through EC-Council| Secure Aid™

EC-Council| Secure Aid™ the brainchild of EC-Council, strives to provide a platform for the attainment of knowledge regardless of certification affiliation and aims to support national and global security measures on combating cyber crime and cyber terrorism.  EC-Council welcomes outstanding individuals who have contributed meaningfully in the IT Security domain and possess the desire to update their information security certification skills to apply for EC-Council’s scholarship. We hope to alleviate the pain of some information security professionals that have been affected by the global economic crisis and at the same time, we hope to empower the information security community and the world at large to fight cyber crime and cyber warfare.

We are proud to be vendor neutral and independent in our pursuit of empowering knowledge seekers to uphold the sanctity of their information security assets and in ensuring that every certified professional upholds the best practices in penetration testing and be in the forefront of the industry’s compliant requirements.

Therefore, EC-Council pursues with vigor the following objectives:

  • To serve our community by remaining a vendor neutral information security certification body and education provider
  • To foster excellent research skills in the field of information security
  • To encourage the development of ethical behavior within our certified community
  • To sustain creativity in implementing, managing and solving IT security related issues

Scope of Scholarship   

Enrolment in the following choice of courses:

1.    EC-Council Certified Ethical Hacker (C|EH);

2.    EC-Council Computer Hacking Forensic Investigator (C|HFI);

3.    EC-Council Certified Security Analyst (E|CSA);

4.    Licensed Penetration Tester (L|PT);

5.    EC-Council Certified Disaster Recovery Professional (E|DRP)

Total of 40 full and partial scholarships available totaling US$100,000

Successful candidates shall be entitled to full or partial training fees and exam voucher waiver for year 2009/2010 excluding courseware. Please click HERE for details on tuition and related fees

Duration of courses offered – 5 day live, online, instructor led training. The courses are all approximately 36 instruction hours in length delivered either in four hour time blocks, twice a week in the evening for 5 weeks, or in 5 consecutive days in 8 hour time blocks

Courses to be administered through EC-Council’s iClass (Live, Online, Instructor-led)



"

(Read More... | 1 comment | Score: 0)


Login here

Nickname

Password

Security Code:
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Our Sponsors

CCCure Partners

USA


Security University

Security University


MIDDLE EAST


Dubai, Qatar, Kuwait, Oman

THE OISSG GROUP
The OISSG serving the Middle East security needs


EUROPEAN UNION


Dublin, Ireland
ESPION

Best security training you can get in Ireland


AFRICA


Yaounde-Cameroun
GetSec

The best training one can get in Cameroon

Lagos, Nigeria
Digital Encode


The best security training in Lagos and Nigeria

Most Active Members

· 1: side_winder
Total points: 11914
· 2: Lopezco
Total points: 8506
· 3: cissp_newbie
Total points: 7593
· 4: cdupuis
Total points: 6442
· 5: mikeyoung_fla
Total points: 5440
· 6: Vladimir
Total points: 4611
· 7: MMM
Total points: 2969
· 8: damoose
Total points: 2273
· 9: educk
Total points: 2171
· 10: vijayu
Total points: 1931

Today's Big Story

There isn't a Biggest Story for Today, yet.

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2007 by CCCure.Org, and the site maintainers Clement Dupuis and Nathalie Lambert. Reuse is strictly prohibited without written permission of CCCure.Org or it's maintainers.

This web site is not associated directly or indirectly with ISC2, the SANS Institute, ISACA, or other certification authority. The GCFW, CISSP, SSCP, ISSEP, ISSMP, CISA, and CISM are all the property of their respecful owners. The content of this site is provided to you freely due to the generosity of our sponsors.


  • Career
  • Magazines
  • Conferences
  • Study Books
  • Certifications
  • Training
  • Tutorials
  • Quizzes
  • Forums

  • Page Generation: 0.83 Seconds