Partner Class
The ISAM is an updated and improved 3-day version of the popular INFOSEC Assessment Methodology (IAM) and INFOSEC Evaluation Methodology (IEM). The ISAM is a detailed and systematic way of examining cyber vulnerabilities and was developed by experienced assessors from government and industry. In addition to assisting the governmental and private sectors, an important result of supplying baseline standards for information security assessments is fostering a commitment to improve the organization's security posture. The ISAM is a hands-on methodology for conducting comprehensive assessments of customer networks utilizing common technical evaluation tools. Students can expect to learn an easily repeatable methodology that provides each customer a roadmap for addressing their security concerns and improving their security posture.
Why You Should Attend
Individuals will be trained in the ISAM so they can use their information security analysis skills along with the ISAM training to providethe standardized ISAM assessment service. Since the ISAM is a baseline methodology, the final results of the assessment service are highly dependent on the information security and analytic skills of the assessors.
The ISAM focuses on the appropriate procedures for three primary phases:
Pre Assessment: Focuses on identifying critical information and systems and addressing the impact to the organization should the loss of confidentiality, integrity, and/or availability occur. This phase also addresses the full scoping of the assessment process.
On-Site Assessment: Focuses on gathering the information on the security posture of the organization through interviews, documentation review, and system scanning.
Post Assessment: Focuses on detailed analysis and reporting of the findings. This process also includes a reporting tool that will assist in the management view of the security posture.
Features and Benefits of Attending
High quality training by industry experts
Hands-on experience with various security tools
ISAM Certification (when requirements are met) including a tracked certificate number
Complimentary Security Assessment Reference Book
Complimentary Security Evaluation Reference Book
Sampling of information security software to evaluate
Certification Qualification Requirement
Five (5) years of demonstrated experience in the field of information security, communications security, or computer security,with two (2) of the five (5) years of experience working directly with information security
AND
Six (6) months or more of demonstrated experience in at least one of the following areas: -An understanding of Windows, Unix, or Firewalls -Experience with conducting and interpreting security scanners (type does not matter) -Experience with conducting and interpreting port scans -Experience with conducting and interpreting operating system evaluation tools -Experience with establishing and enforcing security configuration