CCISO Certification & Training Course
Overview
What is CCISO?
EC-Council Certified CISO (Chief Information Security Officer), being the CCISO full form, is a program or CCISO course is meant for the highest level of the executive professionals of information security. It’s a leadership program as the role demands overseeing information systems and company security.
CCISO training equips you with the knowledge and skills of audit management, governance, IS controls, human capital management, and strategic program development. The CCISO certification value is immense as the course emphasizes the implementation of information security management, planning, compliance, and audit management. It has less focus on delivering theoretical knowledge. In the CCISO course at SpireTec you will learn how to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. You don’t need to worry much regarding the CCISO training cost because SprireTec makes it affordable for you.
Why CCISO Training?
The CCISO certification offered by SpireTec offers comprehensive module-wise CCISO training with a fair CCISO exam cost to help you score well in the CISCO Exam (Code 712-50). The exam has 150 scenario-based questions to be answered in 2.5 hours. f you properly utilize the CCISO certification training you can achieve. If you properly utilize the CCISO certification training you can achieve a passing score of 72%.
We have experienced faculty members to deliver training based on the latest online CCISO course. Develop skills required to maintain procedures, standards, and policies to protect the privacy and integrity of data, ensure compliance with regulations and security policies, train security specialists from middle-level of management, and develop contingency plans and manage security breaches.
CCISO Exam: Skills Measured
- Governance and Risk Management
- Information Security Controls, Compliance and Audit Management
- Security Program Management and Operations
- Information Security Core Competencies
- Strategic Planning, Finance, Procurement and Vendor Management
Who Should Earn CCISO Certification?
Chief Information Security Officer
The CCISO is a senior-level role in the Information security, cyber-security, or cyber-forensic department. CCISO certification training course is what you should opt for to upgrade your expertise and learn to better align information security programs to the goals of organizations. Other information security management certification programs focus on middle management but CCISO certification focuses on exposing middle managers to executive-level content as well as encouraging existing CISOs to continually improve their processes and programs. Therefore, consider the CCISO certification value and land yourself the lucrative job role of a CISO in the USA economy is $165,391 per annum.
Aspiring CCISOs
If you are a Middle-level IT managers working as Information Security Analyst, Ethical Hacker, Cyber Security Consultant, and Digital Forensic Analyst, the CCISO certification training with a minimum CCISO certification cost, can help you to reach the top of your career graph. The online CCISO training course is an endorsement of your leadership quality in designing and implementation of the best Internet security practices.
Prerequisites for CCISO Certification
5 years of experience in at least 3 of the 5 CCISO domains (experience can be overlapping). Candidates not meeting this requirement have to first qualify EC-Council Information Security Manager (EISM) exam.
Full Description
Table of Contents
Domain 1: Governance
Knowledge Assumptions.
1. Drivers that Influence Governance
1.1 Business Drivers
1.1.1 Form of Business Organization
1.1.2 Organizational Structure
1.1.3 Industry
1.1.4 Organizational Maturity
1.2 Information Security Drivers
1.2.1 Corporate Governance and Organizational Alignment
1.2.2 Compliance
1.2.3 Information Privacy
2. Corporate Governance Activities
2.1 Risk Oversight
2.2 Enterprise Architecture
2.2.1 The Zachman Framework
2.2.2 The Open Group Architecture Framework (TOGAF)
2.2.3 Sherwood Applied Business Security Architecture (SABSA)
2.2.4 Federal Enterprise Architecture Framework (FEAF)
2.2.5 Department of Defense Architecture Framework (DoDAF)
2.3 Asset Management
2.3.1 Asset Ownership
2.3.2 Classification
2.3.3 Asset Inventory
2.3.4 Asset Value
2.3.5 Asset Protection
2.3.6 Asset Management in Practice
2.4 Managing and Controlling Organizational Changes
2.4.1 Change Control
2.4.2 Change Management
2.5 Business Continuity Management
2.5.1 Business Impact Analysis
2.5.2 Business Continuity Planning
2.5.3 Disaster Recovery Planning
2.5.4 Alternate Processing Sites
2.5.5 BCM Plan Testing
2.5.7 Crisis Management
3. Information Security Governance Activities
3.1 Information Security Program Management
3.1.1 Formal Documentation
3.1.2 Education, Training, and Awareness
3.1.3 Information Security Steering Committee
3.1.4 Metrics and Reporting
3.2 Security Engineering
3.3 Security Operations
3.4 Corporate Governance and Security Responsibilities
4. Governance and Ethical Decision Making
4.1 EC-Council Code of Ethics
Domain 1 Summary
Domain 2: Security Risk Management, Controls, and Audit Management
Knowledge Assumptions
1. Risk Management
1.1 Risk Assessment
1.2 Risk Analysis Approaches
1.3 Organizational Risk Perspectives
1.4 Risk Management Constraints
2. Risk Treatment
2.1 Risk Treatment Options
2.2 Attributes of Controls
2.3 Selecting and Implementing Controls
2.4 Control Catalogs
3. Risk Management Frameworks
3.1 ISO 27005
3.2 NIST Risk Management Framework
3.2.1 NIST Risk Management and Assessment
3.3 Additional Risk Management Tools
3.3.1 ISO 31000
3.3.2 Threat Agent Risk Assessment (TARA)
3.3.3 Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Allegro
3.3.4 Factor Analysis of Information Risk (FAIR)
3.3.5 COBIT Risk Management
3.3.6 ITIL Risk Management
4. Audit Management
4.1 Evaluation Standards and Controls
4.2 Analysis and Interpretation of Audit Results
4.3 Outcomes for Ineffective or Missing Controls
5. Risk Communication and Organizational Reporting
Domain 2 Summary
Domain 3: Security Program Management and Operations119 Knowledge Assumptions
1. Information Security Portfolio Management
1.1 Information Security Portfolio Planning
1.2 Information Security Portfolio Alignment
2. Information Security Program Management
2.1 Information Security Program Development Model
3. Information Security Project Management
3.1 Project Initiation
3.2 Intermediate Project Phases
3.3 Project Closure
4. Security Operations
4.1 Security Operations Center (SOC)
4.1.1 Security Operations Personnel
4.1.2 Security Operations Processes: Policies and Procedures
4.1.3 Security Operations Technology
4.1.4 Security Operations Communication
4.2 Security Operations Program Activities
4.2.1 Event Management and Incident Response
4.2.2 Digital Forensic Investigation
4.2.3 Threat Hunting
Domain 3 Summary
Domain 4: Information Security Core Competencies
Knowledge Assumptions
1. Access Control
1.1. Access Control Plan
1.2. Types of Access Control
1.3. Authentication
1.4. Authorization
1.5. Access Administration
2. Physical Security
2.1. Physical Risk Analysis
2.2. Physical Security Audits
2.3. Physical Security Strategy
2.4. Facility Design
3. Network and Communications Security
3.1. Network Security Planning
3.2. Network Management Concerns
3.3. Network Topologies
3.4. Network Standards and Protocols
3.5. Network Security Controls
3.6. Wireless Communications Security
3.7. Voice-over-IP (VoIP) Security
4. Threat and Vulnerability Management
4.1. Threat Management
4.2. Vulnerability Management
5. System and Application Security
5.1. System Development
5.2. Separation of production, development, and test environments
5.3. Application Testing
5.4. System Security Management
5.5. Configuration management
5.6. System Hardening
5.7. Data Sanitization
5.8. Mobile System Security
6. Encryption Concepts and Technology
6.1. Encryption Algorithms
6.2. Public Key Infrastructure
6.3. Hashing
6.4. Digital Signatures
Domain 4 Summary
Domain 5: Strategic Planning, Financial Management, and Vendor Management
Knowledge Assumptions
1. Strategic Planning
1.1. Strategic Planning Phases
1.2. Strategic Planning Tools
2. Financial Management
2.1. Fundamental Accounting Concepts
2.2. Budgeting
2.3. Expense Management
2.4. Comparing Capital Investment Opportunities
2.5. Financial Accounting for Security Leaders
3. Vendor Risk Management
3.1. Procurement
3.1.1 Planning
3.1.2 Vendor assessment and selection
3.1.3 Contract negotiation
3.1.4 Managing Expectations and Performance
3.2. Vendor Management
3.2.1 Oversight
3.2.2 Risk Management
3.2.3 Disposition
Domain 5 Summary
References
Index
Fees & Schedule
Delivery Mode | Course Duration | Fees |
---|---|---|
Live Virtual Training | 5 Days | Ask for Quote |
Onsite Classroom Training | 5 Days | Ask for Quote |
Customized Training | 5 Days | Ask for Quote |