Pre-Conference Training Passes

NOTE:

If you purchased Pre-Congress Training, additional registration information will be delivered to your (ISC)² Security Congress 2020 registration email address two weeks prior to class sessions scheduled for November 14 – 15, 2020. 


All courses take place November 14-15 2020

(ISC)CAP® Certified Authorization Professional Online Instructor Led Course
Instructor: Kevin Stoffell

Kevin Stoffell,
Authorized (ISC)2 Instructor
CISSP-ISSAP, ISSEP, ISSMP, CCSP, CAP, CSSLP

Mr. Stoffell is the Director of Cybersecurity Services for CyberArch LLC. He has over 23 years of experience in information systems operations and information systems security in academia, military, and commercial environments. Mr. Stoffell assists both Government and Commercial clients with the evaluation, design, and implementation of effective Cyber Security Architectures and the characterization of Cyber-related risk based on both specific and general threat scenarios. He supports Chief Information Security Officers (CISO) with the implementation of effective and cybersecurity programs within their organizations.

Mr. Stoffell has been an Authorized (ISC)2 Instructor since 2009 and incorporates his experience as an active security practitioner into his instructional delivery.

Course Description

The Certified Authorization Professional (CAP) online instructor led course covers the essentials of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). The NIST RMF is the required process for Federal agencies to use in authorizing Information Technology (IT) systems for use and to ensure cybersecurity protections are applied to all Federal Systems. The CAP two-day course covers the essentials of the NIST process and combined with an individual study plan, prepares students for the CAP certification examination.

  • Presentation. The facilitator will explain content to participants using PowerPoint to guide the presentation. Multiple examples will be used to clarify points.
  • Short Lecture/Discussion. The facilitator will engage participants in conversation by asking questions and encouraging them to respond. Participants will be encouraged to provide examples from their experience.
  • Individual/Group Activity. Participants may work in small teams or individually to study example problems and develop solutions based on course content. The facilitator will debrief with the entire class at the end of the activity.

Course Objectives

After completing this workshop, participants will understand:

  • The NIST Risk Management Framework Benefits 
  • The NIST Risk Management Framework process
  • This NIST Risk Management Framework roles and responsibilities
  • Methods to adapt the RMF to organizational needs
  • Differences between RMF v1 and v2 (SP800-37 revision 1 vs revision2)

Course Outline

Day 1: Certified Authorization Professional CBK® Two-Day Review Seminar 

  • Introduction
  • Chapter 1: Preparation Tasks
  • Chapter 2: System Categorization
  • Chapter 3: Control Selection

Day 2: Certified Authorization Professional CBK® Two-Day Review Seminar

  • Introduction
  • Chapter 4: System Implementation
  • Chapter 5: Control Assessment
  • Chapter 6: System Authorization
  • Chapter 7: Continuous Monitoring 

Who should attend?

(ISC)Certified Authorization Professional (CAP®) Two-Day course is ideal for IT, information security, and information assurance practitioners and contractors who use the NIST Risk Management Framework (RMF) to include system owners, system developers, security assessors, organizational risk management staff and system authorizers.

The ideal candidate should have experience, skills, or knowledge from: 

  • The U.S. federal government working with system authorization
  • The Department of Defense Risk Management Framework
  • Federal Contractors working with System Authorization
  • State and local governments that adopt NIST frameworks
  • Private sector organizations that adopt NIST frameworks

Requisite Skills

Not Applicable

CPEs for (ISC)Credentials – 16.0

(ISC)2 CCSP® Cloud Security Professional Online Instructor Led Course
Instructor: Kevin L. Jackson

Kevin L. Jackson, CISSP, CCSP

Kevin L. Jackson is the Founder and CEO of GovCloud Network, a management consulting firm specializing in helping corporation adapt to the new cloud computing environment. Through his “Cloud Musings” blog, Mr. Jackson has been recognized as one of Cloud Computing Journal “World’s 30 Most Influential Cloud Bloggers” (2009, 2010), a Huffington Post Top 100 Cloud Computing Experts on Twitter (2013) and the author of a FedTech Magazine “Must Read Federal IT Blog” (2012, 2013). In 2012, he was also named a “Cyber Security Visionary” by U.S. Black Engineer and Information Technology magazine. His first book, GovCloud: Cloud Computing for the Business of Government was published by Government Training Inc. and released in March 2011. His second book, released in 2012 by the same publisher, is titled “GovCloud II: Implementation and Cloud Brokerage Services”. He is also a co-author of the Intelligence and National Security Alliance whitepaper “Cloud Computing: Risks, Benefits, and Mission Enhancement for the Intelligence Community”. Kevin Jackson was most recently a contributor to Hudson Whitman’s “Cybersecurity in our Digital Lives” and his next book” Practical Cloud Security: A Cross-Industry View “(ISBN13: 9781498729437), with Dr. Melvin Greer will be released in second quarter 2016.

Kevin has been deeply involved in the broad collaborative effort between industry and the U.S. National Institute of Standards and Technology on the broad adoption of cloud computing technologies. He has been certified as an instructor by the National Cloud Technologist Association and the Cloud Credential Council and holds a Certificate of Cloud Security Knowledge from the Cloud Security Alliance. Mr. Jackson developed and delivered both half-day executive training seminars and four-day cloud computing training classes to multiple US Army Commands in the US, Europe and Korea. Mr. Jackson is currently pursuing a Ph.D. in Applied Information Technology at the George Mason University Volgenau School of Engineering and serves as a Cybersecurity Fellow at The National Cybersecurity Institute at Excelsior College.

Course Description

During this fast-paced, two-day online instructor led course you will cover the six domains covered by the (ISC)Certified Cloud Security Professional CBK. This fact-filled course will assist in your review of the CBK topics and deepen your knowledge of cloud computing and cloud information security. You will receive and utilize the official (ISC)2 Certified Cloud Security Professional certification credential study guide and materials published by (ISC)2. The instructor will utilize (ISC)2 course materials to guide you through the most pertinent information to understand prior to taking the examination. The two-day session will conclude with a post course assessment. 

  • Presentation. The facilitator will explain content to participants using PowerPoint to guide the presentation. Multiple examples will be used to clarify points.
  • Short Lecture/Discussion. The facilitator will engage participants in conversation by asking questions and encouraging them to respond. Participants will be encouraged to provide examples from their experience.
  • Individual/Group Activity. Participants may work in small teams or individually to study example problems and develop solutions based on course content. The facilitator will debrief with the entire class at the end of the activity.

Course Objectives

After completing this workshop, participants will understand:

  • Understand legal frameworks and guidelines that affect cloud services. 
  • Recognize the fundamentals of data privacy regulatory/legislative mandates. 
  • Assess risks, vulnerability, threats, and attacks in the cloud environment. 
  • Evaluate the design and plan for cloud infrastructure security controls. 
  • Evaluate what is necessary to manage security operations. 
  • Understand what operational controls and standards to implement.
  • Describe the types of cloud deployment models in the types of “as a service” cloud models currently available today.
  • Identify key terminology, and associated definitions related to cloud technology. Be able to establish a common terminology for use within your team or workgroup.
  • Build a business case for cloud adoption and be able to determine with business units the benefits of the cloud and cloud migration strategies.

Course Outline

Day 1: Certified Cloud Security Professional CBK® Two-Day Exam Review Seminar 

  • Introduction
  • Techniques and Methodology of Studying for and Taking Certification Examinations
  • Chapter 1: Cloud Concepts, Architecture, and Design 
  • Chapter 2: Cloud Governance: Legal, Risk, and Compliance
  • Chapter 3: Cloud Data Security
  • Session 1 Review

Day 2: Certified Authorization Professional CBK® Two-Day Review Seminar

  • Introduction
  • Chapter 4: Cloud Platform and Infrastructure Security
  • Chapter 5: Cloud Application Security
  • Chapter 6: Cloud Security Operations
  • Session 2 Review
  • CCSP Practice Assessment 

Who should attend?

(ISC)CCSP® Certified Cloud Security Professional CBK® Two-Day Crash Course is ideal for those working in positions such as, but not limited to: 

  • Enterprise Architect
  • Security Administrator
  • Systems Engineer
  • Security Architect
  • Security COnsultant
  • Security Engineer
  • Security Manager
  • Systems Architect

Requisite Skills

Not Applicable

CPEs for (ISC)Credentials – 16.0

(ISC)2 CCSP® Cloud Security Professional Online Instructor Led Course
Instructor: Fabio Cerullo

Fabio Cerullo, CISSP, CSSLP, SSCP, CCSP

Fabio Cerullo is an official certified instructor for (ISC)2, the global leader in information security education and certification. Fabio has over 14 years of experience in the information security field gained across a diverse range of industries ranging from financial and government institutions to software houses and start-ups.

As CEO & Founder of Cycubix, he helps customers around the globe by assessing their information security needs, defining policies and standards, implementing risk management initiatives, developing application security programs, as well as providing training on these subjects to developers, auditors, executives and security professionals.

As a member of the OWASP Foundation, Fabio is part of the Global Board whose mission is to help individuals and organizations strengthen their application security posture and build fruitful relationships with governments, industry and educational institutions.

He is a regular speaker at events organised by OWASP, ISACA and (ISC)2 among others; and provides commentary and written articles for specialised industry media (Computer Weekly, Infosecurity magazine, SiliconRepublic.com, etc)

Course Description

During this fast-paced, two-day online instructor led course you will cover the six domains covered by the (ISC)Certified Cloud Security Professional CBK. This fact-filled course will assist in your review of the CBK topics and deepen your knowledge of cloud computing and cloud information security. You will receive and utilize the official (ISC)2 Certified Cloud Security Professional certification credential study guide and materials published by (ISC)2

The instructor will utilize (ISC)2 course materials to guide you through the most pertinent information to understand prior to taking the examination. The two-day session will conclude with a post course assessment. 

  • Presentation. The facilitator will explain content to participants using PowerPoint to guide the presentation. Multiple examples will be used to clarify points.
  • Short Lecture/Discussion. The facilitator will engage participants in conversation by asking questions and encouraging them to respond. Participants will be encouraged to provide examples from their experience.
  • Individual/Group Activity. Participants may work in small teams or individually to study example problems and develop solutions based on course content. The facilitator will debrief with the entire class at the end of the activity.

Course Objectives

After completing this workshop, participants will understand:

  • Understand legal frameworks and guidelines that affect cloud services. 
  • Recognize the fundamentals of data privacy regulatory/legislative mandates. 
  • Assess risks, vulnerability, threats, and attacks in the cloud environment. 
  • Evaluate the design and plan for cloud infrastructure security controls. 
  • Evaluate what is necessary to manage security operations. 
  • Understand what operational controls and standards to implement.
  • Describe the types of cloud deployment models in the types of “as a service” cloud models currently available today.
  • Identify key terminology, and associated definitions related to cloud technology. Be able to establish a common terminology for use within your team or workgroup.
  • Build a business case for cloud adoption and be able to determine with business units the benefits of the cloud and cloud migration strategies.

Course Outline

Day 1: Certified Cloud Security Professional CBK® Two-Day Exam Review Seminar 

  • Introduction
  • Techniques and Methodology of Studying for and Taking Certification Examinations
  • Chapter 1: Cloud Concepts, Architecture, and Design 
  • Chapter 2: Cloud Governance: Legal, Risk, and Compliance
  • Chapter 3: Cloud Data Security
  • Session 1 Review

Day 2: Certified Authorization Professional CBK® Two-Day Review Seminar

  • Introduction
  • Chapter 4: Cloud Platform and Infrastructure Security
  • Chapter 5: Cloud Application Security
  • Chapter 6: Cloud Security Operations
  • Session 2 Review
  • CCSP Practice Assessment 

Who should attend?

(ISC)CCSP® Certified Cloud Security Professional CBK® Two-Day Crash Course is ideal for those working in positions such as, but not limited to: 

  • Enterprise Architect
  • Security Administrator
  • Systems Engineer
  • Security Architect
  • Security COnsultant
  • Security Engineer
  • Security Manager
  • Systems Architect

Requisite Skills

Not Applicable

CPEs for (ISC)Credentials – 16.0

(ISC)2 CCSP® Cloud Security Professional Online Instructor Led Course
Instructor: Ben Malisow

Ben Malisow, CISSP, CISM. CCSP, Security+

Ben Malisow has worked in the fields of education/training, communication, information technology, and security, and/or some combination of these industries, for over twenty years. Prior to his current position, Mr. Malisow has provided information security consulting services and training to a diverse host of clients, including the Defense Advanced Research Projects Agency (DARPA), the Department of Homeland Security (at TSA), and the FBI. He has also served as an Air Force officer, after graduating from the Air Force Academy.

An experienced trainer, Mr. Malisow has been an adjunct professor of English at the College of Southern Nevada, a computer teacher for troubled junior/senior high school students in Las Vegas, been a senior instructor for the University of Texas – San Antonio, and taught computer security certification prep classes for Carnegie-Mellon University’s CERT/SEI.

Mr. Malisow has published widely in many fields. His latest work is an ebook, How to Pass Your INFOSEC Exam, available via Amazon.

Course Description

During this fast-paced, two-day online instructor led course you will cover the six domains covered by the (ISC)Certified Cloud Security Professional CBK. This fact-filled course will assist in your review of the CBK topics and deepen your knowledge of cloud computing and cloud information security. You will receive and utilize the official (ISC)2 Certified Cloud Security Professional certification credential study guide and materials published by (ISC)2

The instructor will utilize (ISC)2 course materials to guide you through the most pertinent information to understand prior to taking the examination. The two-day session will conclude with a post course assessment. 

  • Presentation. The facilitator will explain content to participants using PowerPoint to guide the presentation. Multiple examples will be used to clarify points.
  • Short Lecture/Discussion. The facilitator will engage participants in conversation by asking questions and encouraging them to respond. Participants will be encouraged to provide examples from their experience.
  • Individual/Group Activity. Participants may work in small teams or individually to study example problems and develop solutions based on course content. The facilitator will debrief with the entire class at the end of the activity.

Course Objectives

After completing this workshop, participants will understand:

  • Understand legal frameworks and guidelines that affect cloud services. 
  • Recognize the fundamentals of data privacy regulatory/legislative mandates. 
  • Assess risks, vulnerability, threats, and attacks in the cloud environment. 
  • Evaluate the design and plan for cloud infrastructure security controls. 
  • Evaluate what is necessary to manage security operations. 
  • Understand what operational controls and standards to implement.
  • Describe the types of cloud deployment models in the types of “as a service” cloud models currently available today.
  • Identify key terminology, and associated definitions related to cloud technology. Be able to establish a common terminology for use within your team or workgroup.
  • Build a business case for cloud adoption and be able to determine with business units the benefits of the cloud and cloud migration strategies.

Course Outline

Day 1: Certified Cloud Security Professional CBK® Two-Day Exam Review Seminar 

  • Introduction
  • Techniques and Methodology of Studying for and Taking Certification Examinations
  • Chapter 1: Cloud Concepts, Architecture, and Design 
  • Chapter 2: Cloud Governance: Legal, Risk, and Compliance
  • Chapter 3: Cloud Data Security
  • Session 1 Review

Day 2: Certified Authorization Professional CBK® Two-Day Review Seminar

  • Introduction
  • Chapter 4: Cloud Platform and Infrastructure Security
  • Chapter 5: Cloud Application Security
  • Chapter 6: Cloud Security Operations
  • Session 2 Review
  • CCSP Practice Assessment 

Who should attend?

(ISC)CCSP® Certified Cloud Security Professional CBK® Two-Day Crash Course is ideal for those working in positions such as, but not limited to: 

  • Enterprise Architect
  • Security Administrator
  • Systems Engineer
  • Security Architect
  • Security COnsultant
  • Security Engineer
  • Security Manager
  • Systems Architect

Requisite Skills

Not Applicable

CPEs for (ISC)Credentials – 16.0

(ISC)2 CISSP® Certified Information System Security Professional Online Instructor Led Course
Instructor: Dr. Lyron H. Andrews

Dr. Lyron H. Andrews CISSP, CCSP, SSCP

Dr. Andrews has made a career in technology and information security management along with training that span nearly 25 years.

He began his career managing Novell 2.0 servers and Banyan Vines routers. He served as the network manager for the New York City Department of Education converting a 5,000-node token ring to a switched Ethernet network. He was the senior director of technology for Bertelsmann while spending his evenings as an adjunct professor at Columbia University. He combined his love of technology with academia to aid in establishing a university inside of BNY Mellon (bank founded by Alexander Hamilton in 1784) and worked as the dean for the school of client technology solutions.Between 2006-2008 he led the (ISC)2 train-the-trainer initiative for new instructors of the CISSP. He traveled to 28 countries delivering the course to some of the highest ratings while certifying instructors around the globe.

Course Description

During this fast-paced, two-day session, the eight domains of the (ISC)² CISSP common body of knowledge (CBK®) will be covered. This fact-filled course will review the topics within the CBK and deepen the participant’s knowledge of information security. Each day of the presentation will cover essential topics within various domains of the CBK, such as current security challenges, problem resolution, application security, network security, infrastructure planning, legal considerations, international privacy, investigations, and forensics, among other topics.

The instructor will utilize (ISC)² course materials to guide you through the most pertinent information to understand prior to taking the examination or to help enhance your current CISSP credential. The two-day session will conclude with a practice exam. For those students interested in deepening their knowledge, enrollment in this course also includes access to the Official (ISC)² On-Demand Training Seminar.

  • Presentation. The facilitator will explain content to participants using PowerPoint to guide the presentation. Multiple examples will be used to clarify points.
  • Short Lecture/Discussion. The facilitator will engage participants in conversation by asking questions and encouraging them to respond. Participants will be encouraged to provide examples from their experience.
  • Individual/Group Activity. Participants may work in small teams or individually to study example problems and develop solutions based on course content. The facilitator will debrief with the entire class at the end of the activity.

Course Objectives

After completing this workshop, participants will understand:

  • Understand and apply fundamental concepts and methods related to the fields of information technology and security.
  • Align overall organizational operational goals with security functions and implementations.
  • Understand how to protect assets of the organization as they go through their lifecycle.
  • Understand the concepts, principles, structures, and standards used to design, implement, monitor, and secure operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity, and availability.
  • Implement system security through the application of security design principals and the application of appropriate security control mitigations for vulnerabilities present in common information system types and architectures.
  • Understand the importance of cryptography and the security services it can provide in today’s digital and information age.
  • Understand the impact of physical security elements on information system security and apply secure design principals to evaluate or recommend appropriate physical security protections.
  • Understand the elements that comprise communication and network security coupled with a thorough description of how the communication and network systems function.
  • List the concepts and architecture that define the associated technology and implementation systems and protocols at Open Systems Interconnection (OSI) model layers 1–7.
  • Identify standard terms for applying physical and logical access controls to environments related to their security practice.
  • Appraise various access control models to meet business security requirements.
  • Name primary methods for designing and validating test and audit strategies that support business requirements.
  • Enhance and optimize an organization’s operational function and capacity by applying and utilizing appropriate security controls and countermeasures.
  • Recognize risks to an organization’s operational endeavors, and assess specific threats, vulnerabilities, and controls.
  • Understand the System Lifecycle (SLC) and the Software Development Lifecycle (SDLC) and how to apply security to it and identify which security control(s) are appropriate for the development environment and assess the effectiveness of software security.

Course Outline

Day 1: Certified Information Systems Security Professional CBK® Two-Day Introduction 

  • Course Introduction
  • Domain 1: New and Existing Practices in Security and Risk Management 
  • Domain 2: New and Existing Practices in Asset Security
  • Domain 3: New and Existing Practices in Security Engineering
  • Domain 4: New and Existing Practices in Communication and Network Security

Day 2: Certified Information Systems Security Professional CBK® Two-Day Introduction

  • Domain 5: New and Existing Practices in Identity and Access Management
  • Domain 6: New and Existing Practices in Security Assessment and Testing
  • Domain 7: New and Existing Practices in Security Operations
  • Domain 8: New and Existing Practices in Software Development Security
  • Wrap-up Quiz and Discussion

Who should attend?

The CISSP with Access to Self-Paces introduction is ideal for those working in positions such as, but not limited to:

  • Security consultant
  • Security manager
  • IT director/manager
  • Security auditor
  • Security architect
  • Programmer
  • Security analyst
  • Security systems engineer
  • Chief information security officer
  • Director of security
  • Network architect

Requisite Skills

Not Applicable

CPEs for (ISC)Credentials – 16.0

Technical Specifications
For all courses

A stable and continuous internet connection is required. In order to record your completion of the online learning courses, please ensure you are connected to the internet at all times while taking the course.

Hardware Specifications

  • Processor 2 GHz +
  • RAM 4 GB +
  • Monitor minimum resolution (1024 x 768)
  • Video Card
  • Keyboard and Mouse

Computer Peripherals

  • Speakers/Headphones – (Noise-cancelling headset is recommended)
  • Microphone
  • Web Camera

Supported Operating Systems

  • Macintosh OS X 10.10 to present
  • Windows 10 to present

Supported Browsers

  • Google Chrome
  • Microsoft Edge
  • Mozilla Firefox

 The system check will test JavaScript, Cookies, and Browser for compatibility.

Application Software