Certified Information System Security Professional (CISSP) CBK Review Training Course

Course Description

A comprehensive course focused on AI security, governance, compliance, and risk management for enterprise implementations. Designed for security professionals, compliance officers, and technology leaders responsible for secure AI deployment and governance frameworks.

This course is designed to help participants build organizational resilience against a range of threats, enabling organizations to respond effectively to incidents, maintain business operations, and safeguard their interests.

For whom it is intended:

Anyone working in the fields of information security and information assurance.

What you will learn:

Candidates will be expected to demonstrate:

• How effective management of information risk delivers significant business benefits.
• How to explain and fully utilise information risk management terminology.
• How to carry out threat and vulnerability assessments, business impact analyses, and risk assessments.
• The core principles of controls and risk treatment.
• How to present findings in a format that serves as the foundation for a risk treatment plan.
• The application of information classification schemes.

The EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

This instructor-led, live training in Uzbekistan (online or onsite) is designed for beginner to intermediate system administrators and security professionals who want to learn how to deploy Cloudflare for content delivery and cloud security, as well as defend against DDoS attacks.

Upon completion of this training, participants will be able to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Deploy Cloudflare for content delivery and caching.
• Protect their websites from DDoS attacks.
• Create firewall rules to restrict traffic to their websites.

Description:

This course is designed as intensive, focused preparation for the ISACA Certified in Risk and Information Systems Control (CRISC) examination. It comprehensively covers the latest four (4) domains of the official ISACA CRISC syllabus, with a strong emphasis on exam readiness. Attendees will also receive the Official ISACA CRISC Review Manual and the Question, Answer, and Explanation (Q,A&E) supplements. The Q,A&E resource is particularly valuable in helping participants understand the style of questions used by ISACA, the type of responses expected, and in facilitating rapid assimilation and retention of the course material.

The technical skills and professional practices promoted and evaluated through the CRISC certification form the foundation for success in the field. Holding the CRISC credential demonstrates a high level of expertise within the profession. With increasing demand for professionals skilled in risk and control management, ISACA’s CRISC has become the preferred certification program for individuals and enterprises worldwide. Achieving the CRISC certification reflects a commitment to serving an enterprise and the profession with distinction.

Objectives:

• To equip you to pass the CRISC examination on your first attempt.
• To demonstrate your dedication to serving an enterprise with distinction through professional certification.
• To position yourself for enhanced career opportunities and competitive salaries, given the growing demand for professionals with risk and control expertise.

You will learn:

• How to help organisations achieve their business objectives by designing, implementing, monitoring, and maintaining risk-based, efficient, and effective information systems controls.
• The technical skills and practices promoted by CRISC, which serve as the foundational elements for success in the field.

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at intermediate-level IT professionals who wish to enhance their skills in identifying and managing IT risk and implementing information systems controls, and prepare for the CRISC certification exam.

By the end of this training, participants will be able to:

• Understand the governance and risk management aspects of IT.
• Conduct IT risk assessments and implement risk responses.
• Design and implement information systems controls.
• Prepare effectively for the CRISC certification exam.

This instructor-led, live training in Uzbekistan (online or onsite) is designed for supply chain professionals who aim to establish effective control and oversight of their supply chain, particularly in relation to cybersecurity.

By the end of this training, participants will be able to:

• Identify security oversights that could cause significant damage and disruption to a supply chain.
• Break down complex security challenges into manageable and actionable components.
• Tackle common supply chain vulnerabilities by analysing high-risk areas and engaging with key stakeholders.
• Adopt best practices for securing a supply chain.
• Significantly reduce or eliminate the most critical risks to an organisation's supply chain.

This instructor-led, live training in Uzbekistan (online or onsite) is designed for intermediate to advanced IT professionals and business leaders aiming to develop a structured approach to handling data breaches.

Upon completion of this training, participants will be able to:

• Grasp the causes and consequences of data breaches.
• Formulate and execute strategies to prevent data breaches.
• Create an incident response plan to contain and mitigate breaches.
• Perform forensic investigations and evaluate the impact of breaches.
• Adhere to legal and regulatory obligations regarding breach notification.
• Recover from data breaches and enhance overall security postures.

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

This training course explains how information security risk assessment is conducted by integrating the principles of ISO/IEC 27005:2022 with ISO/IEC 27001. In addition to theoretical knowledge, the course includes practical exercises, quizzes, and case studies, making it a highly engaging learning experience.

Description:

This is a 'Practitioner' course that places strong emphasis on practical exercises designed to reinforce the concepts taught and to build delegates' confidence in implementing business continuity management. The course also fosters debate and encourages the exchange of knowledge and experience among participants.
Delegates will benefit from the extensive practical expertise of our trainers, who are active practitioners in business continuity management and specialists in ISO 22301:2019.

Delegates will learn how to:

• Explain the necessity of business continuity management (BCM) in all organisations
• Define the business continuity lifecycle
• Conduct business continuity programme management
• Understand their organisation well enough to identify mission-critical impact areas
• Determine their organisation's business continuity strategy
• Establish a business continuity response
• Exercise, maintain, and review plans
• Embed business continuity within an organisation
• Define terms and definitions relevant to business continuity

By the end of the course, delegates will have a comprehensive understanding of all key components of business continuity management and will be equipped to return to their workplaces and make a significant contribution to the business continuity management process.

This instructor-led, live training in Uzbekistan (available online or on-site) is designed for security engineers who wish to utilize IBM Qradar SIEM to tackle pressing security use cases.

By the end of this training, participants will be able to:

• Gain comprehensive visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to proactively hunt threats and contain risks.
• Detect, identify, and prioritize security threats effectively.

This instructor-led, live training in Uzbekistan (online or on-site) is designed for developers who wish to integrate Snyk into their development tools to identify and resolve security issues within their code.

By the end of this training, participants will be able to:

• Understand the features and structure of Snyk.
• Use Snyk to detect and fix code security issues.
• Integrate Snyk into the software development lifecycle.

This program explores fundamental principles of security and IT security, focusing on strategies to defend against network-based threats. Learners will develop a solid grasp of critical security protocols and the security frameworks underlying web services. Practical labs and threat modeling exercises will incorporate references to recent cryptosystem attacks and associated vulnerabilities to enhance understanding.