Tuesday, November 20, 2018

Cyber Security Certification Courses in Darien, Georgia


2019 Cyber Security Training Schedule

The courses listed below are instructor-led classroom format conducted at the Coastal Regional Commission of Georgia in Darien, Georgia.  We also conduct instructor-led online training via WebEx, and remote training at the client location upon request.  To discuss these options, or to find out about customized training solutions tailored specifically to your needs, please contact Michael Kaplan via email at michael@michaelikaplan.com.

All courses listed below are GTR:
"GUARANTEED TO RUN"






Disaster recovery and business continuity planning is the process of having a professional work with a business to prepare processes, policies, and procedures to follow in case of a disruption. The comprehensive Mile2 Certified Disaster Recovery Engineer certification course goes beyond traditional BCP training - preparing students for industry certification in Business Continuity planning and presenting the latest methodologies and best practices for real-world systems recovery. Students will receive a solid foundation of instruction that will enable them to create meaningful business continuity plans.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 Certified Information Systems Security Manager certification course covers the skills and knowledge to assess and analyze threats and risks posed to modern information systems. Topics covered in this course will include risk and incident management, security programs and CISO roles, Information Systems security strategy and frameworks, audit and risk management policy development, compliance and awareness. Students will also be prepared to address development, deployment, and maintenance of comprehensive disaster recovery and business continuity planning.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 Certified Incident Handling Engineer vendor-neutral certification course is designed to help Incident Handlers, System Administrators, and any General Security Engineers understand how to plan, create, and utilize their systems in order to prevent, detect and respond to attacks. This course also provides numerous hands-on laboratory exercises that focus on topics such as reconnaissance, vulnerability assessments using Nessus, network sniffing, web application manipulation, malware, using Netcat, and scenarios for both Windows and Linux systems.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




Disaster recovery and business continuity planning is the process of having a professional work with a business to prepare processes, policies, and procedures to follow in case of a disruption. The comprehensive Mile2 Certified Disaster Recovery Engineer certification course goes beyond traditional BCP training - preparing students for industry certification in Business Continuity planning and presenting the latest methodologies and best practices for real-world systems recovery. Students will receive a solid foundation of instruction that will enable them to create meaningful business continuity plans.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 Certified Information Systems Risk Manager certification course is designed for Information Technology and Information Security professionals involved with risk identification, assessment and evaluation, risk response, risk monitoring, IS control design and implementation, monitoring and maintenance. Students will receive comprehensive training built around 5 core competencies: Risk Identification Assessment and Evaluation, Risk Response, Risk Monitoring, IS Control Design, Implementation, and Control Monitoring / Maintenance.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 Certified Digital Forensics Examiner vendor-neutral certification course trains Cyber Crime and Fraud Investigator students using electronic discovery and advanced investigation techniques. This course is essential to anyone encountering digital evidence while conducting an investigation. Students will learn methodologies to implement forensically sound investigative techniques to evaluate scenes, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 vendor-neutral Certified Vulnerability Assessor certification course provides foundational knowledge of general VA tools as well as popular exploits with which an IT engineer should be familiar. This course is a fundamental cyber security certification course that focuses on vulnerability assessments. The student will be versed with basic malware and viruses and how they can infiltrate an organizations network. The student will also learn how to assess a company’s security posture and perform a basic vulnerability test to help secure the organization’s networking infrastructure.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 Certified Information Systems Security Manager certification course covers the skills and knowledge to assess and analyze threats and risks posed to modern information systems. Topics covered in this course will include risk and incident management, security programs and CISO roles, Information Systems security strategy and frameworks, audit and risk management policy development, compliance and awareness. Students will also be prepared to address development, deployment, and maintenance of comprehensive disaster recovery and business continuity planning.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




Disaster recovery and business continuity planning is the process of having a professional work with a business to prepare processes, policies, and procedures to follow in case of a disruption. The comprehensive Mile2 Certified Disaster Recovery Engineer certification course goes beyond traditional BCP training - preparing students for industry certification in Business Continuity planning and presenting the latest methodologies and best practices for real-world systems recovery. Students will receive a solid foundation of instruction that will enable them to create meaningful business continuity plans.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 Certified Information Systems Risk Manager certification course is designed for Information Technology and Information Security professionals involved with risk identification, assessment and evaluation, risk response, risk monitoring, IS control design and implementation, monitoring and maintenance. Students will receive comprehensive training built around 5 core competencies: Risk Identification Assessment and Evaluation, Risk Response, Risk Monitoring, IS Control Design, Implementation, and Control Monitoring / Maintenance.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




The Mile2 vendor-neutral Certified Vulnerability Assessor certification course provides foundational knowledge of general VA tools as well as popular exploits with which an IT engineer should be familiar. This course is a fundamental cyber security certification course that focuses on vulnerability assessments. The student will be versed with basic malware and viruses and how they can infiltrate an organizations network. The student will also learn how to assess a company’s security posture and perform a basic vulnerability test to help secure the organization’s networking infrastructure.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training




Disaster recovery and business continuity planning is the process of having a professional work with a business to prepare processes, policies, and procedures to follow in case of a disruption. The comprehensive Mile2 Certified Disaster Recovery Engineer certification course goes beyond traditional BCP training - preparing students for industry certification in Business Continuity planning and presenting the latest methodologies and best practices for real-world systems recovery. Students will receive a solid foundation of instruction that will enable them to create meaningful business continuity plans.

Course Duration: 4 Days | Course Fee: $2,750 (lunches included) | Register for Training


Wednesday, August 29, 2018

WTOC News: Don't Be a Victim - Cyber Scamming


(CLICK GRAPHIC ABOVE TO WATCH VIDEO INTERVIEW)



SAVANNAH, GA (WTOC) - Scammers are always trying to get their hands on your information and your money. There is one segment of the population they seem to target more than others. 

In this week's 'Don't be a Victim' report, we spoke to a Cyber Security expert about why it's so important for seniors to be on guard. 

"It's the kids and the senior citizens who make up about 90 percent of the people who get it," Michael Kaplan said. 

Michael Kaplan is a Cyber Security Instructor. We caught up with him as he gave seniors an important lesson at the JEA (Jewish Educational Alliance) in Savannah. 

"Every two seconds, somebody else is getting hit by identity theft."

"Giving them ways to spot malicious e-mails, phishing scams, getting rid of some of the misconceptions and just giving them some tips so that they are safe. They are a very vulnerable section of the population," Kaplan said.

(CLICK GRAPHIC ABOVE TO WATCH VIDEO INTERVIEW)

One in 10 seniors will typically experience some kind of fraud each year, with criminals trying to get information any way they can. 

"Most of them are going to be over the phone. Others are fraudulent ways to steal information: duplicating sites that they would normally go to, asking for follow-up surveys, and basically getting their personally identifiable information, dropping a virus and then capturing all their personal information to go clean out accounts," Kaplan said. 

Some advice that can keep you from becoming a victim online includes using antivirus software, not using the same or obvious passwords, and not sending financial information through e-mail. Also, make sure your wireless network is protected. 

"And there are those cues, there are those things; you don't need to be a technical expert, you just need to be more aware. You need to be aware of these and more aware of your environment, and if you pay attention, you can stay ahead of the game," Kaplan said. 

Don't be a victim. 

Copyright 2018 WTOC. All rights reserved.

Friday, August 10, 2018

Mile2 Cyber Security Briefing at Coastal Regional Commission of Georgia



It was a pleasure to represent Mile2 Cyber Security at the Coastal Regional Commission's Board Meeting on August 08, 2018 at the Richmond Hill City Center.  The Coastal Regional Commission (CRC) is comprised of 10 counties and 35 cities, and serves municipal and county governments.  Its headquarters in Darien is now a Mile2 authorized training center, and will be offering cyber security training and certifications to public and private entities in their region.


This initiative to provide training goes beyond securing data and systems.  The State of Georgia currently has 11,000 cyber security positions throughout the state that remain vacant.  The reason?  There are not enough qualified candidates with proper certifications to fill these vacancies.  Our plan for training and certification programs addressed workforce, economic and professional development as well as security.


There were many key decision-makers in attendance for this briefing representing both public and private sector interests in the region. They included Mayors, Commissioners, Councilmen, City Managers, Congressional Representatives, and leaders from industry and academia.  While the questions and concerns were varied, everyone agreed that cyber security training and certification were high-priority issues with long-term consequences.

My heartfelt thanks goes out to Allen Burns, Executive Director of the CRC, for the opportunity to present to this distinguished audience.  I look forward to working with the municipalities that make up the Coastal Regional Commission to stand up their cyber security training capabilities.

###

For additional information, please review the Cyber Security Training Schedule or contact me directly via email at michael@michaelikaplan.com .

Friday, August 3, 2018

Cyber Security Training: Certified Disaster Recovery Engineer




TRAINING LOCATION

Coastal Regional Commission of Georgia
1181 Coastal Drive SW, Darien, GA 31305


COURSE DESCRIPTION
Disaster Recovery and Business Continuity Planning is the process of having a professional work with a business to prepare processes, policies, and procedures to follow in case of a disruption. The comprehensive Mile2 Certified Disaster Recovery Engineer certification course goes beyond traditional BCP training - preparing students for industry certification in Business Continuity planning and presenting the latest methodologies and best practices for real-world systems recovery. Students will receive a solid foundation of instruction that will enable them to create meaningful business continuity plans.


This certification course has been validated by the NSA for: CNSS-4016, National Information Assurance Training Standards for Risk Analysis. This course maps to ISO 22301 Lead Auditor and Implementer.


(VIEW ALL MILE2 COURSES ON NICCS.US-CERT.GOV)


ABOUT THE INSTRUCTOR

Michael I. Kaplan is a Mile2 Cyber Security Instructor, Authorized Training Center, and a passionate advocate for military veteran issues with 21 years of experience in the security industry. His industry areas of specialization are Program Management and Implementation, IT Risk Assessment, and Information Systems Audit / Compliance. He also has a high degree of expertise regarding conformance to Cyber Security Frameworks including HIPAA Compliance (HITECH, GAPP), NIST SP 800 Series, ISO 27000 Series, PCI-DSS, SSAE 16 (SOC1, SOC2), and FedRAMP.


LEARNING OBJECTIVES



1. Intro to Disaster Recovery Training

6. Implementation Phase



2. Business Impact Analysis

7. BCP Testing and Exercises



3. Risk Analysis

8. Plan Maintenance and Updates



4. BCP Design and Development

9. Pandemic Responses and Strategies



5. IT Recovery Strategies

*  Meet Other Professionals and Have FUN


COURSE FEES INCLUDE

Materials:
 Hard Copy (Provided at Training Location)

A 15% discount is available for all
members of our military affiliated
communities. For information on
how to receive a discount code,
please contact Michael I. Kaplan:

Michael@michaelikaplan.com

 - Course Text / Workbook

 - Course Lab Manual

 - Text: Key Security Concepts & Definitions

 - Text: Exam Prep Guide

 - Cool SWAG



 Electronic (Loaded in Student Account)

 * Access to digital content for 1-year

 - Course Text / Workbook

 - Course Lab Manual

 - Course Video Series

 - CEU Completion Certificate

 - Course Prep Guide

 - Course Exam Simulator



 Exam Voucher

 - Re-Take Exam Voucher (if needed)

STUDENT COURSE FEE:
(BEFORE DISCOUNT)

$2,750


REGISTER NOW FOR YOUR CYBER SECURITY CERTIFICATION

 Electronic Registration & Payment
 Link:

 Check / Purchase Order (Please contact Michael I. Kaplan via email or phone.)
 - PHONE: (912) 244-0394

"Providence Favors the Prepared Mind."

Friday, July 27, 2018

Cyber security isn't something you BUY - it's something you DO.


(Click graphic above to view the full interview.)



Michael I. Kaplan, Mile2 Cyber Security Instructor, speaks with Tim
Guidera at WTOC News about the growing need for certified professionals.


Cyber security isn't something you BUY ... it's something you DO.  It's not spooky equipment placed on a network by IT professionals.  It's a system comprised of people, processes and technology which, when combined effectively, provides a powerful defense against malicious actors.

Unfortunately, many decision-makers view cyber security as an afterthought, an add-on, to be incorporated at the last minute and only when necessary.  That's a mistake.

Cyber security is a critical component of all technologies that must be intrinsically woven into the fabric of the entire system development life cycle.  When leaders in the public and private sectors come to terms with that reality, they'll be much better prepared to mitigate escalating threats that will only increase exponentially over time.

Please feel free to leave your comments about the interview below, and remember:

"There's No Need to Out-Fight Anyone You Can Out-Think."

Thursday, July 12, 2018

Fox28 News: Cyber Security Training Program Launches in Coastal Georgia


(Click the graphic above to watch the Fox28 interview)


Recent events have proven just how vulnerable Georgia really is to cyber attacks launched by malicious hackers. In February, an attack against the City of Savannah crippled employees of Chatham County’s Recorder’s Court, while a separate attack against the City of Hinesville took government phone systems and email offline. One month later in March, a ransomware attack brought the City of Atlanta to its knees, and is expected to cost taxpayers more than $3 million to restore and replace IT infrastructure.

Despite these glaring vulnerabilities, almost 11,000 cyber security jobs in the State of Georgia remain vacant. The reason? There aren’t enough qualified candidates with the proper training to fill the open positions.

If you're interested in attending the Mile2 cyber security certification courses being offered at the Coastal Regional Commission of Georgia in Darien, please contact Michael via the information listed below.



PHONE912.244.0394  |  EMAILMichael@michaelikaplan.com

Thursday, July 5, 2018

Earn Your C)VA Cyber Security Certification in SEPTEMBER!





TRAINING LOCATION

Coastal Regional Commission of Georgia
1181 Coastal Drive SW, Darien, GA 31305


COURSE DESCRIPTION
The Mile2 vendor-neutral Certified Vulnerability Assessor certification course provides foundational knowledge of general VA tools as well as popular exploits with which an IT engineer should be familiar. This course is a fundamental cyber security certification course that focuses on vulnerability assessments.  The student will be versed with basic malware and viruses and how they can infiltrate an organizations network. The student will also learn how to assess a company’s security posture and perform a basic vulnerability test to help secure the organization’s networking infrastructure.


This certification course is mapped to NIST / Department of Homeland
Security NICE Cyber Security Workforce Development Framework.




ABOUT THE INSTRUCTOR
Michael I. Kaplan is a Mile2 Partner Development Manager, certified Cyber Security Instructor, and a passionate advocate for military veteran issues with 21 years of experience in the security industry. His industry areas of specialization are Program Management and Implementation, IT Risk Assessment, and Information Systems Audit / Compliance. He also has a high degree of expertise regarding conformance to Cyber Security Frameworks including HIPAA Compliance (HITECH, GAPP), NIST SP 800 Series, ISO 27000 Series, PCI-DSS, SSAE 16 (SOC1, SOC2), and FedRAMP.


LEARNING OBJECTIVES



1. The Importance of Vulnerability Assessment

5. Assessing Web Servers



2. Types and Categories of Vulnerabilities

6. Assessing Remote and VPN Services



3. Risk Assessment and Valuation

7. Vulnerability Assessment Tools and Resources



4. Assessing the Network

8. Output Analysis and Reporting


COURSE FEES INCLUDE

Materials:
 Hard Copy (Provided at Training Location)

A 15% discount is available for all
members of our military affiliated
communities. For information on
how to receive a discount code,
please contact Michael I. Kaplan:


 - Course Text / Workbook

 - Course Lab Manual

 - Text: Key Security Concepts & Definitions

 - Text: Exam Prep Guide

 - Cool SWAG



 Electronic (Loaded in Student Account)

 * Access to digital content for 1-year

 - Course Text / Workbook

 - Course Video Series

 - CEU Completion Certificate

 - Course Prep Guide

 - Course Exam Simulator





 Exam Voucher

 - Re-Take Exam Voucher (if needed)


STUDENT COURSE FEE:
(BEFORE DISCOUNT)

$2,500


REGISTER NOW FOR YOUR CYBER SECURITY CERTIFICATION

 Electronic Registration & Payment

 Check / Purchase Order (Please contact Michael I. Kaplan via email or phone.)
 - PHONE: (912) 244-0394



DETAILED COURSE DESCRIPTION

Module 1: The Importance of Vulnerability Assessment



Overview

Categorizing Risk
What is a Vulnerability Assessment?

Types and Examples of Risk
Benefits of a Vulnerability Assessment

Different Approaches to Analysis
What are Vulnerabilities?

Qualitative Analysis
Security Vulnerability Life Cycle

Quantitative Analysis
Compliance and Project Scoping

Use of ALE Values
The Project Overview Statement

Examples of ALE
Assessing Current Network Concerns

ARO Values and Meanings
Vulnerabilities in Networks

Calculating ALE Values
Network Vulnerability Assessment Methodology

Comparing Cost and Benefit
Phase 1: Data Collection

Countermeasure Criteria
Phase II: Interviews, Reviews, and Investigations

Calculating Cost / Benefit
Phase III: Analysis

Management’s Response to Identified Risks
Risk Management

Policy Review Methodology (Top Down)
Why is Risk Management Difficult?

Types of Policy Goals
Risk Analysis Objectives

Industry Best Practice Standards
Putting Together the Team and Components

Components Supporting Security Policy
What is the Value of an Asset?

Technical Methodology (Bottom Up)
Examples of Non-Obvious Vulnerabilities

Review

Module 2: Types and Categories of Vulnerabilities



Overview

Information Leaks
Critical Vulnerability Types

Memory Disclosure
Buffer Overflows

Network Information
URL Mapping to Web Applications

Version Information
IIS Directory Traversal

Path Disclosure
Format String Attacks

User Enumeration
Default Passwords

Denial of Service
Misconfigurations

Industry Best Practices
Known Backdoors

Review

Module 3: Assessing the Network



Overview

Automating Enumeration
Network Security Assessment Platform

SMTP Probing
Virtualization Software

NMAP: Is the Host Online?
Operating Systems

ICMP Disabled?
Exploitation Frameworks

NMAP TCP Connect Scan
Internet Host and Network Enumeration

TCP Connect Port Scan
Web and Newsgroup Search Engines

Tool Practice: TCP Half-Open Scan
Foot-Printing Tools

Tool Practice: TCP Port Scan
Blogs and Forums

Firewalled Ports
Google Groups / USENET

NMAP Service Version Protection
Google Hacking

NMAP UDP Scans
Google Query Operators

UDP Port Scans
Domain Name Registration

Null Sessions
WHOIS

Syntax for Null Sessions
BGP Querying

SMB Null Sessions
DNS Databases

Hardcoded Named Pipes
Using NSLOOKUP

Windows Networking Service
Dig for Unix / Linux

Countermeasures
Web Server Crawling

Review

Module 4: Assessing Web Servers



Web Servers

Parameter Modification
Fingerprinting Accessible Web Servers

SQL Injection Enumeration
Identifying Reverse Proxy Mechanisms

SQL Extended Stored Procedures
Assessing Reverse Proxy Mechanisms

Shutting Down SQL Servers
Proxy Mechanisms

Direct Attacks
Identifying Subsystems / Enabled Components

SQL Connection Properties
Basic Web Server Crawling

Attacking Database Servers
Web Application Technologies Overview

Obtaining Sensitive Information
Web Application Profiling

URL Mapping to Web Applications
HTML Sifting and Analysis

Query Strings
Backend Database Technology Assessment

Changing URL Login Parameters
Why SQL “Injection”?

IIS Directory Traversal
Web Application Attack Strategies

Cross-Site Scripting (XSS)
Web Application Vulnerabilities

Web Security Checklist
Authentication Issues

Review

Module 5: Assessing Remote and VPN Services



Overview

Remote Maintenance Services
Remote Information Services

FTP
Retrieving DNS Service Version Information

SSH
DNS Zone Transfers

Telnet
Forward DNS Grinding

X Windows
Finger

Citrix
AUTH

Microsoft Remote Desktop Protocol
NTP

Virtual Network Computing
SNMP

Assessing IP VPN Services
Default Community Strings

Microsoft PPTP
LDAP

SSL VPN’s
RWHO Command

Review
RPC Users



Module 6: Vulnerability Assessment Tools and Resources



Vulnerability Scanners

Microsoft Baseline Analyzer
Nessus

MBSA Scan Report
SAINT – Sample Report

Dealing with Assessment Results
RETINA

Patch Management Options
QualysGuard

Review
LanGuard



Module 7: Output Analysis and Reporting



Overview

GFI LanGuard
Staying Abreast: Security Alerts

GFI Reports
Vulnerability Research Sites

MBSA
Nessus

MBSA Reports
SAINT

Review
SAINT Reports




REGISTER NOW FOR YOUR CYBER SECURITY CERTIFICATION

 Electronic Registration & Payment

 Check / Purchase Order (Please contact Michael I. Kaplan via email or phone.)
 - PHONE: (912) 244-0394