Certified Information Security Consultant - PCI DSS, Firewall Rulebase Analysis, AuditPro, Firesec, Security Assessment and Audit Software for all versions of Operating Systems, Databases, Routers, Switches, Windows, Unix, Linux, Oracle, MS SQL, IBM DB2, Cisco PIX, Cyberguard, Netscreen, Checkpoint Firewalls, GFI Languard, in India, Mumbai, Hyderabad, Delhi, Bangalore, Chennai, Kolkatta, UAE, Dubai, Kuwait, Bahrain, Qatar, Saudi Arabia, Malaysia, Singapore, Thailand, Far East, USA, Europe, North America.

Quick Links

Training Curriculum

Training Calendar

About Us

e-Learning Curriculum

Certified Information Security Consultant (CISC)

Certified Information Security Consultant

The Certified Information Security Consultant is a program designed to make you an expert consultant in the domain of information security. While most certification programs are geared towards purely technical know-how, the CISC also arms you with the necessary consulting skills in order to help you make your mark in this exciting field. The best part about the CISC is the fact that you get hands-on practical training on live projects. It covers a wide variety of topics, starting right from the basics, and then leading up to compliance standards, and even forensics and cyber crime investigations.

Why should you attend this course?

The CISC is the only completely hands-on, real-world oriented security certification. It is a course designed by security professionals, and for security professionals. You get personally mentored by the best in the business. Check out the profiles of our team members to know more about your mentors. This is a group of people who have worked on prestigious international projects, presented at the leading security conferences around the world, and written numerous books and articles.

The CISC has been designed by security expert, K. K. Mookhey, who brings almost a decade of information security experience, and consulting experience with clients such as the United Nations, World Customs Organization, Atos Origin, State Bank of India, Dubai Stock Exchange, Saudi Telecom, and numerous others. He is a well-known trainer and has also presented at numerous security conferences, including Blackhat, Interop, and IT Underground. He is also the other of two books on information security, and numerous articles.

How does the CISC work?

The CISC is an 16 day (8 weekends) training program, which comprehensively covers all the main aspects of information security. Our mentors are available to help you clear up concepts, discuss technical issues, and take you through the entire courseware. After the CISC you have the option of signing up for a 1 month intensive hands-on internship program, which will help you get the practical exposure on live projects and radically improve your skillset. This could be done during weekdays as well while you are studying for the CISC, or it could be done on weekends or weekdays after your CISC training is over.

The CISC is for experienced IT professionals who would like to fill in the missing gaps in their security domain knowledge or skills. Say for instance, that you've been a network administrator and are very well-versed with firewall configurations, VLANs, Active Directory, etc. However, you lack knowledge regarding the compliance standards such as ISO 27001, ISO 20000, BS 25999, as well as security auditing of databases and operating systems, etc. The CISC fits in precisely in such scenarios, and helps you develop a well-rounded portfolio of information security skills and know-how. Additionally, to get to the next level, we'll also train you on presentation skills, report writing, and business communication.

For those looking at obtaining a position as security consultants or security managers, you need not look further than the 8-week CISC program. For those, who are looking to break into the security domain, you should probably also evaluate doing the 2 month hands-on practical internship.

What live projects would I be working on?

The USP of the CISC is the fact that you'll be put on live projects. Once you've completed your study material, and have cleared the tests you will be put as an understudy on the actual projects being executed at our firm. These include penetration testing projects, compliance projects, security audits, etc. You may either be involved for the entire project or for parts of the project. The duration of the practical training will be of 2 months.

What are my options after the CISC?

The whole world opens up to you after the CISC. The opportunities are many and quite lucrative. Depending on your previous experience, and your performance during the CISC:

You could join NII as a Security Analyst
You could do a short internship at NII
We will help you find placements within the industry
You will also automatically be prepared for the CPH (Certified Professional Hacker) certification
You will also automatically be prepared for the CISSP (Certified Information Systems Security Professional) certification

Course Contents

Session One: Information Security Concepts

Module 1: The CIA Triad
Module 2: Identification, Authentication and Authorization
Module 3: Security Principles and Models

Session Two:Compliance Standards

Module 4: ISO 27001
Module 5: ISO 20000
Module 6: BS 25999
Module 7: PCI DSS
Module 8: ITIL framework
Module 9: Cobit framework

Session Three:Business Continuity and Disaster Recovery Planning

Module 10: Introduction
Module 11: Business Continuity Planning (BCP)
Module 12: Disaster Recovery Planning (DRP)

Session Four:Physical Security

Module 13: Introduction
Module 14: Facility Requirement
Module 15: Perimeter Security
Module 16: Fire Protection
Module 17: Fire Suppression
Module 18: Power Protection
Module 19: General Environmental Protection
Module 20: Equipment Failure Protection

Session Five:TCP / IP Fundamentals The founding blocks for any information security professional

Module 21: Introduction to TCP/IP
Module 22: Features of TCP/IP
Module 23: Protocol Standards
Module 24: TCP / IP Protocol Architecture

Session Six:Network Security

Module 25: Secure Network design
Module 26: DMZ
Module 27: VLANs
Module 28: Firewalls
Module 29: IDS / IPS
Module 30: WLAN Security
Module 31: VPNs
Module 32: Telecommunications
Module 33: Types and Sources of Network Threats

Session Seven:Operating System Security

Module 34: Security Fundamentals
- Module 34.1: Windows
- Module 34.2: UNIX
- Module 34.3: Solaris

Session Eight:Database Security

Module 35: Oracle
Module 36:MS SQL
Module 37: Sybase

Session Nine:Web Application Security

Module 38: Introduction and Case Studies
Module 39:Web Application Vulnerabilities
Module 40: Secure Coding Techniques
Module 41: Continuous security testing and assessments

Session Ten:Ethical Hacking

Module 42: Network Cartography
Module 43:Exploitation
Module 44: Social Engineering
Module 45: Honey Pots
Module 46: Password Cracking
Module 47: Esoteric Hacking
Module 48: Cryptography
Module 49: Hands On

Session Eleven: Digital Forensics

Module 50: Hacking Incidents
Module 51:Defining Forensics Process
Module 52: Digital Forensics Essentials - The six A's
Module 53: Preserving the Chain of Custody
Module 54: Disk Based Forensics V/s Network Based Forensics
Module 55: Training on Encase and advanced digital forensics techniques.

Session Twelve: Indian IT Act 2000 and Other Cyber Laws