 |
 |
 |
|||
 |
Virtualization Security and Audit: Are You For Real? Seminar Focus and Features Organizations have widely adopted virtualization products and services driven primarily by operational efficiency. However, virtualization has some negative security implications. For example, virtualization adds layers of technology, which can increase the security management burden by necessitating additional security controls. Also, when you combine systems onto a single physical computer you have a bigger problem when a security compromise occurs. Further, some virtualization systems make it easy to share information between systems. This one-day seminar is designed to provide professionals with the information and tools they need to protect their virtualized environments. The seminar helps you to understand virtualization threats and how to protect your organization from these threats. It presents a practical framework for developing effective virtualization security and audit programs for organizations of any size. In addition, you will learn how to evaluate built-in and add-on safeguards for virtualization. Who Should Attend
What You Will Learn A. Introducing Virtualization 1. Virtualization defined 2. Virtualization drivers 3. Virtualization advantages and disadvantages 4. Typical topologies 5. Virtualization evolution 6. Types of virtualization 7. Virtualizing hardware 8. Virtualization services 9. Virtualization use cases 10. Virtualization standards B. Virtualization Issues 1. Changing security landscape 2. Memory leak 3. Separation of duties 4. Protecting the virtual fabric 5. Log management 6. Change management 7. Patch management 8. Configuration management 9. Forensics C. Virtualization Security Overview 1. Guest OS isolation 2. Guest OS monitoring Virtualization Security and Audit: Are You For Real? 3. Image and snapshot management 4. Hypervisor security 5. Guest OS security 6. Virtualized infrastructure security 7. Desktop virtualization security D. Secure Virtualization Planning and Deployment 1. Initiation 2. Planning and design 3. Implementation 4. Operations and maintenance 5. Disposition E. Testing Your VoIP Security 1. Checklists 2. Probes 3. Footprinting and scanning your network 4. Vulnerability testing 5. Denying service
Who Will Present Peter Davis (CISA, CISSP, CSP, CMA, ISP, CNA, CMC, CCNA, CWNA, CISM, ITIL FL, COBIT FL, ISSPCS, SSGB, PMP, CGEIT) is the Principal of Peter Davis+Associates (http://www.pdaconsulting.com), a management consulting firm specializing in the IT governance, security, and audit. Prior to founding PDA, Mr. Davis' private sector experience included stints with two large Canadian banks and a manufacturing company. He was formerly a principal in the Information Systems Audit practice of Ernst & Young. In the public sector, Mr. Davis was Director of Information Systems Audit in the Office of the Provincial Auditor (Ontario). A 28-year information systems audit and security veteran, Mr. Davis' career includes positions as security administrator, security planner, consultant, and information systems auditor. Mr. Davis also is the past President and founder of the Toronto ISSA chapter, past Recording Secretary of the ISSA’s International Board and past Computer Security Institute Advisory Committee member. In addition, he was a member of the international committee formed to develop Generally Accepted System Security Principles (GSSP). Mr. Davis has written or co-written 12 books including “Lean Six Sigma Secrets for the CIO,” “Hacking Wireless Networks for Dummies,” “Wireless Networks for Dummies,” “Computer Security for Dummies,” “Securing Client/Server Computer Networks,” and “Securing and Controlling Cisco Routers.” Peter is listed in the International Who’s Who of Professionals. He is a past Editor of EDPACS, a monthly publication for security and audit professionals.
|
 |
|||
 |
 |
 |
|||
 |
 |
|
 |
All contents of this Web site, except where expressly stated, are the copyrighted property of this IIA affiliate.
|
 |
 |
 |