Skip Ribbon Commands
Skip to main content

CSLO - Certified Security Leadership Officer


Duration: 5 Days




Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

​The Certified Security Leadership Officer course is designed to give management an essential understanding of current security issues, best practices, and security technology. Because a C)SLO understands security, he or she is prepared to manage the security component of a business and its information technology security projects. A C)SLO can be seen as the bridge between those who understand security and those who don’t. These skills can be put to use the day the a C)SLO returns to work.

Essentials topics covered in this management track include:

Network Fundamentals and Applications, Hardware Architecture, Information Assurance Foundations, Computer Security Policies, Contingency and Continuity Planning, Business Impact Analysis, Incident Handling, Architectural Approaches to Defense in Depth, Cyber Attacks, Vulnerability Assessment and Management, Security Policies, Web Security, Offensive and Defensive Information Warfare, culminating with Management Practicum

Course Objectives

​Upon CompletionStudents will:

        Have knowledge to understand current security issues

        Have knowledge to manage security component of projects

        Be ready to sit for the C)SLO Exam

Related / Follow-on Courses:

After completing the C)SLO course and achieve certification, we recommend you to further develop your security skillset by being certified as a C)IHE: Certified Incident Handling Engineer, which will prepare you to handle the toughest security situations effectively.

C)DRE:Disaster Recovery Engineer

Course Content

With 30 up-to-date Modules, the Certified Security Leadership Officer will teach you security best practices applicable to keeping the information you are entrusted secure and how to respond in the toughest situations

Course Audience

​The C)SLO is a course on cyber security designed for those who want to lead. If you are currently in charge of a company's security or are preparing to be a leader in the near future, the Certified Security Leadership Officer course and certification will prepare you to excel in your responsibilities.

Course Outline

​Wireless Networks 802.11


Airborne Viruses

Types of Wireless

Standards Comparison

Wireless Network Topologies

SSID (Service Set Identity)

Wireless Technologies: Service Set ID

Securing and Protecting Wireless Best Practices

Typical Wired/Wireless Network

802.1X: EAP Types

EAP Advantages/Disadvantages

EAP/TLS Deployment

New Age Protection

New Age Protection

Wireless Security Technologies

MAC Filtering

Wired Equivalent Privacy

Wireless Technologies: WEP

XOR: Basics

How WPA improves on WEP

How WPA improves on WEP


802.11i: WPA2

WPA and WPA2 Mode Types

WPA-PSK Encryption


Wireless Security Weaknesses

Weak IV Packets

WEP Weaknesses

The WPA MIC Vulnerability

LEAP Weaknesses

Wireless Threats


Tool: Kismet

Analysis Tool: OmniPeek Personal

Omni Peek Console

Tool: Aircrack-ng Suite

Tool: Airodump-ng

Tool: Aireplay

DOS: Deauth/disassociate attack

Tool: Aircrack

Aircrack for Windows

Attacking WEP

Attacking WPA


Exploiting Cisco LEAP





Access Control

Role of Access Control

Layers of Access Control

Access Control Mechanism Examples

Access Control Characteristics

Preventive Control Types

Control Combinations

Models for Access

Discretionary Access Control Model

Enforcing a DAC Policy

Mandatory Access Control Model

MAC Enforcement Mechanism: Labels

Where Are They Used?

MAC Versus DAC

Role-Based Access Control (RBAC)

Acquiring Rights and Permissions

Rule-Based Access Control

Access Control Matrix

Access Control Administration

Access Control Mechanisms in Use Today

Strong Authentication

Memory Cards

Smart Card

Administrating Access Control

Accountability and Access Control

Trusted Path

Access Criteria

Fraud Controls

Thin Clients

Administrative Controls

Controlling Access to Sensitive Data

Other Ways of Controlling Access

Technical Access Controls

Physical Access Controls



Network IDS Sensors

Types of IDSs

Behavior-Based IDS

IDS Response Mechanisms

Trapping an Intruder

Access Control Methods

Remote Centralized Administration

RADIUS Characteristics


TACACS+ Characteristics

Diameter Characteristics

Decentralized Access Control Administration

Biometrics Technology

Biometrics Enrolment Process

Downfalls to Biometric Use

Biometrics Error Types

Crossover Error Rate (CER)

Biometric System Types


Password “Shoulds”

Password Attacks

Countermeasures for Password Cracking

Cognitive Passwords

One-Time Password Authentication

Synchronous Token

Asynchronous Token Device

Cryptographic Keys

Passphrase Authentication


More Definitions

Single Sign-on Technology

Different Technologies

Scripts as a Single Sign-on Technology

Directory Services as a Single Sign-on Technology

Kerberos as a Single Sign-on Technology

Kerberos Components Working Together

More Components of Kerberos

Kerberos Authentication Steps


Why Go Through All of this Trouble?

Issues Pertaining to Kerberos

SESAME as a Single Sign-on Technology

SESAME Steps for Authentication

Computer Forensics and Legalities

Lesson Objectives

The Legal System

State Law & Criminal Incidents

Federal of laws

US Title 18: Fraud Criminal Codes

Case study: Criminal Incidents

Case Study: Criminal Incidents

Case study: Criminal Incidents

Criminal Incidents

International Legal Treaties and Orgs

Civil Incidents

Criminal Incidents

Criminal Incidents

Cryptography Applications

Digital Certificates

What Do You Do with a Certificate?

Components of PKI: Repository and CRLs


Digital Signatures: PGP


IPSec Network Layer Protection

IPSec Key Management

IPSec Handshaking Process

IPSec Is a Suite of Protocols

IPSec Modes of Operation



Public Key Infrastructure

Why Do We Need a PKI?

PKI and Its Components

Let’s Walk Through an Example

Public Key Infrastructure

Asymmetric Encryption

Public Key Cryptography Advantages

Symmetric versus Asymmetric




Site-to-Site VPN

Others From Around the World

Identity Theft and Social Media

Cryptography Algorithms and Concepts

Symmetric Cipher: AES

Crack Times

Crypto and Password Recovery Concepts

Crypto Attacks

Caesar Cipher Example

Polyalphabetic Substitution

Ways of Breaking Cryptosystems—Brute Force

Attacks on Cryptosystems


Cryptographic Definitions


Attack Vectors

More Attacks (Cryptanalysis)

Type of Symmetric Cipher: Stream Cipher

Characteristics of Strong Algorithms

Block Cipher Modes: CBC


Block Cipher Modes: CFB and OFB


Symmetric Ciphers We Will Dive Into

Symmetric Algorithm Examples

Symmetric Algorithms: DES

Evolution of DES

Different Modes of Block Ciphers: ECB

Other Symmetric Algorithms

Symmetric Encryption

Symmetric Encryption

Symmetric Downfalls

Symmetric Algorithms



Quantum Cryptography

Asymmetric Algorithm Examples

Asymmetric Algorithms We Will Dive Into

Asymmetric Algorithm: RSA

U.S. Government Standard

Asymmetric Encryption

Key Management

Using the Algorithm Types Together

Hybrid Encryption

Strength of a Cryptosystem

Symmetric Key Management Issue

Now What?

Key Management

IPSec Key Management

Key Issues Within IPSec



Types of Ciphers Used Today

Type of Symmetric Cipher: Block Cipher

S-Boxes Used in Block Ciphers

Type of Symmetric Cipher: Stream Cipher

Encryption Process

Symmetric Characteristics

Strength of a Stream Cipher

Let’s Dive in Deeper

Block Cipher Modes: CFB and OFB


Attack Vectors

More Attacks (Cryptanalysis)

ROT: 13

ROT: 13

MD5 Collision Creates Rogue Certificate Authority


SSL Connection Setup

SSL Hybrid Encryption






Cryptographic Definitions

Encryption Algorithm



Common Hash Algorithms

Birthday Attack

Example of a Birthday Attack

Generic Hash Demo

Instructor Demonstration

Security Issues in Hashing

Hash Collisions

MD5 Collision Creates Rogue Certificate Authority

Digital Signatures

Asymmetric Encryption

Public Key Cryptography Advantages

Asymmetric Algorithm Disadvantages

Asymmetric Algorithm Examples

Symmetric Encryption

Symmetric Encryption

Symmetric Downfalls

Symmetric Algorithms

Crack Times

Digital Acquisition

Digital Acquisition Copy: Original

Digital Acquisition: Duplication

Digital Acquisition Procedures

DC3 Operations

DCFL Terabytes, Time, & Totals

Digital Forensic Analysis Tools

Forensic Toolkit (FTK)™


I-Look Investigator™

ProDiscover DFT™

Domain Name Registration

DNR Overview

Network Service: DNS

Countermeasure: DNS Zone Transfers

Cache Poisoning

What is DNS spoofing?

Tools: DNS Spoofing

Active Sniffing Methods

ARP Cache Poisoning

ARP Normal Operation

ARP Cache Poisoning

ARP Cache Poisoning (Linux)



Domain Hijacking

Host Names


Host Table


DNS Databases

Using Nslookup

Dig for Unix / Linux

Protecting Domain Names

(Mis)Uses of Host Tables

Disaster Recovery and Business Continuity

Business Continuity Objectives

Pieces of the BCP

Where Do We Start?

Why Is BCP a Hard Sell to Management?


Plan Development Delegated to a Committee

BCP Risk Analysis

How to Identify the Most Critical Company Functions


Identifying Functions’ Resources

How Long Can the Company Be Without These


Preventative Measures

What Items Need to Be Considered?

Proper Planning

Executive Succession Planning

Identify Vulnerabilities and Threats


Loss Criteria


Disk Shadowing

Backing Up Over Telecommunication

Serial Lines





Facility Backups: Hot Site

Facility Backups: Warm Site

Facility Backups: Cold Site

Compatibility Issues with Offsite Facility

Which Do We Use?

Choosing Offsite Services

Subscription Costs

Choosing Site Location

Other Offsite Approaches


Results from the BIA

Now What?


Plan Objectives

Defining Roles


Operational Planning

Preventive Measures

Emergency Response


Return to Normal Operations

Reviewing Insurance

When Is the Danger Over?

Now What?

Testing and Drills

Types of Tests to Choose From

What Is Success?

BCP Plans Commonly and Quickly

Become Out of Date

Phases of Plan

Who Is Ready?


Endpoint Security

3rd Party Applications

Anti-Virus Limitations

Browser Defense


SSL Connection Setup

SSL Hybrid Encryption


IPSec: Network Layer Protection



Public Key Infrastructure

Quantum Cryptography

Endpoint Whitelist

Firewalls, IDS and IPS

Firewall: First line of defense

IDS: Second line of defense

IPS: Last line of defense?


Firewall Types: (1) Packet Filtering

Firewall Types: (2) Proxy Firewalls

Firewall Types: Circuit-Level Proxy Firewall

Type of Circuit-Level Proxy: SOCKS

Firewall Types: Application-Layer Proxy

Firewall Types: (3) Stateful

Firewall Types: (4) Dynamic Packet-Filtering

Firewall Types: (5) Kernel Proxies

Firewall Placement

Firewall Architecture Types: Screened Host

Risks of Portable Devices

Honeypots, Honeynets, Honeytokens, Tarpits, oh my

Benefits and Drawbacks

Honeypots Defined

Legal Issues

Trying to Trap the Bad Guy

Companies Can Be Found Liable


Incident Handling and the Legal System

Chain of Custody

Digital Evidence Collection Objectives

Evidence Collection & Incident Assessment

Identifying an Incident

Steps to handling an Incident

Digital Incident Assessment

Incident Response Checklist

Responding to An Incident

Suggested Guidelines for Securing Digital Evidence

Secure Digital Evidence

Common Incident Handling Mistakes

Securing Digital Evidence Procedure

Chain of Custody

Potential Digital Evidence

Search and Seizure

Incident/Equipment Location

Available Response Resources

Securing Digital Evidence

Digital Evidence Presentation

The Best Evidence Rule

Duplication and Recordings, Evidence Law

IP Terms and Concepts

OSI: Application Layer

Devices Work at Different Layers

Network Devices: Gateway

Data Encapsulation

Protocols: ICMP

Dial-Up Protocol: SLIP

Dial-Up Protocol: PPP

WAN Technologies Are Circuit

or Packet Switched



Protocols: ICMP

Port and Protocol Relationship

Example Packet Sniffers

Tool: Wireshark

Tool: OmniPeek

Sniffer Detection using Cain & Abel

Network Protocol

Network Protocol


UDP versus TCP

Port and Protocol Relationship

An Older Model

TCP/IP Suite

Traceroute Operation

Traceroute (cont.)

Other Traceroute Tools


Method: Ping




Malicious Software


Types of Malware

Distributing Malware

Malware Capabilities

Auto Starting Malware

Countermeasure: Monitoring Auto-start Methods

Malicious Browser Content

Malware Defense Techniques

Spy Sweeper Enterprise

CM Tool: Port Monitoring Software

CM Tools: File Protection Software

CM Tool: Windows File Protection

CM Tool: Windows Software

Restriction Policies

Company Surveillance Software

CM Tool: Hardware-based Malware


Countermeasure: User Education

Propagation Techniques

Trojan Horse Characteristics

Trojan Horses

Executable Wrappers

Benign EXE’s Historically Wrapped with Trojans

The Infectious CD-Rom Technique

Trojan: Backdoor.Zombam.B

Trojan: JPEG GDI+

All in One Remote Exploit

Advanced Trojans: Avoiding Detection


Virus Types

Types of Malware Cont...

Types of Viruses

Worm Characteristics

Managing Security Policy

Approach to Security Management

Policy Types

Policies with Different Goals

Industry Best Practice Standards

Components that Support the Security Policy

Senior Management’s Role in Security

Security Roles

Information Classification

Information Classification Criteria

Declassifying Information

Types of Classification Levels

Information Classification

Issue Specific Policy

Policy Assessment

Policy Benefits

Policy Development Tools

Security Posture and Culture

Methods of Attack

Enumeration Overview

DNS Enumeration

Backtrack DNS Enumeration

SNMP Enumeration Tools

SNMP Enumeration Countermeasures

Active Directory Enumeration

AD Enumeration countermeasures

Hacking Tool: RootKit

Windows RootKit Countermeasures

Advanced Trojans: Avoiding Detection

Benign EXE’s Historically Wrapped with Trojans

Google and Query Operators

Google (cont.)

SPUD: Google API Utility Tool


Denial of Service

Denial of Service

Threat Methodologies (STRIDE)

DDoS Issues


Buffer Overflow Definition

Overflow Illustration

Buffer OverFlows


Spear Phishing

E-Mail Links

Logic Bomb

Duronio Case


Man-in-the Middle

Replay Attack

SPAM and e-mail Flooding


IP Address Spoofing



Physical Security

Physical Security

Physical Security Checklist

Physical Security Checklist

Items of Interest

Physical Controls

Physical Access

Tool Kit: Picks

Tool Kit: Snap Gun

Tool Kit: Electric Pick

Bump Keying

Lock Picking Countermeasures

Controlling Access


Facility Attributes

Electrical Power

Problems with Steady Power Current

Power Interference

Power Preventive Measures

Fire Prevention

Automatic Detector Mechanisms

Fire Detection

Fire Types

Suppression Methods

Fire Suppression

Fire Extinguishers

Risk Management & Security Frameworks


IT Governance Best Practices

IT Risk Management

Types of Risks

Risk Management

Information Security Risk Evaluation

Information Security Risk Evaluation

Improving Security Posture

Risk Evaluation Activities

Risk Assessment

Information Gathering

Information Gathering

Data Classification

Threats and Vulnerabilities

Analytical Methods

Evaluate Controls

Evaluate Controls

Risk Ratings

Important Risk Assessment Practices


Security Incentives & Motivations

Security Incentives & Attack Motivations

Risk Management II

What is Your Weakest Link?

What Is the Value of an Asset?

Examples of Some Vulnerabilities that Are

Not Always Obvious

Categorizing Risks

Some Examples of Types of Losses

Different Approaches to Analyzing Risks

Who Uses What Analysis Type?

Qualitative Analysis Steps

Quantitative Analysis

Can a Purely Quantitative Analysis Be Accomplished?

Comparing Cost and Benefit

Cost of a Countermeasure

Security Frameworks & Compliance

ISO 27002

ISO 27002: Control Components


Security and Organizational Structure

Capacity Analysis

Employee Discipline and Termination

Employee Performance

Employee Retention

Filling Positions

Conflicts of Interest

Security Awareness

Security Awareness Program

4 steps

3 Common Training Models

Security Awareness Goals

Role of metrics

Steps to develop a metrics program


Crypto and Password Recovery Background


Steganography Methods



File Generation

The Intelligent Network:  Unified Threat Management (UTM)

UTM product criteria}Firewalls, IDS and IPSFirewall: First line of defense

IDS: Second line of defense

IPS: Last line of defense?


Firewall Types: (1) Packet Filtering

Firewall Types: (2) Proxy Firewalls

Firewall Types: Circuit-Level Proxy Firewall

DDoS Issues



Unified Threat Management

Unified Threat Management

Virtualization: Type 1

Type 1 Examples

Virtualization: Type 2

Type 2 Examples

Network Infrastructure

Wikto Web Assessment Tool


Network Topologies: Physical Layer

Network Topologies: Mesh

Summary of Topologies

Wireless Technologies: War Driving

TCP Model

TCP/IP Suite

OSI Model

OSI: Application Layer

OSI: Presentation Layer

OSI: Session Layer

OSI: Transport Layer

OSI: Network Layer

OSI: Data Link

OSI: Physical Layer

Wide Area Network Technologies

Voice Over IP


Network Segmentation

Vulnerability Assessment:  Outside View

Basic Hacker Process

Potential Threats, Vulnerabilities, & Risks

What is a Penetration Test

Types of Penetration Testing

Vulnerability Assessment vs Pentest

“Hacking-life-cycle”: a Methodology

Methodology for Penetration

Testing / Ethical Hacking

Hacker vs. Penetration Tester

Not Just Tools

Exploitation Tools vs. Vulnerability Scanners

Vulnerability Scanners


Nessus Report


SAINT: Sample Report

Tool: Retina

Qualys Guard

Tool: LANguard

Number of Exploitable Vulnerabilities from NVD Detected

Scan Process Best Practices

Inside, outside and user view

Manager’s Role in Remediation

Risks of non-Remediation

Pentesting in Vulnerability Management

Scanning Techniques

Threat Concerns

Threat Vectors

War Dialing

Vulnerability Assessment:  Inside View

Inside view, tools, approach

SP 800-40 Version 2.0

Vulnerability Assessment:  User View

Peer to Peer Networks

P2P Cautions

Instant Messaging

IM issues

Social engineering

Web Communications


Wikto Web Assessment Tool

OWASP Top 10 for 2010

Reflected Cross Site Scripting Illustrated

IIS Directory Traversal

Injection Flaws

SQL Injection





Wireless and Bluetooth Contrast

Bluetooth Attacks

Cabir Infection

Bluetooth Defenses

Bluetooth & Wireless Comparison

Bluetooth & Wireless Comparison

Course Prerequisites

​One year of IT Employment

OR C)ISSO: Information Systems Security Officer

Course Schedule
This course is not scheduled yet.