Black Hat® Japan 2008 Briefings & Training

Black Hat Japan Training 2008 NSA InfoSec Assessment Methodology Course (IAM) - Level 1 米国国家安全保障局(NSA)INFOSECアセスメント方法論(IAM) - レベル1 Security Horizon

Register Now / オンライン登録

Overview - 概要 :

Note: This NSA certification course has recently been updated. We strongly urge you to register for this course as quickly as possible as it has sold out in past years and seats are limited. This course presents the methodologies used by the National Security Agency when conducting information security assessments on organizations. It focuses primarily on the mission of the customer organization, the critical information that drives that mission, and the regulations or legislation about how that information should be protected. The InfoSec Assessment Methodology (IAM) is independent of any particular regulation and provides tremendous flexibility for use within any organization. It is intended to be used as a baseline for conducting level 1 assessments.

Specific Learning Objectives - 講座で学ぶこと

  1. This is a methodology course. You should not take this course if you expect to learn specific business process that you can implement. This course is about establishing a repeatable process, across the INFOSEC industry so that customers of these services will know what to expect, regardless of the vendor they decide to utilize.
    これは方法論の講座であり、情報セキュリティ産業全体で繰り返して利用可能なプロセスを構築することが、本講座の目的である。これは、様々なベンダーを利用する場合に、情報セキュリティを必要とする顧客がそれらベンダーに何を期待できるのかがわかるようにすることである。ただしこれは、すぐインプリメントできるようなビジネスプロセスと考えるべきではない。
  2. The NSA IAM focuses on critical information. Students will learn how to identify the organization's mission, the information critical to that mission, where the information exists, and what happens to the organization if they lose that information.
    NSA IAMは重要情報に焦点を当てている。受講者は、組織の任務、その任務にとって重要な情報、その情報がどこに存在するか、の特定の仕方、情報を失った場合になにが起こるのかを学ぶ。
  3. The NSA IAM course is *not* tools based. The level 1 methodology from NSA focuses on policies, procedures, and information flow. Assessments processes used in this course include documentation review, interview techniques, and other methods of interaction directly with the management/people perspective of an organization. The tools piece is discussed in detail during the level 2 NSA methodology, the INFOSEC Evaluation Methodology (IEM).
    NSA IAM講座は、ツールを使う講座 *ではなく*、ポリシー、手順、情報の流れに焦点を当てる講座である。本講座で使用されるアセスメント・プロセスには、必要書類のレビュー、対面調査テク ニック、および組織の管理職や人々と直接やりとりを行う方法、などが含まれる。ツール類については、レベル2 NSA方法論となるINFOSEC評価方法論(IEM)で詳しく取り上げる。
  4. Real world examples. This course will provide insight into some of the issues that arise when this type of work is conducted. Examples range from the educational world, the Department of Defense, the federal arena, utilities, healthcare, and financial.
    この講座では、実際の例をいくつか紹介する。たとえば、米国国防省関連、連邦政府関連、公共サービス関連、病院関連、金融業界、教育業界などである。これらでアセスメント系の作業が実行される際のいくつかの問題について洞察する。
  5. Taught by Practitioners. Learn the NSA methodologies from instructors that have been involved in this NSA program since inception. This course is provided from the viewpoint of “How do we approach this work,” “Why does it matter,” and “What should you be on the lookout for?”
    この講座では、NSAプログラムの創成期から携わっている、熟練した専門家がインストラクターとしてNSA方法論を講義する。本講座は「この作業にはどのようにアプローチするか」、「なぜそれが問題となるのか」、「なぜ警戒しないといけないのか」といった視点から構成されている。
  6. This is a certification course. Some students may be eligible to receive National Security Agency (NSA) certification on the IAM material. Attendees who feel they may meet the requirements outlined below will need to submit the appropriate registration documents proving eligibility.
    この講座は、認定証が発行される講座である。下記の認定証の授与要件を満たす受講者は、NSAが発行するIAMに関する認定証を受ける資格がある。下記の要件を満たすと考える受講者は、資格があることを証明できる履修登録書類を事前に提出する必要がある。

What to Expect - 本講座に期待できること :

Students can expect to be involved from the first hour of class. Every professional brings with them a variety of experience, knowledge, and background. The NSA courses are interactive and informal. Highly relevant discussions occur in this course and students should be prepared to provide their opinions. In fact, it’s not unusual to find these same conversations continuing after class over a drink.

How It Will Work - 講座の進め方 :

Students will learn the NSA IAM by walking through the individual sections of the methodology within a group environment. Each group will be assigned a scenario organization (utility, healthcare, finance, military, research, etc) that they will use to perform the NSA IAM upon during the course. There are 3 group exercises provided over the 2 day period. Course material is presented using PowerPoint slides, lecture, and digital movies.

The final test will be given at the end of the 2nd day of class. Students moving on to the level 2 IEM course (bootcamp style) will have their tests graded prior to leaving the course to ensure they’re eligible for the next course.

Certification - 認定証 :

NOTE: Certification is *not* required to attend this course, but attendance is limited, so enroll now.

In order to become NSA IAM certified, students are required to submit a registration package to NSA, via Security Horizon, in advance of the class. Submission of paperwork no later than 30 days prior to the class is highly recommended to ensure all paperwork is approved and the certification exam is issued by the National Security Agency.

Students wishing to be certified must meet the following requirements - 認定証希望者の必須条件 :

We strongly urge that you register for this class no later than September 10 if you are seeking to be certified since all paperwork for certification must be approved PRIOR to the class. On-site or late registration for this class will not ensure that the necessary paperwork will be completed for certification.

After registering for this course with Black Hat, you can begin your NSA registration process by contact sh-admin@securityhorizon.com. You will be sent the registration packet for this course which must be completed and faxed back to Security Horizon. For questions on the NSA registration paperwork or course content, please contact sh-admin@securityhorizon.com. For information on payment for the course, please contact Black Hat directly.

Course Length - コースの長さ :

Two days. All course materials, lunch and coffee breaks will be provided. A Certificate of Completion will be offered in addition to IAM Certification (if you qualify). This course is required prior to taking the level two course, the NSA IEM.

We strongly urge that you register for this class no later than September 10 if you are seeking to be certified since all paperwork for certification must be approved PRIOR to the class. On-site or late registration for this class will not ensure that the necessary paperwork will be completed for certification.

Non-US Citizens or Japanese Citizens who do not qualify for NSA Certification will receive a Certificate of Completion from Security Horizon and Black Hat.

Trainer - 講師紹介(予定)

Ed Fuller, COO, Security Horizon, Inc.
Greg Miles, President, Security Horizon, Inc.
Brian Kirouac, CTO, Security Horizon, Inc.

Register Now / オンライン登録
Price Line
価格表
EarlyBird Ends:10-Sep
早期割引 登録締切:9/10
Regular Ends:10-Oct
通常価格 登録締切:10/1
Onsite Accept:5-Oct Only
当日価格 登録受付:10/5のみ
Price(with Tax)
価格(税込)
¥ JPY 247,800 ¥ JPY 277,000 ¥ JPY 306,000
  • * Group discounts for 2 or more is available. Please contact [ blackhatregistration at ubm.com ] to apply.
  • * グループ割引は2名様以上から適用可能です。インターネット協会会員割引、スポンサー割引をご用意しています。お申し込み希望者およびお問い合わせは[ bh at japan døt name ] までご連絡ください。

TOP