The Information Security Red Team Methodology (ISRM) is a detailed hands-on methodology for performing evaluations of the current security readiness of an organization against current threats. Individuals can expect to learn a repeatable methodology that can be used to prepare for and conduct a Red Team engagement. It is recommended that a security professional obtain both the ISRM and the Information Security Assessment Methodology (ISAM) to assure a broad understanding of the information security analysis processes.
The ISRM covers the processes involved in an evaluation of a customer's overall security posture, based on both technical and physical threats. The ISRM starts with a review of the ISAM and the inputs to the ISRM, and proceeds to walk through the process of planning, executing, monitoring, and reporting, Red Team activities with the customer. The students will learn techniques that can be used for intelligence gathering and reconnaissance of selected targets, and how to use this information. Once the intelligence gathering and reconnaissance is completed, the students will learn how to plan and execute various exploitation techniques in a coordinated attack against the selected targets. Both technical and mental exercises are used throughout the course to reinforce the concepts.
The ISRM is a four-day course for experienced Information Systems Security analysts, those interested in performing Red Team engagements, or those planning on having a Red Team engagement performed against their organization. The students will benefit most if they have a solid background in information security systems and have an understanding of networking concepts. A strong ability to analyze disparate information is also highly valuable. Students will be provided with all relevant course materials and tools, including the use of a laptop during the course.
Certification Qualification Requirements:
Required: Five (5) years of demonstrated experience in the field of information security, communications security or computer security, with 2 of the 5 years of experience working directly with information security requirements and controls. And six (6) months cumulative experience conducting technical assessments or utilizing technical assessment tools.
Recommended: ISAM Certification OR IAM AND IEM Certification