|
|
ISACA-CMC Fall Seminar
Web Application Security
Presented by Stu Henderson Group
Dates: Monday & Tuesday, September 25 - 26, 2006
Place:
Maritime Institute of Technology,
692 Maritime Boulevard,
Linthicum Heights, MD 21090-1952,
(410) 859-5700
Classroom 2 in Academic Building 3
For directions, visit: http://www.mitags.org/text_directions
Topic: Web Application Security (See outline below)
Planned CPE's: 16
Time:
7:30 AM - 8:00 AM Registration and Continental Breakfast
8:00 AM - 12:00 PM Presentation
12:00 PM - 1:00 PM Buffet Lunch
1:00 PM - 4:30 PM Presentation
Price:
Members: $350 (Includes ISACA members and Balt. Chapters of AGA, CFE, IIA, and ISSA)
Non-members: $450
Discounts:
Organizational Discount: $50 discount for an organization with 3 or more attendees
Early Discount for payments postmarked by Friday, August 26th: ISACA Members: $50; Other Members: $25; Non-members: $10
Payment/Registration: Prepayment and pre-registration are required. Sorry, we do not accept credit card payments. Make checks payable to ISACA-CMC. For reservations, please follow this link (REGISTER HERE) or call Joanie Miller at (717) 625-6631 by NOON on Monday, September 11th. If there is no answer, please leave a voice mail message when prompted. Please register promptly to ensure your spot in this seminar.
Please complete the registration form below and mail with your check to:
Kisha-Dawn Greenidge
c/o PwC
250 W. Pratt St. Suite 2100
Baltimore, MD 21201
Cancellation Notice: Full refunds will be given if registration is cancelled prior to Monday, September 11th. Refunds will not be given after that date. Attendance is transferable. Cancellation must be received by J. Miller at email/phone number noted above. ISACA Central Maryland Chapter reserves the right to cancel this event if there is not sufficient participation. Participants will be notified the week of September 11th in the event that the seminar has been cancelled. Paid registrations will be refunded.
Web Application Security
Outline:
I. Introduction
• Explanation of the Internet, IP addresses, ports, applications, encryption, client/server, IPSEC, firewalls
II. How a Program Accesses the Web (client vs. server)
III. Security Risks
• Data access, spoofing of host, spoofing of client, technology specific such as DB2, RJE
IV. Protections
• Firewalls, SSL, TLS, IPSEC, program logic, blocking the ports
V. Audit Program
• Learn application, data, relevant risks
• Map network and firewalls
• Evaluate need for encryption, authentication, application specific controls
• Evaluate use of digital certificates
• Summarize risks and protective recommendations
Speaker Profile:
Stu Henderson is an experienced system programmer, consultant and trainer whose seminars on information security and IT auditing are taught nationwide and in-house. He is editor of the RACF User News and the Mainframe Audit News and a frequent speaker at ISACA chapters and conferences such as Vanguard, CACS, and SHARE. His website www.stuhenderson.com provides free information for security administrators and auditors. He can be reached at stu@stuhenderson.com.
ISACA-CMC Registration Form
Web Application Security
Please complete and mail with payment to:
Kisha-Dawn Greenidge
c/o PwC
250 W. Pratt St. Suite 2100
Baltimore, MD 21201
Name:
Agency/Organization:
Member: ISACA-CMC ____ ISACA____AGA____CFE____IIA___
Non-member: Yes_____
Mailing Address:
E-mail Address:
Daytime Phone:
Amount Enclosed:
Prepayment Disc.Applied: Yes_________ No _________
Organization Discount** Yes _________ No _________
To take advantage of the prepayment discount, payment must be postmarked by Friday, August 26th. All payments must be received no later than Friday, September 15th.
** If taking the organization discount, please submit all registrations together and take the discount off one.
