Cyber Security Foundation Practitioner TM Exam

Cyber Security Foundation+PractitionerTM

This course provides comprehensive and practical coverage of all aspects of implementing and maintaining an ISO 27001 project. If you are involved in information security management, writing information security policies or implementing ISO 27001 – either as a Lead Implementer, or as part of the planning/implementation team – this course will give you the all the key steps for implementing and maintaining a successful Information Security Management System.

80% of Global Fortune 500 organizations are expected to adopt DevOps by 2021 – CA.

ADP, BBC News, ebay, GE, ING, Intuit, PayPal, Splunk, Uber & other MNCs worldwide use DevOps.

Be future ready. Start learning
Structure your learning and get a certificate to prove it.
Start Learning
Be future ready. Start learning
Structure your learning and get a certificate to prove it.
Start Learning

Course Curriculum

Cyber Security Foundation+PractitionerTM

SELF PACED

This course provides comprehensive and practical coverage of all aspects of implementing and maintaining an ISO 27001 project. If you are involved in information security management, writing information security policies or implementing ISO 27001– either as a Lead Implementer, or as part of the planning/implementation team – this course will give you the all the key steps for implementing and maintaining a successful Information Security Management System.

  • WEEK 5-6
  • 10 Modules
  • 6 Hours
Self Paced

Topics:
  • Cyber Security Concepts and Definitions.
  • Difference between IT Security.
  • Information Security and Cyber Security.
  • Assets, Threats & VulnerabilitiesLikelihood, Consequence and Impact.
  • Inherent Risk, Current Risk and Residual Risk.
  • Cyber Security Strategy.
  • Supporting Business Goals and Objectives.
  • Cyber Security Policy Framework,Awareness.
  • Training and Education.
  • Laws, Regulations and Industry Standards.
  • Roles and Responsibilities.
  • Professional Organisations and Ethics.
  • Introduction to the Case Study.

Practical Session:
  • Development of a Cyber Asset Register.

Learning Objectives: In this module, you will learn about security management in AWS using Identity Access Management (IAM) and Key Management Service.

Topics:
  • Risk Management Concepts and Definitions.
  • The Stages of Risk.
  • Systemic and systematic Risk, Risk Aggregation,Risk Acceptance.
  • Reduction, Transfer and Avoidance, Risk Appetite and Tolerance.
  • Governance, Risk Management and Compliance (GRC),Risk Management Process.
  • Quantitative, Semi-quantitative and Qualitative Risk.
  • Threats and Opportunities.
  • Assessing the current threat landscape.
  • Developing a Threat Taxonomy.
  • Advanced Persistent Threats.
  • Bring Your Own Device or Technologies.
  • The Internet of Things.
  • Controls.
  • Counter Measures and Enablers.
  • Business Impact Analysis.
  • Sample Business Impact Analysis Template.
  • Sample Business Impact Levels.

Practical Session:
  • Development of a threat taxonomy and identification of vulnerabilities.
  • Evaluate inherent risk, current controls, current risk, recommend controls and residual risk.

Topics:
  • Security Architecture Concepts and Definitions.
  • Security Architecture Frameworks(SABSA,TOGAF).
  • Security Architecture Design Principles.
  • Service Models(Insourcing,Outsourcing).
  • Managed Services – Single provider, multiple provider and prime provider.
  • Cloud Services – Cloud service models and Cloud deployment models.

Practical Session:
  • Recommendations for service provider models in addressing risks.
  • Identification of security architecture design principles.

Topics:
  • OSI and TCP/IP Models.
  • Network Fundamentals( Network Security,Network Topologies, Security Zones,Network Security Technologies, Virtualisation Benefits and Security Challenges).
  • Endpoint Security (Servers, desktops, laptops, tablets, mobile devices, wearables,Endpoint Security Technologies,Specialised Endpoint Systems).
  • Application Security(Software Development Lifecycle,OWASP Top 10,Web Application Firewall and Database Firewall).
  • Data Security (Data owners, data classification, labelling,Access control,Data governance and lifecycle,Data remanence).
  • Australian Signals Directorate Top 35 and Essential Eight(ASD Top 4,ASD Essential Eight,SANS Top 20 mapped to ASD Top 35 and other frameworks).

Practical Session:
  • Establish a data classification scheme.
  • Exercise #6 – Design a secure network topology incorporating network security zones.
  • Overlay the data classification scheme and placement of recommended controls.

Topics:
  • Cryptography Key Terms and Concepts.
  • Symmetric Algorithms(Data Encryption Standard (DES),Triple DES, Advanced Encryption Standard (AES),Other symmetric algorithms).
  • Asymmetric Algorithms.
  • Hashing Algorithms.
  • Non-Repudiation.
  • Cryptographic Attacks(Side-channel,Birthday,Implementation,Other attack methods).
  • Implementing Cryptography in the Real World(Public Key Infrastructure (PKI), Electronic Document Exchange,Virtual Private Networks (VPNs),Secure e-mail,Steganography,Digital Watermarks,Wireless Security,Secure Shell, Key Management).

Practical Session:
  • Identify and rank the most important business operations.

Topics:
  • Business Continuity Planning(NIST SP800-34 as a Framework).
  • Disaster Recovery Planning(Relationship between the BCP and DRP,Events that trigger a BCP/DRP.
  • Developing the BCP and DRP(Application of NIST SP800-34,Initiation,Business Impact Analysis, Identification of preventive controls,Recovery strategies, Plan design and development and important BCP/DRP frameworks,Ongoing maintenance).

Practical Session:
  • Identify and rank the most important business operations.

Topics:
  • NIST Cyber Security Framework(Identify,Protect,Detect,Respond,Recover).
  • Cyber Forensics(General phases of the forensic process,Anti-forensics, Forensic media analysis,Network forensics, Forensic analysis of software, Embedded devices and Electronic Discovery).
  • Incident Response Management(Security events and Security incidents,Incident Response Methodology using NIST SP800-61).
  • Security Assurance(Defining and implementing meaningful metrics,Configuration management, Minimum Security Baselines,Vulnerability Assessments,Penetration Testing,Security Audits,Security Assessments,Log reviews, retention, centralisation and analysis,Security Information and Event Management System (SIEM)).

Practical Session:
  • Examination of insourcing or using a managed service for incident response.
  • Develop the first part of a management report highlighting the most appropriate strategies for managing various risks and a high-level roadmap of activities.

Topics:
  • Two Hours.
  • Multiple Choice.

Program Syllabus

Curriculum

You can also view the program syllabus by downloading this program Curriculum.

Course Certification

OL Tech Edu’s Certificate Holders work at top 500s of companies like

Features

Explore step by step paths to get started on your journey to Jobs of Today and Tomorrow.

Instructor-led Sessions

30 Hours of Online Live Instructor-Led Classes.
Weekend Class : 10 sessions of 3 hours each.

Real Life Case Studies

Real-life Case Studies

Live project based on any of the selected use cases, involving implementation of the various real life solutions / services.

Assignments

Assignments

Each class will be followed by practical assignments.

24 x 7 Expert Support

24 x 7 Expert Support

We have 24x7 online support team to resolve all your technical queries, through ticket based tracking system, for the lifetime.

Certification

Certification

Towards the end of the course, OL Tech Edu certifies you for the course you had enrolled for based on the project you submit.

Course FAQ's

Enroll, Learn, Grow, Repeat! Get ready to achieve your learning goals with OL Tech Edu View All Courses

© 2015 - 2024 OL Tech Edu. All Rights Reserved.
Designed, Developed & Powered by MNJ SOFTWARE

The website is best experienced on the following version (or higher) of Chrome 31, Firefox 26, Safari 6 and Internet Explorer 9 browsers