Course Objectives

• This Course Objective Hasn't Been Provided Yet

Target Audience

IT professionals, security professionals, auditors, site administrators, general management and anyone tasked with managing and protecting the integrity of the network infrastructure. This also includes anyone already familiar and involved with IT/cyber/digital security and seeking to build on their fundamental principles of security.

• Adapting to evolving standards
  • Information security standards (e.g. PCI-DSS/ISO27001)
  • Documented tools:
    • ISO/IEC 27001
    • PAS 555
    • Control Objectives for Information and Related Technology (COBIT)
  • Future standards
    • ISO/IEC 2018
    • EU privacy regulations
    • Local and international government stipulations implicating access to private data
• Principles of IT security
  • Enterprise security
    • External defenses
    • Web filtering
    • Intruder Prevention Systems (IPS)
    • Intruder Detection Systems (IDS)
    • Firewalls
  • Secure code
  • Software Development Lifecycles (SDL)
  • Potential insecurities within developed applications
  • WiFi security protocols and attributes
  • Voice over IP (VoIP) security
  • Governance Risk and Compliance (GRC)
  • Security Incident Event Management (SEIM) applications
  • Cloud security
  • Third party security and compliance
• Adopting cyber security measures
  • Employee perception on security through Neuro Linguistic Programing (NLP)
  • Security education and awareness: techniques, systems, and methodologies
  • Penetration testing
  • Ethical hacking
  • Options to mitigate viruses, malware, active code threats and Active Persistent Threats (APT)
  • The Computer Incident Response Team (CSIRT) frameworks, tools and capabilities
  • Incident first response: proven methodologies, tools, and systems
  • The science of applying robust digital forensics: applicable law, capabilities, and methodologies
  • Supervisory Controls and Data Acquisition (SCADA); security requirements, processes and methodologies
  • Abuse images: complying with local and international law
• Building cyber security teams
  • Creation and management of a Secure Operations Center (SOC)
  • Development of the Corporate Security Organization Framework
  • Formulation and deployment of a Computer Security Incident Response Team (CSIRT)
  • Bespoke Security Incident and Event System (SIEM) for the operational deployment
  • Risks associated with I/O Security (e.g. USBs, CDs, other forms of media)
  • Risks of Active Code Injection, and mitigation techniques
• Advanced cyber risks and tools
  • Cyber crime and the darknet/darkweb: the world of the hackers/hacktivists
  • The underground of cyber criminality
  • Social engineering as a tool to test operational resilience
  • Open Source Intelligence (OSINT)
  • Cyber threat intelligence
  • Open source and commercial security tools
  • The operational use of encryption
  • Virtual private networks
• Steganography - Techniques used to hide hacking tools and malware on networks
  • Command line and tools used to identify and extract dangerous files and contain malware and hacking applications
  • The 1-10-60 Rule to identify and contain dangerous hidden applications
  • Alternate Data Streams (ADS) and the threats they can pose under an NTFS environment
  • Leveraging ADS to hide undetectable malware within an operational network

This course hasn't been scheduled yet, however you can request for In-House training