IT Cyber Security

Master the advanced techniques required to protect network resources from external threat with the IT Cyber Security bundle. Built around industry best-practice guidelines, the IT Cyber Security bundle consists of three courses:

1. The CISA Certified Information Systems Auditor course.
2. The CISSP Certified Information Systems Security Professional course.
3. The CISM Certified Information Security Manager course.

Each course has been designed to address real world challenges, so that the technologies and techniques covered can be applied to any situation. The course is best suited to:

• IT professionals responsible for audit, control and security of corporate computer and networking resources.
• Consultants tasked with documenting current business system provisions and making recommendations on how to improve monitoring, control and protection provisions.
• Security specialists who need to build and manage effective security solutions to protect corporate resources and data.
• Junior IT security team members who would like to take their knowledge to expert level.
• Individuals who need to achieve an industry-recognised qualification to prove their competence.

Using a series of instructor led videos and self-study manuals throughout each of the bundled courses, the IT Cyber Security package is delivered online using the learning platform. Learners are free to access content anyplace anytime, allowing participants to study whenever and wherever is most convenient for their needs.

A series of flash cards allow learners to test their progress, and a number of practical scenarios in each module can be used to practice common responses. End of unit tests and quizzes ensure students have fully grasped the concepts behind IT Cyber Security before moving on to the next task. Students can discuss topics with other learners using the social networking facilities, adding another valuable learning tool by which to further improve knowledge and skills.

Key Learning Points

The IT Cyber Security package is tailored towards the evolving needs of businesses who need to protect against attack by hackers and other cybercriminals. By combining three courses into a single package, we have built a comprehensive syllabus to ensure that students have a complete understanding of internal and external security provisioning.

The CISA Certified Information Systems Auditor course takes students through:

• The information systems audit process and how it is applied in a real-world environment.
• The importance of applying information technology governance principles to maintain levels of security and availability.
• Defining and managing the information systems and infrastructure lifecycle to better plan for upgrades and replacements.
• Codifying IT service delivery and support mechanisms and levels to ensure that systems and users remain fully productive and issues are properly prioritised.
• Identifying critical information assets and designing systems to protect each from loss, theft or unauthorised access.
• Building a business continuity and disaster recovery strategy that will help keep the organisation running in the event of a major system failure.

Focus then shifts to the CISSP Certified Information Systems Security Professional which covers:

• The principles of access control and how they can be strengthened and applied to keep unauthorised users out of a system.
• Telecommunications and network systems that need to be hardened to prevent data loss or theft.
• The role that information governance and risk management play in raising security standards, and how they need to be applied to corporate information systems.
• The importance of secure software architecture and design to help ensure that in-house systems protect data and resources.
• Using cryptography to protect data in transit and prevent unauthorised access of files without the correct encryption keys.
• Using security architecture and design principles to limit data access and potential angles of attack.
• Monitoring, auditing and improving operations security to keep systems secure at the point of access.
• Designing and implementing business continuity and disaster recovery plans to help re-establish operations as quickly as possible following a serious outage.
• Legal obligations of data security and obligations that must be fulfilled in the event of a criminal investigation.
• Physical and environmental security considerations, like preventing theft of computer hardware or potential fire risks.

Finally, students will begin study towards the CISM Certified Information Security Manager qualification, learning about:

• How to establish and maintain an information security governance framework, and the processes required to support it.
• How to manage information risks to an acceptable level to meet the business and compliance requirements of the organisation.
• Build, implement and operate an information security program that perfectly aligns with the wider information security strategy.
• Planning the correct response to information security incidents, including defining the investigation and recovery steps required to minimise business impact.

Advantages of this course

Using the three-track approach to the package design, we have developed a syllabus that ensures students have the skills and experience they need to build effective real world cybersecurity defences. Learners will also be fully prepared to sit the exam and earn the qualification that accompanies each course.

Other benefits include:

• An in depth understanding of information systems security and the many aspects that need to be protected.
• Hands-on practical skills that will help security professionals overcome their network security challenges and build defences effective defences.
• The opportunity to sit and pass the well-regarded industry CISA, CISSP and CISM qualifications.
• Improved job prospects and the opportunity to progress within the IT security sector.

The IT Cyber Security course is an essential step towards earning the CISA, CISSP and CISM security qualifications. This package is also one of the most cost-effective routes to IT cyber security excellence.

• Units of study

Certified Information Security Manager (CISM)

• Information Security Governance
• Risk Management
• Information Security Program
• Information Security Program Implementation
• Information Security Program Management
• Incident Management and Response

Certified Information Systems Auditor (CISA) Lesson 1

• Introduction
• Audit Process
• Auditing Standards
• Auditing Guidelines
• Cobit Model
• Audit Management
• Internal Control Classifications
• Planning
• Program
• Evidence
• Audit Control Evaluation
• C S A Control Self- Assessment

Lesson 2

• IT Governance
• Outsourcing And Governance
• IT Security
• Governance And Security Policies
• Organizational Compliance
• Outsourcing And Globalization
• Outsourcing
• IT Performance

Lesson 3

• System and Infrastructure
• Requirements
• Project Management Tools- Part1
• Project Management Tools- Part2
• Applications
• Agile Development
• Monitoring And Controlling
• Acquisition Process
• Testing Process
• Information Systems Maintenance Practices
• Data Conversion Tools

Lesson 4

• Media Disposal process
• Post Implementation Review
• Periodic Review
• System Maintenance

Lesson 5

• IT Service Delivery And Support
• How To Evalutate Service Level Management Practices
• Operations Management
• Databases
• Structured Query Language
• Monitoring Performance
• Source Code And Performance Monitoring
• Patch Management
• Incident Management
• Hardware Component Types
• Network Component Types

Lesson 6

• I S Auditor Technical Overview
• Security Design
• Monitoring Systems
• Types of Attacks
• Cryptography
• Encryption
• Asymmetric Encryption
• Digital Certificate
• Different Kinds Of Attacks
• Access Control
• Identification And Authenication
• Physical Access Exposure
• Environmental Security
• Network Security Devices And Network Components
• Network Address Translation
• Virtual Private Networks
• Voice System Risks
• Intrusion Detection
• Firewalls
• Firewall Implementation
• Network Access Protection
• Honey Pot
• Risks To Portable And Wireless Devices
• Bluetooth
• OSI Networking
• Managing Data

Lesson 7

• Business Continuity And Disaster Recovery
• Fault Tolerance
• Business Continuity And Disaster Recovery Regulations

CISSP Module 1

• Intro
• Least Incorrect Answer
• Ethics

Module 2

• Accounts And Identity Management
• Authentication Services
• Categories And Types
• Penetration Testing And Auditing
• Systems M A C D A C R B A C

Module 3

• Telecommunications
• Wired Physical Interfaces
• Physical Layer
• Layer
• Wireless
• Wireless Lan
• Layer34 And Firewalls
• Firewalls
• Protocols
• Transport Layer
• Layers5 And6
• Presentation Layer
• Layer7
• Authentication
• Printing
• Messaging
• Security Protocol
• Application Attacks
• Honeypots
• Telecommunications
• Voice Over I P
• Attacks
• VOIP Controls

Module 4

• Layers of Protection
• Penetration Testing
• Vectors of Test
• Scope
• Technical Penetration Testing
• Pen Testing Methodology

Module 5

• Application Security
• Connectivity Interfaces And Applications
• Malware
• Attack Types
• Malformed Input
• Payload
• Web Risks
• Insecure Direct Object Reference
• Security Misconfiguration
• How To Pass The Exam
• Overview
• Risk Management
• Patch Management
• Levels Of Patch Management
• Software Development Life Cycle
• Security

Module 6

• Cryptography
• Symmetric Vs Asymmetric
• Managing Key Sizes
• Initialization Vector
• Asymmetric
• Crytology Law
• Message Integrity Controls
• Apply Integrity Controls
• Digital Signature Overview
• Types of Encryption
• Digital Signatures
• Key Agreement
• Hierarchical Trust Model
• PGP And Digital Signatures
• Spam Vs PKI
• Cryptography and Stenography
• Investigating For Steganography
• Code Breaking
• Common Cryptanalytical Attacks
• Types of Attacks

Module 7

• Common Criteria And Trusted Computing Base
• Frameworks
• Hardware
• Software OS Design

Module 8

• Data Classification
• Data Backup and Control
• Privilege Entry Control
• I D S And IPS

Module 9

• Business Continuity Planning
• Policy And Program Management
• Business Impact Analysis
• Strategy Options
• Incident Management Plans
• Activity Response Plans
• Test Plan
• Embedding Business Continuity Plan

Module 10

• Law Domain
• Incident Handling
• Legal Systems
• Strategy Options
• Intellectual Property

Module 11

• Fire and Power
• Perimeter Barrier Lock Sensor Guard
• Physical Security Planning
• Conclusion