154 Certified Cyber Professional (CCP) courses

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary

Duration 5 Days 30 CPD hours This course is intended for This course is targeted toward an IT Professional that has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. Students should have a minimum of 10 years experience including at least 5 years of hands-on technical security experience. Overview Upon successful completion of this course, students will be able to: Identify enterprise security fundamentals. Apply enterprise security technology solutions. Implement security design and solutions. Manage risk, policies and procedures within an enterprise. Integrate security solutions within an enterprise. Conduct security research and analysis. In this course, students will examine advanced security concepts, principles, and implementations that pertain to enterprise level security. Prerequisites CompTIA Cybersecurity Analyst (CySA+) Certification 1 - Enterprise Security Architecture The Basics of Enterprise Security The Enterprise Structure Enterprise Security Requirements 2 - Enterprise Security Technology Common Network Security Components and Technologies Communications and Collaboration Security Cryptographic Tools and Techniques Advanced Authentication 3 - Enterprise Resource Technology Enterprise Storage Security Issues Distributed, Shared, and Virtualized Computing Cloud Computing and Security 4 - Security Design and Solutions Network Security Design Conduct a Security Assessment Host Security 5 - Application Security Design Application Security Basics Web Application Security 6 - Managing Risk, Security Policies, and Security Procedures Analyze Security Risk Implement Risk Mitigation Strategies and Controls Implement Enterprise-Level Security Policies and Procedures Prepare for Incident Response and Recovery 7 - Enterprise Security Integration The Technology Life Cycle Inter-Organizational Change Integrate Enterprise Disciplines to Achieve Secure Solutions 8 - Security Research and Analysis Perform an Industry Trends and Impact Analysis Perform an Enterprise Security Analysis

The NCSP® 800-53 Practitioner accredited (APMG International), certified (NCSC/GCHQ-UK), and recognized (DHS-CISA-USA) certification course teaches Digital Business, Operational Stakeholders, Auditors, and Risk Practitioners a Fast-Track approach to adopting and adapting the NIST Cybersecurity Framework and its 800-53 controls across an enterprise and its supply chain.The course also teaches candidates how to build a Digital Value Management System (DVMS) CPD overlay model capable of enabling the quick adoption and adaption of new frameworks and models (NIST-CSF, NIST Privacy Framework, CMMC, etc.) that may be required to address internal, external (regulatory), and cyber threat landscape changes. Finally, the course teaches candidates how to ensure the organization's DVMS is designed for use within the organization and auditable by government regulators looking to verify regulatory outcomes. The NCSP Practitioner 800-53 course is designed for both the Implementer and Auditor topics and participants select the exam they want to take (or an additional exam can be ordered to be certified as both an implementer and auditor).

Duration 5 Days 30 CPD hours This course is intended for This course is designed for people who are seeking to launch a career in cybersecurity. Overview Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; Monitor and secure hybrid environments, including cloud, mobile, and IoT; Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; Identify, analyze, and respond to security events and incidents. CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and is the first security certification a candidate should earn. CompTIA Security+ establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Lesson 1: Summarize Fundamental Security Concepts Security Concepts Security Controls Lesson 2: Compare Threat Types Threat Actors Attack Surfaces Social Engineering Lesson 3: Explain Cryptographic Solutions Cryptographic Algorithms Public Key Infrastructure Cryptographic Solutions Lesson 4: Implement Identity and Access Management Authentication Authorization Identity Management Lesson 5: Secure Enterprise Network Architecture Enterprise Network Architecture Network Security Appliances Secure Communications Lesson 6: Secure Cloud Network Architecture Cloud Infrastructure Embedded Systems and Zero Trust Architecture Lesson 7: Explain Resiliency and Site Security Concepts Asset Management Redundancy Strategies Physical Security Lesson 8: Explain Vulnerability Management Device and OS Vulnerabilities Application and Cloud Vulnerabilities Vulnerability Identification Methods Vulnerability Analysis and Remediation Lesson 9: Evaluate Network Security Capabilities Network Security Baselines Network Security Capability Enhancement Lesson 10: Assess Endpoint Security Capabilities Implement Endpoint Security Mobile Device Hardening Lesson 11: Enhance Application Security Capabilities Application Protocol Security Baselines Cloud and Web Application Security Concepts Lesson 12: Explain Incident Response and Monitoring Concepts Incident Response Digital Forensics Data Sources Alerting and Monitoring Tools Lesson 13: Analyze Indicators of Malicious Activity Malware Attack Indicators Physical and Network Attack Indicators Application Attack Indicators Lesson 14: Summarize Security Governance Concepts Policies, Standards, and Procedures Change Management Automation and Orchestration Lesson 15: Explain Risk Management Processes Risk Management Processes and Concepts Vendor Management Concepts Audits and Assessments Lesson 16: Summarize Data Protection and Compliance Concepts Data Classification and Compliance Personnel Policies Additional course details: Nexus Humans CompTIA Security Plus Certification (Exam SY0-601) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Security Plus Certification (Exam SY0-601) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

The NCSP® ISO 27001 Specialist accredited (APMG International), certified (NCSC/GCHQ-UK), and recognized (DHS-CISA-USA) certification course teaches Digital Business, Operational Stakeholders, Auditors, and Risk Practitioners a Fast-Track approach to adopting and adapting the ISO 27001 controls in the context of a NIST Cybersecurity Framework program.This course looks at the impact of adapting a principled approach to an enterprise risk management framework to better support cybersecurity decisions within the context of the selected informative reference. It guides participants on the best approach to adapt, implement, and operate (AIO) a comprehensive cybersecurity program that integrates into existing organizational capabilities and incorporates the selected Informative Reference. NCSP® ISO 27001 Specialist introduces the integration of typical enterprise capabilities with cybersecurity from the perspective of the selected cybersecurity informative reference. The overall approach places these activities into systems thinking context by introducing the Service Value Management System composed of three aspects, governance, assurance, and the Z-X Model. With this in place, the course presents the approach to adapt, implement, operate, and improve the organizational cybersecurity posture that builds on the application of the FastTrack™ presented in the NCSP Practitioner. The NIST Cybersecurity Professional (NCSP®) program is the industry's first accredited certification training program that teaches organizations how to build a Digital Value Management Overlay System capable of leveraging the NIST Cybersecurity Framework to deliver the secure, digital business outcomes expected by executives, government regulators, and legal advisors.

The NCSP® 800-171 Specialist accredited (APMG International), certified (NCSC/GCHQ-UK), and recognized (DHS-CISA-USA) certification course teaches Digital Business, Operational Stakeholders, Auditors, and Risk Practitioners a Fast-Track approach to adopting and adapting the 800-171 controls in the context of a NIST Cybersecurity Framework program. This course looks at the impact of adapting a principled approach to the enterprise risk management (ERM) framework to better support cybersecurity decisions, establishing the context for the selected informative reference (IR). It guides participants on the best approach to adapting, implementing, and operating (AIO) a comprehensive cybersecurity program that can be integrated into the existing organizational capabilities and incorporates the selected IR. NCSP® 800-171 Specialist introduces the integration of typical enterprise capabilities with cybersecurity from the selected cybersecurity IR perspective. The overall approach places these activities into a systems-thinking context by introducing the service value management system (SVMS), including governance, assurance, and the Z-X model. With this in place, the course presents the approach to adapt, implement, operate, and improve the organizational cybersecurity posture that builds on the application of the FastTrack™ concept presented in the NCSP Practitioner course. The NIST Cybersecurity Professional (NCSP®) program is the industry's first accredited certification training program that teaches organizations how to build a Digital Value Management Overlay System capable of leveraging the NIST Cybersecurity Framework to deliver the secure, digital business outcomes expected by executives, government regulators, and legal advisors.

Duration 3 Days 18 CPD hours This course is intended for The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification. Overview Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. Identify and manage information security risks to achieve business objectives. Create a program to implement the information security strategy. Implement an information security program. Oversee and direct information security activities to execute the information security program. Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents. In this course, students will establish processes to ensure that information security measures align with established business needs. Prerequisites Information security governance Information risk management Information security program development Information security program management Incident management and response 1 - Information Security Governance Develop an Information Security Strategy Align Information Security Strategy with Corporate Governance Identify Legal and Regulatory Requirements Justify Investment in Information Security Identify Drivers Affecting the Organization Obtain Senior Management Commitment to Information Security Define Roles and Responsibilities for Information Security Establish Reporting and Communication Channels 2 - Information Risk Management Implement an Information Risk Assessment Process Determine Information Asset Classification and Ownership Conduct Ongoing Threat and Vulnerability Evaluations Conduct Periodic BIAs Identify and Evaluate Risk Mitigation Strategies Integrate Risk Management into Business Life Cycle Processes Report Changes in Information Risk 3 - Information Security Program Development Develop Plans to Implement an Information Security Strategy Security Technologies and Controls Specify Information Security Program Activities Coordinate Information Security Programs with Business Assurance Functions Identify Resources Needed for Information Security Program Implementation Develop Information Security Architectures Develop Information Security Policies Develop Information Security Awareness, Training, and Education Programs Develop Supporting Documentation for Information Security Policies 4 - Information Security Program Implementation Integrate Information Security Requirements into Organizational Processes Integrate Information Security Controls into Contracts Create Information Security Program Evaluation Metrics 5 - Information Security Program Management Manage Information Security Program Resources Enforce Policy and Standards Compliance Enforce Contractual Information Security Controls Enforce Information Security During Systems Development Maintain Information Security Within an Organization Provide Information Security Advice and Guidance Provide Information Security Awareness and Training Analyze the Effectiveness of Information Security Controls Resolve Noncompliance Issues 6 - Incident Management and Response Develop an Information Security Incident Response Plan Establish an Escalation Process Develop a Communication Process Integrate an IRP Develop IRTs Test an IRP Manage Responses to Information Security Incidents Perform an Information Security Incident Investigation Conduct Post-Incident Reviews

RESILIA™ Foundation AXELOS RESILIA™: Cyber Resilience Best Practice is designed to help commercial and government organizations around the world prevent, detect, and correct any impact cyber attacks will have on the information required to do business. Adding RESILIA to the existing AXELOS global best practice portfolio, including ITIL® and PRINCE2®, brings a common cyber resilience best practice for security, IT service management, and business. Active cyber resilience is achieved through people, process, and technology. The RESILIA™ Foundation course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions, and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities. What you will Learn At the end of this course, you will be able to: Demonstrate your knowledge of the purpose, benefits, and key terms of cyber resilience Demonstrate your knowledge of the risk management and the key activities needed to address risks and opportunities Demonstrate your knowledge of the purpose of a management system and how best practices and standards can contribute Demonstrate your knowledge of the cyber resilience strategy, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience design, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience transition, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience operation, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience continual improvement, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of the purpose and benefits of segregation of duties and dual controls Course Introduction Course Learning Objectives Course Agenda Activities Course Book Structure RESILIA Certification Introduction to Cyber Resilience What is Cyber Resilience? Defining Cyber Resilience Balancing in Cyber Resilience Characteristics of Cyber Resilience Risk Management Understanding Risk Management: Discussion Defining Risk Management Addressing Risks and Opportunities Managing Cyber Resilience Why and What of Management Systems? Management Systems Common Management Standards and Frameworks Cyber Resilience Strategy What is Strategy? Cyber Resilience Strategy and Activities Security Controls at Cyber Resilience Strategy Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Design Why Cyber Resilience Design? Cyber Resilience Design Activities Security Controls at Cyber Resilience Design Aligning ITSM Processes with Cyber Resilience Processes Cyber Resilience Transition Why Cyber Resilience Transition? Basics of Cyber Resilience Transition Cyber Resilience Transition: Controls Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Operation The Purpose of Cyber Resilience Operation Security Controls in Cyber Resilience Operation Interaction Between IT Processes and Cyber Resilience Interaction Between ITSM Functions and Cyber Resilience Cyber Resilience Continual Improvement Continual or Continuous Improvement Maturity Models Continual Improvement Controls The Seven-Step Improvement Process The ITIL CSI Approach Cyber Resilience Roles & Responsibilities Segregating Duties Dual Controls

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is anyone who works in and around IT, facilities or data centre operations and needs to understand and improve the daily operations including important processes such as lock-out/tag-out, the right process for installing/de-installing equipment, safety procedures, capacity management and much more. Overview The old believe that a fully redundant data centre facility will save the day is no longer true as many research outcomes have revealed that the majority of downtime is caused by the human factor. Policies, processes, procedures and work instructions should be carefully developed, ideally following relevant standards, to ensure an effcient and effective data centre operations which are also compliant to the required regulations. The CDFOS© (Certified Data Centre Facilities Operations Specialist) course is a three-day course which will enable participants to fully understand the requirements of running the day-to-day operations of a mission critical data centre. Participants will gain all the required competences for running the daily operations, understand which processes should be in place, and the critical elements of those processes and how to execute them. The course is fully aligned with the DCOS© (Data Centre Operations Standard). Data centre facilities operations management have proven to be the key differentiator between a data centre that is performing well or badly. Service Level Management Service Level Management Needs analysis Capability assessment Service portfolio and catalogue Service Level Agreements Reporting - Complaint procedure Customer satisfaction Service Improvement Process (SIP) Safety and Crisis Management Most common type of accidents and why they often happen The roles and responsibilities of appointed safety staff The importance of the OH&S or WHS manual Calibration of measurement and test equipment Proper lock-out/tag-out procedures Emergency response plan requirement for various potential emergencies The importance of Permit To Work Physical Security Standard Operating Procedures (SOP) for security Security risk assessment Security zones Physical inspections / security patrols Delivery of goods / holding area Entry control of individuals Badges and key management Security monitoring Security incident reporting Facilities Maintenance The importance of maintenance Maintenance definitions Maintenance operations procedures (MOP) Service reports Spare management Tools Housekeeping Data Centre Operations Shift handover Walk around duties Service management Release management Configuration management Floor management Equipment life cycle management Monitoring/Reporting/Control Monitoring requirements Facilities monitoring matrix Sensor / alarm point testing and calibration Notification matrix Escalation requirements Reporting Project Management Project management Project organization Project manager Initiation Planning Execution Monitor and control Closing Evaluation / lessons learnt Environmental Sustainability The importance of sustainability Environmental standards Power efficiency indicators Energy saving best practises Water management Sustainable energy usage Governance and Compliance The importance of document management The siz sub-processes of document management Asset management Requirements or asset recording Exam: Certified Data Centre Facilities Operations Specialist (CDFOS©) Certification exams are administered at the end of the course. The exam is a 90-minute closed book exam, with 60 multiple-choice questions. The candidate requires a minimum of 42 correct answers to pass the exam. Online exam results are known immediately and paper-based exam results will be known within one week. Additional course details: Nexus Humans Certified Data Centre Facilities Operations Specialist (CDFOS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Data Centre Facilities Operations Specialist (CDFOS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

The NCSP® Foundation accredited (APMG International), certified (NCSC/GCHQ-UK) and recognized (DHS-CISA-USA) certification course introduces business, technology, auditing, and management professionals to the fundamentals of digital business, its risks, and the NIST Cybersecurity Framework's role in helping organizations manage and mitigate digital risk. This course also introduces candidates to an Affordable, Pragmatic, and Scalable Digital Value Management System (DVMS) Create, Protect, and Deliver (CPD) model designed to enable any size organization to quickly adopt and adapt the frameworks and models (NIST-CSF, NIST Privacy Framework, CMMC, etc.) that may be required to address internal, external (regulatory) and cyber threat landscape changes. The DVMS enables enterprises to become adaptive, cyber-resilient organizations capable of creating, protecting, and delivering trusted digital business value to their stakeholders.