125 Cyber Security courses in Swanley delivered Live Online

Duration 2 Days 12 CPD hours This course is intended for This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the configuration and day-to-day management of Symantec Endpoint Protection in a variety of network environments. Overview By the completion of this course, you will be able to: Manage Virus and Spyware Protection policies. Manage SONAR scans. Manage Firewall and Intrusion Prevention policies. Manage Application and Device Control policies. Manage System Lockdown. Manage Host Integrity. Manage Virtualized clients. This course is designed for the network, IT security, and systems administration professional tasked with implementing and monitoring virus and spyware protection, zero-day protection, and network threat protection solutions. Introduction Course overview The classroom lab environment Introducing Antivirus, Insight, and SONAR Virus and spyware protection needs and solutions Reputation and Insight Administrator-defined scans Auto-Protect Download Insight SONAR Included Virus and Spyware Protection policies Managing Virus and Spyware Protection Policies for Windows Configuring administrator-defined scans Configuring protection technology settings and scans Configuring e-mail scans Configuring advanced options Managing scanned clients Managing Virus and Spyware Protection Policies for Mac and Linux Configuring Virus and Spyware settings for Mac Configuring Virus and Spyware settings for Linux Configuring advanced options Managing Exception Policies Exceptions and exclusions Configuring the Exceptions policy Introducing Network Threat Protection The OSI model and network threats Network threat tools and attack methods Attack and mitigation Managing Firewall Policies Firewall policy overview Defining rule components Modifying firewall rules Configuring built-in rules Configuring protection and stealth settings Configuring Windows integration settings Managing Intrusion Prevention Policies Configuring network and browser intrusion prevention Managing custom signatures Compliance Management Application and Device Control System Lockdown Host Integrity Virtualization Introducing virtualization features Virtual image exception Network and vShield Shared Insight Cache Virtual client tagging Offline image scanner Windows Azure support Additional course details: Nexus Humans Symantec Endpoint Protection 12.X - Manage And Administer training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Symantec Endpoint Protection 12.X - Manage And Administer course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

The NCSP® Foundation accredited (APMG International), certified (NCSC/GCHQ-UK) and recognized (DHS-CISA-USA) certification course introduces business, technology, auditing, and management professionals to the fundamentals of digital business, its risks, and the NIST Cybersecurity Framework's role in helping organizations manage and mitigate digital risk. This course also introduces candidates to an Affordable, Pragmatic, and Scalable Digital Value Management System (DVMS) Create, Protect, and Deliver (CPD) model designed to enable any size organization to quickly adopt and adapt the frameworks and models (NIST-CSF, NIST Privacy Framework, CMMC, etc.) that may be required to address internal, external (regulatory) and cyber threat landscape changes. The DVMS enables enterprises to become adaptive, cyber-resilient organizations capable of creating, protecting, and delivering trusted digital business value to their stakeholders.

Duration 2 Days 12 CPD hours This course is intended for The audience for this course is anyone who wants to acquire foundation level knowledge on data centre infrastructure. This course is ideally suited for data centre new hires, internal data centre support staff, IT support staff who work in the data centre, helpdesk staff, vendors/suppliers who install/maintain data centre equipment, building maintenance staff including data centre cleaners and other supporting functions, and fresh graduates. This course is also well suited for individuals working in data centre business support functions such as sales/pre-sales, HR, Finance and business administration. Overview The DCFC course will prepare participants for entry into the exciting and high-growth data centre industry. It will ensure that participants acquire the required basic knowledge to take on a wide variety of jobs in the data centre industry. It will also provide the required knowledge and skill to further their training into specialised areas on data centre design/build, operations/governance or standards/compliance. The Data Centre Foundation Certificate (DCFC©) is a 2-day course designed to deliver foundation knowledge about data centre facilities infrastructure. It provides participants with global overview and knowledge on data centres which will be of advantage to the participants who are looking at joining the ranks of professionals working in the data centre, ICT, infrastructure or the mechanical and electrical (M&E) design industries. It will also form a solid foundation for participants who wish to pursue his/her studies either academically or to further his/her industry specialisation with professional certification courses on data centre design/build, operations/governance and/or standards/compliance. With the tremendous growth of data and the data centres to support it, the demand for data centre professionals will grow in tandem. Introduction to Data Centres History of data centres Definition of different type data centres Data Centre Standards List of standards Rating definitions Data Centre Facilities Areas Listing of all areas and their functions Topology Designs Definition of Ratings Components of the Power Infrastructure Utility power Transformers Generators Fuel systems ATS UPS systems Batteries Electric panels Cabling/busbar systems Power rails/strips Lights Lights Emergency lights Cooling Infrastructure Chillers DX Systems Evaporators CRAC/CRAU/HVAC Raised floor Non-raised floor Containment ICT/Network Infrastructure Equipment racks Network cabling (fibre, copper) Cable trays and pathways TIA-606 labelling Data Centre Security Perimeter security Physical protection CCTV Access control Security management Fire Suppression Detection systems Suppression systems Prevention systems Fire extinguishers Fire Safety Monitoring and reporting DCIM EMS/BMS

Duration 3 Days 18 CPD hours This course is intended for Channel and Customer Engineers Network Engineer System Engineer Wireless Engineer Consulting Systems Engineer Technical Solutions Architect Network Admisnistrator Wireless Design Engineer Network Manager Channel SEs Sales Engineer Channel AMs Account Manager Overview Upon completing this course, students will be able to meet these objectives: Understand the overall architecture of the Cisco security solutions and how APIs help enable security Understand how to use Cisco Firepower APIs Understand how pxGrid APIs function and their benefits Understand what capabilities the Cisco Stealthwatch APIs offer and construct API requests to them for configuration changes and auditing purposes Understand the features and benefits of using Cisco Stealthwatch Cloud APIs Learn how to use the Cisco Umbrella Investigate API Understand the Functionality provided by Cisco AMP and its APIs Learn how to use Cisco Threat Grid APIs to analyze, search, and dispose of threats This course demonstrates the tools and the benefits of leveraging programmability and automation in Cisco Security Solutions, including Cisco Firepower Management Center, Cisco Firepower Threat Defense, Cisco ISE, Cisco pxGrid, Cisco Stealthwatch Enterprise, Cisco Stealthwatch Cloud, Cisco Umbrella, Cisco AMP, Cisco Threat grid, and Cisco Security Management Appliances. Students will learn how to use the API for each Cisco security solution and specific applications of when the API benefits IT security content. Introducing Cisco Security APIs Role of APIs in Cisco Security Solutions Cisco Firepower, Cisco ISE, Cisco pxGrid, and Cisco Stealthwatch APIs Use cases and security workflow Consuming Cisco Advanced Malware Protection APIs Cisco AMP overview Cisco AMP endpoint API Cisco AMP use cases and workflows Discovery 1: Query Cisco AMP endpoint APIs for verifying compliance Using Cisco ISE Introducing Cisco Identity services engine Cisco ISE use cases Cisco ISE APIs Using Cisco pxGrid APIs Cisco pxGrid overview WebSockets and STOMP messaging protocol Discovery 2: Use the REST API and Cisco pxGrid with Cisco Identity services engine Using Cisco Threat Grid APIs Cisco threat grid overview Cisco threat grid API Cisco threat grid use cases and workflows Discovery 3: Construct a Python script using the Cisco threat grid API Investigating Cisco Umbrella Security Data Programmatically Cisco Umbrella investigate API overview Cisco Umbrella investigate API: Details Discovery 4: Query security data with the Cisco Umbrella investigate API Exploring Cisco Umbrella Reporting and Enforcement APIs Cisco Umbrella reporting and enforcement APIs: Overview Cisco Umbrella reporting and enforcement APIs: Deep dive Discovery 5: Generate reports using the Cisco Umbrella reporting API Automating Security with Cisco Firepower APIs Review basic constructs of Firewall policy management Design policies for automation Cisco FMC APIs in depth Discovery 6: Explore the Cisco Firepower management center API Cisco FTD automation with ansible Discovery 7: Use ansible to automate Cisco Firepower threat defense configuration Cisco FDM API in depth Discovery 8: Automate Firewall policies using the Cisco Firepower device manager API Operationalizing Cisco Stealthwatch and Its API Capabilities Cisco Stealthwatch overview Cisco Stealthwatch APIs: Details Discovery 9: Automate alarm policies and create reports using the Cisco Stealthwatch APIs Using Cisco Stealthwatch Cloud APIs Cisco Stealthwatch Cloud overview Cisco Stealthwatch Cloud APIs: Deep dive Discovery 10: Construct a report using Cisco stealthwatch Cloud APIs Describing Cisco Security Management Appliance APIs Cisco SMA APIs overview Cisco SMA API Discovery 11: Construct reports using Cisco SMA APIs

Duration 3 Days 18 CPD hours This course is intended for This class is intended for the following job roles: [Cloud] information security analysts, architects, and engineers Information security/cybersecurity specialists Cloud infrastructure architects Additionally, the course is intended for Google and partner field personnel who work with customers in those job roles. The course should also be useful to developers of cloud applications Overview This course teaches participants the following skills: Understanding the Google approach to security Managing administrative identities using Cloud Identity. Implementing least privilege administrative access using Google Cloud Resource Manager, Cloud IAM. Implementing IP traffic controls using VPC firewalls and Cloud Armor Implementing Identity Aware Proxy Analyzing changes to the configuration or metadata of resources with GCP audit logs Scanning for and redact sensitive data with the Data Loss Prevention API Scanning a GCP deployment with Forseti Remediating important types of vulnerabilities, especially in public access to data and VMs This course gives participants broad study of security controls and techniques on Google Cloud Platform. Through lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution. Participants also learn mitigation techniques for attacks at many points in a Google Cloud-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use. Foundations of GCP Security Google Cloud's approach to security The shared security responsibility model Threats mitigated by Google and by GCP Access Transparency Cloud Identity Cloud Identity Syncing with Microsoft Active Directory Choosing between Google authentication and SAML-based SSO GCP best practices Identity and Access Management GCP Resource Manager: projects, folders, and organizations GCP IAM roles, including custom roles GCP IAM policies, including organization policies GCP IAM best practices Configuring Google Virtual Private Cloud for Isolation and Security Configuring VPC firewalls (both ingress and egress rules) Load balancing and SSL policies Private Google API access SSL proxy use Best practices for structuring VPC networks Best security practices for VPNs Security considerations for interconnect and peering options Available security products from partners Monitoring, Logging, Auditing, and Scanning Stackdriver monitoring and logging VPC flow logs Cloud audit logging Deploying and Using Forseti Securing Compute Engine: techniques and best practices Compute Engine service accounts, default and customer-defined IAM roles for VMs API scopes for VMs Managing SSH keys for Linux VMs Managing RDP logins for Windows VMs Organization policy controls: trusted images, public IP address, disabling serial port Encrypting VM images with customer-managed encryption keys and with customer-supplied encryption keys Finding and remediating public access to VMs VM best practices Encrypting VM disks with customer-supplied encryption keys Securing cloud data: techniques and best practices Cloud Storage and IAM permissions Cloud Storage and ACLs Auditing cloud data, including finding and remediating publicly accessible data Signed Cloud Storage URLs Signed policy documents Encrypting Cloud Storage objects with customer-managed encryption keys and with customer-supplied encryption keys Best practices, including deleting archived versions of objects after key rotation BigQuery authorized views BigQuery IAM roles Best practices, including preferring IAM permissions over ACLs Protecting against Distributed Denial of Service Attacks: techniques and best practices How DDoS attacks work Mitigations: GCLB, Cloud CDN, autoscaling, VPC ingress and egress firewalls, Cloud Armor Types of complementary partner products Application Security: techniques and best practices Types of application security vulnerabilities DoS protections in App Engine and Cloud Functions Cloud Security Scanner Threat: Identity and Oauth phishing Identity Aware Proxy Content-related vulnerabilities: techniques and best practices Threat: Ransomware Mitigations: Backups, IAM, Data Loss Prevention API Threats: Data misuse, privacy violations, sensitive/restricted/unacceptable content Mitigations: Classifying content using Cloud ML APIs; scanning and redacting data using Data Loss Prevention API Additional course details: Nexus Humans Security in Google Cloud training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Security in Google Cloud course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Die Zertifizierung EXIN Information Security Foundation based on ISO/IEC 27001 richtet sich an alle in der Datenverarbeitung tätigen Mitarbeiter. Das Modul eignet sich auch für kleine und mittelständische Unternehmer, die ein bestimmtes Grundwissen im Bereich der Informationssicherheit benötigen. Für Fachkräfte, die neu auf dem Gebiet der Informationssicherheit sind, ist dieses Modul ein guter Anfang. Overview Anwendungsbereich Mit einer Zertifizierung EXIN Information Security Foundation based on ISO/IEC 27001 können Professionals ihr Wissen in folgenden Bereichen nachweisen: Information und Sicherheit: der Begriff, der Wert, die Bedeutung und die Informationssicherheit Bedrohungen und Risiken: die Begriffe Bedrohung und Risiko und wie diese mit der Zuverlässigkeit von Informationen in Beziehung stehen Verfahren und Organisation: Sicherheitsrichtlinie und Sicherheitsorganisation einschließlich der Bestandteile der Sicherheitsorganisation sowie der Umgang mit (Sicherheits)vorfällen Maßnahmen: die Bedeutung von Sicherheitsmaßnahmen wie zum Beispiel physischen, technischen und organisatorischen Maßnahmen Gesetze und Vorschriften: die Bedeutung und Auswirkung von Gesetzen und Vorschriften ie EXIN-Module zum Thema Informationssicherheitsmanagement definieren Informationssicherheit wie folgt: Bei dem Informationssicherheitsmanagement geht es um die Definition, Umsetzung, Aufrechterhaltung, Einhaltung und Bewertung von koh„renten Kontrollen (Maánahmen), die die Verfgbarkeit, Integrit„t, und Vertraulichkeit der (manuellen und automatisierten) Informationsverarbeitung sichern. Das Modul EXIN Information Security Foundation based on ISO/IEC 27001 prft die Grundbegriffe der Informationssicherheit und ihre Beziehungen zueinander. Eine der Zielsetzungen des Moduls ist das Bewusstsein fr den Wert von Informationen zu wecken und ein Verst„ndnis fr die Schwachstellen der Informationsverarbeitung zu vermitteln, um zu verstehen, welche Maánahmen zum Schutz von Informationen notwendig sind. Information und Sicherheit Der Begriff Information Der Wert von Informationen Aspekte der Zuverl„ssigkeit Bedrohungen und Risiken Bedrohungen und Risiken Verfahren und Organisation Sicherheitsrichtlinie und Sicherheitsorganisation Bestandteile Incident Management Maánahmen Bedeutung von Maánahmen Physische Maánahmen Technische Maánahmen Organisatorische Maánahmen Gesetzgbeung und Vorschriften Gesetzgebung und Vorschriften

Duration 4.125 Days 24.75 CPD hours This course is intended for The job roles best suited to the material in this course are: Project managers and consultants involved in and concerned with the implementation of an ISMS, expert advisors seeking to master the implementation of an ISMS, individuals responsible for ensuring conformity to information security requirements within an organization Overview Master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS Learn how to interpret the ISO/IEC 27001 requirements in the specific context of an organization Learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks Acquire the expertise to advise an organization in implementing Information Security Management System best practices This training course is designed to prepare you to implement an information security management system (ISMS) based on the requirements of ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement. Introduction to ISO/IEC 27001 and initiation of an ISMS Training course objectives and structure Standards and regulatory frameworks Information Security Management System (ISMS) Fundamental information security concepts and principles Initiation of the ISMS implementation Understanding the organization and its context ISMS scope Planning the implementation of an ISMS Leadership and project approval Organizational structure Analysis of the existing system Information security policy Risk management Statement of Applicability Implementation of an ISMS Documented information management Selection and design of controls Implementation of controls Trends and technologies Communication Competence and awareness Security operations management ISMS monitoring, continual improvement, and preparation for the certification audit Monitoring, measurement, analysis, and evaluation Internal audit h Management review Treatment of nonconformities Continual improvement Preparing for the certification audit Certification process and closing of the training course

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more. Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface References Comparing Cisco WSA Models Comparing Cisco SMA Models Overview of Connect, Install, and Configure Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks Connecting to the Cisco Web Security Virtual Appliance Enabling Layer 4 Traffic Monitor (L4TM) Accessing and Running the System Setup Wizard Reconnecting to the Cisco Web Security Appliance High Availability Overview Hardware Redundancy Introducing Common Address Redundancy Protocol (CARP) Configuring Failover Groups for High Availability Feature Comparison Across Traffic Redirection Options Architecture Scenarios When Deploying Cisco AnyConnect© Secure Mobility Additional course details: Nexus Humans SWSA v3.0-Securing the Web with Cisco Web Security Appliance training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SWSA v3.0-Securing the Web with Cisco Web Security Appliance course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Security professionals. This module is intended for everyone who is involved in the implementation, evaluation and reporting of an information security program, such as an Information Security Manager (ISM), Information Security Officer (ISO) or a Line Manager, Process Manager or Project Manager with security responsibilities. Basic knowledge of Information Security is recommended, for instance through the EXIN Information Security Foundation based on ISO/IEC 27001 certification. Overview The module Information Security Management Professional based on ISO/IEC 27001 (ISMP.EN) tests understanding of the organizational and managerial aspects of information security.The subjects of this module are: Information security perspectives: business, customer, service provider/supplier Risk Management: analysis, controls, remaining risks Information security controls: organizational, technical, physical. Information security is the preservation of confidentiality, integrity and availability of information (ISO/IEC 27000 definition). Information security is gaining importance in the Information Technology (IT) world. Globalization of the economy is leading to an ever-increasing exchange of information between organizations (their staff, customers and suppliers) and an explosion in the use of networked computers and computing devices. The core activities of many companies completely rely on IT. Enterprise resource planning (ERP) management systems, the control systems that govern how a building runs or a manufacturing machine functions, day-to-day communications - everything - runs on computers. The vast majority of information - the most valuable commodity in the world - passes through IT. Information is crucial for the continuity and proper functioning of both individual organizations and the economies they fuel; this information must be protected against access by unauthorized people, protected against accidental or malicious modification or destruction and must be available when it is needed. Companies and individual users of technology are also beginning to understand how important security is and are beginning to make choices based on the security of the technology or service. Information Security Perspectives The candidate understands the business interest of information security The canidate understands the customer perspective on governance The candidate understands the supplierïs responsibilities in security assurance Risk Mangement The candidate understands the principles of risk management The candidate knows how to control risks The candidate knows how to deal with remaining risks Information Security Controls The candidate has knowledge of organizational controls The candidate has knowledge of technical controls The candidate has knowledge of physical, employment-related and continuity controls

Duration 4 Days 24 CPD hours This course is intended for Information Assurance Managers/Auditors System Implementors/administrators IT Administrators Auditors/Auditees Federal Agencies/Contractors Security Vendors and Consulting Groups Overview Upon completion, the IS20 Security Controls candidate will be able to not only competently take the IS20 Controls exam but will also have an understanding of how to implement the top 20 most critical controls in the work place. IS20 controls are the Top Twenty Most Critical Security Controls in Information Technology.ÿ This 4 day training course covers proven tools and methodologies needed to execute and analyze the Top Twenty Most Critical Security Controls. Nearly all organizations that maintain sensitive information are adopting these Security Controls. These controls were chosen by leading government and private organizations who are experts on how attacks work and what can be done to prevent them from happening. The controls were selected as the best way to block known attacks as well as help search for and alleviate any damage from the attacks that are successful. This course allows the security professional to see how to implement controls in an existing network through highly effective and economical automation. For management, this training is the best way to distinguish how you will assess whether these security controls are effectively being administered. Introduction Critical Control 1 Critical Control 2 Critical Control 3 Critical Control 4 Critical Control 5 Critical Control 6 Critical Control 7 Critical Control 8 Critical Control 9 Critical Control 10 Critical Control 11 Critical Control 12 Critical Control 13 Critical Control 14 Critical Control 15 Critical Control 16 Critical Control 17 Critical Control 18 Critical Control 19 Critical Control 20