183 Information Security courses in Redditch delivered Live Online

  This training course is designed to help participants acquire the knowledge and skills needed to support an organization in effectively planning, implementing, managing, monitoring, and maintaining a cloud security program based on ISO/IEC 27017 and ISO/IEC 27018. It provides a comprehensive elaboration of cloud computing concepts and principles, cloud computing security risk management, cloud-specific controls, cloud security incident management, and cloud security testing. About This Course   Learning objectives   Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of a cloud security program  Acknowledge the correlation between ISO/IEC 27017, ISO/IEC 27018, and other standards and regulatory frameworks Gain the ability to interpret the guidelines of ISO/IEC 27017 and ISO/IEC 27018 in the specific context of an organization Develop the necessary knowledge and competence to support an organization in effectively planning, implementing, managing, monitoring, and maintaining a cloud security program Acquire the practical knowledge to advise an organization in managing a cloud security program by following best practices Course Agenda   Day 1: Introduction to ISO/IEC 27017 and ISO/IEC 27018 and the initiation of a cloud security program Day 2: Cloud computing security risk management and cloud-specific controls Day 3: Documented information management and cloud security awareness and training Day 4: Cloud security incident management, testing, monitoring, and continual improvement; the examination Additional Information   Certification fees are included in the exam price. An attendance record worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course. In case candidates fail the exam, they can retake it within 12 months of the initial attempt for free. Accreditation Prerequisites   The main requirement for participating in this training course is having a fundamental understanding of ISO/IEC 27017 and ISO/IEC 27018 and a general knowledge of cloud computing concepts. Who Should Attend?   Cloud security and information security professionals seeking to manage a cloud security program Managers or consultants seeking to master cloud security best practices Individuals responsible for maintaining and managing a cloud security program Technical experts seeking to enhance their cloud security knowledge Cloud security expert advisors What's Included?   Delegates will be provided with; Course Slide deck Participant Guide Exam fees Our Guarantee   We are an Accredited Training Provider of IECB. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam. Assessment   The Certified Lead Cloud Security Manager exam meets the requirements of the National Accreditation Service's Examination and Certification Program (ECP). It covers the following competency domains:   Domain 1: Fundamental principles and concepts of cloud computing Domain 2: Information security policy for cloud computing and documented information management Domain 3: Cloud computing security risk management Domain 4: Cloud-specific controls based on ISO/IEC 27017 and ISO/IEC 27018 and best practices Domain 5: Cloud security awareness, training, roles, and responsibilities Domain 6: Cloud security incident management Domain 7: Cloud security testing, monitoring, and continual improvement   All delegates attending an official training course will be offered the opportunity to sit the associated examination. To pass the examination, a passing score of 70% must be obtained by answering 12 essay type questions covering the scope of the course materials. Successful examination candidates will be issued with a Certificate confirming a passing grade along with the relevant CPD certificate.  Provided by   This course is Accredited by NACS and Administered by the IECB

Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - Architectural Concepts and Design Requirements Cloud Computing Concepts Cloud Reference Architecture Cloud Computing Security Concepts Design Principles of Secure Cloud Computing Trusted Cloud Services 2 - Cloud Data Security CSA (Cloud Security Alliance) Cloud Data Lifecycle Cloud Data Storage Architectures Data Security Strategies Data Discovery and Classification Technologies Protecting Privacy and PII (Personally Identifiable Information) Data Rights Management Data Retention, Deletion, and Archiving Policies Auditability, Traceability, and Accountability of Data Events 3 - Cloud Platform and Infrastructure Security Cloud Infrastructure Components Cloud Infrastructure Risks Designing and Planning Security Controls Disaster Recovery and Business Continuity Management 4 - Cloud Application Security The Need for Security Awareness and Training in application Security Cloud Software Assurance and Validation Verified Secure Software SDLC (Software Development Life Cycle) Process Secure SDLC Specifics of Cloud Application Architecture Secure IAM (Identity and Access Management) Solutions 5 - Operations Planning Process for the Data Center Design Installation and Configuration of Physical Infrastructure for Cloud Environment Running Physical Infrastructure for Cloud Environment Managing Physical Infrastructure for Cloud Environment Installation and Configuration of Logical Infrastructure for Cloud Environment Running Logical Infrastructure for Cloud Environment Managing Logical Infrastructure for Cloud Environment Compliance with Regulations and Controls Risk Assessment for Logical and Physical Infrastructure Collection, Acquisition, and Preservation of Digital Evidence Managing Communication with Stakeholders 6 - Legal and Compliance Legal Requirements and Unique Risks within the Cloud Environment Relevant Privacy and PII Laws and Regulations Audit Process, Methodologies, and Required Adaptions for a Cloud Environment Implications of Cloud to Enterprise Risk Management Outsourcing and Cloud Contract Design Vendor Management

Duration 4.375 Days 26.25 CPD hours This course is intended for CCISOs are certified in the knowledge of and experience in the following CISO Domains:Governance (Policy, Legal & Compliance)IS Management Controls and Auditing Management (Projects, Technology & Operations)Management ? Projects and OperationsInformation Security Core CompetenciesStrategic Planning & Finance Overview Please refer to Overview. The Certified CISO (C|CISO) course has certified leading information security professionals around the world and is the first of its kind training and certification program aimed at producing top-level Information Security Leaders. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by seasoned CISOs for current and aspiring CISOs. Governance Drivers that Influence Governance Corporate Governance Activities Information Security Governance Activities Governance and Ethical Decision Making Security Risk Management, Controls, and Audit Management Risk Management Audit Management Risk Treatment Risk Management Frameworks Risk Communication and Organizational Reporting Security Program Management and Operations Information Security Portfolio Management Information Security Program Management Information Security Project Management Security Operations Information Security Core Competencies Access Control Physical Security Network and Communications Security Threat and Vulnerability Management System and Application Security Encryption Concepts and Technology Strategic Planning, Financial Management, and Vendor Management Strategic Planning Financial Management Vendor Risk Management Additional course details: Nexus Humans EC-Council Certified CISO (C|CISO) w/exam training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified CISO (C|CISO) w/exam course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.

Duration 5 Days 30 CPD hours This course is intended for The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security. Overview Upon successful completion of this course, students will be able to: - implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices. - evaluate an organizations structure, policies, accountability, mechanisms, and monitoring practices. - evaluate information systems acquisition, development, and implementation. - evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained. - define the protection policies used to promote the confidentiality, integrity, and availability of information assets. In this course, students will evaluate organizational policies, procedures, and processes to ensure that an organizations information systems align with its overall business goals and objectives. 1 - The Process of Auditing Information Systems ISACA Information Systems Auditing Standards and Guidelines Fundamental Business Processes Develop and Implement an Information Systems Audit Strategy Plan an Audit Conduct an Audit The Evidence Life Cycle Communicate Issues, Risks, and Audit Results Support the Implementation of Risk Management and Control Practices 2 - IT Governance and Management Evaluate the Effectiveness of IT Governance Evaluate the IT Organizational Structure and HR Management Evaluate the IT Strategy and Direction Evaluate IT Policies, Standards, and Procedures Evaluate the Effectiveness of Quality Management Systems Evaluate IT Management and Monitoring of Controls IT Resource Investment, Use, and Allocation Practices Evaluate IT Contracting Strategies and Policies Evaluate Risk Management Practices Performance Monitoring and Assurance Practices Evaluate the Organizations Business Continuity Plan 3 - Information Systems Acquisition, Development, and Implementation Evaluate the Business Case for Change Evaluate Project Management Frameworks and Governance Practices Development Life Cycle Management Perform Periodic Project Reviews Evaluate Control Mechanisms for Systems Evaluate Development and Testing Processes Evaluate Implementation Readiness Evaluate a System Migration Perform a Post-Implementation System Review 4 - Information Systems Operations, Maintenance, and Support Perform Periodic System Reviews Evaluate Service Level Management Practices Evaluate Third-Party Management Practices Evaluate Operations and End User Management Practices Evaluate the Maintenance Process Evaluate Data Administration Practices Evaluate the Use of Capacity and Performance Monitoring Methods Evaluate Change, Configuration, and Release Management Practices Evaluate Problem and Incident Management Practices Evaluate the Adequacy of Backup and Restore Provisions 5 - Protection of Information Assets Information Security Design Encryption Basics Evaluate the Functionality of the IT Infrastructure Evaluate Network Infrastructure Security Evaluate the Design, Implementation, and Monitoring of Logical Access Controls Risks and Controls of Virtualization Evaluate the Design, Implementation, and Monitoring of Data Classification Process Evaluate the Design, Implementation, and Monitoring of Physical Access Controls Evaluate the Design, Implementation, and Monitoring of Environmental Controls

Enhance cloud security expertise with specialized training, bridge skill gaps for job growth, and excel in cloud controls and best practices. This course is delivered online by Sean Hanna, three time EC-Council global trainer of the year award winner.

Duration 5 Days 30 CPD hours This course is intended for ECSS is designed for anyone who wants to enhance their skills and make a career in information security, network security, and computer forensics fields. It can be IT Specialists, Network Administrators, or System Administrators. Overview Upon successful completion of this course, students will learn: Key issues plaguing the information security, network security, and computer forensics. Fundamentals of networks and various components of the OSI and TCP/IP model. Various network security protocols. Various types of information security threats and attacks, and their countermeasures. Social engineering techniques, identify theft, and social engineering countermeasures. Different stages of the hacking cycle Identification, authentication, and authorization concepts Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. Fundamentals of firewall, techniques for bypassing firewall, and firewall technologies such as Bastion Host, DMZ, Proxy Servers, Network Address Translation, Virtual Private Network, and Honeypot. Fundamentals of IDS and IDS evasion techniques. Data backup techniques and VPN security. Wireless Encryption, wireless threats, wireless hacking tools, and Wi-Fi security. Different types of web server and web application attacks, and countermeasures. Fundamentals of ethical hacking and pen testing. Incident handling and response process. Cyber-crime and computer forensics investigation methodology. Different types of digital evidence and digital evidence examination process. Different type of file systems and their comparison (based on limit and features). Gathering volatile and non-volatile information from Windows and network forensics analysis mechanism. Steganography and its techniques. Different types of log capturing, time synchronization, and log capturing tools. E-mails tracking and e-mail crimes investigation. Writing investigation report. This is an entry-level security program covering the fundamental concepts and giving a holistic overview of the key components of information security, computer forensics, and network security. Course Outline Information Security Fundamentals Networking Fundamentals Secure Network Protocols Information Security Threats and Attacks Social Engineering Hacking Cycle Identification, Authentication, and Authorization Cryptography Firewalls Intrusion Detection System Data Backup Virtual Private Network Wireless Network Security Web Security Ethical Hacking and Pen Testing Incident Response Computer Forensics Fundamentals Digital Evidence Understanding File Systems Windows Forensics Network Forensics and Investigating Network Traffic Steganography Analyzing Logs E-mail Crime and Computer Forensics Writing Investigative Report Additional course details: Nexus Humans EC-Council Certified Security Specialist (ECSS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Security Specialist (ECSS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

  The GDPR Foundation training enables delegates to understand how to define and implement a privacy compliance framework aligned to best practice. During this training course, you will be able to understand the fundamental privacy principles and become familiar with the role of the Data Protection team and the DPO. About This Course   At Foundational level, candidates prove they have understood the fundamental methodologies, requirements, best practice and management approach of a Privacy Compliance Framework. Learning principles;   Understand the General Data Protection Regulation requirements and the fundamental principles of privacy Understand the obligations, roles and responsibilities of the Data Protection Officer Understand the concepts, approaches, methods and techniques to effectively participate in the implementation process of a compliance framework with regard to the protection of personal data.   Educational approach; Lecture sessions are illustrated with practical questions and examples Practical exercises include examples and discussions Practice tests are similar to the Certification Exam   Course Agenda Day 1: Introduction to GDPR and Data Protection Principles Day 2: The General Data Protection Regulation requirements and Certification Exam Prerequisites   There are no prerequisites for this course. What's Included?   Refreshments & Lunch (Classroom courses only Course Slide Deck CPD Certificate   Who Should Attend?   Individuals involved in the processing of Personal Data and Information Security Individuals seeking to gain knowledge about the main privacy principles Individuals interested to pursue a career in Data Protection Provided by   This course is Accredited by NACS and Administered by the IECB Assessment   Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 40 question, multiple choice exam on Day 2 of the course. The overall passing score is 70%, to be achieved within the 60 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success.

  The GDPR came into effect in May 2018. This legislation is designed to guide organisations in their obligations relative to the processing of personal and sensitive data. About This Course   Organisations are required to comply with the GDPR regardless of their size of business. If you process 'personal data', there is a potential need to be compliant with the legislation. The scope of the GDPR considers how this information is collected, stored, used, transported, shared and disposed of. To ensure organisations' understand this obligation, this interactive one-day course considers both scoping and auditing of an organisations processing activities, as well as an understanding of compliance with GDPR.  Learning Outcomes; GDPR - what is it and how does it apply to us? Personal and sensitive data Lawful basis for processing Consent and the GDPR The Data Protection Act 2018 Data Subject rights The role of the ICO Data breach or Incident? Privacy by Design and by default GDPR Audit checklist Prerequisites   There are no prerequisites to attend this course, however all attendees are expected to have a basic understanding of the Data Protection principles. What's Included?   Refreshments & Lunch (Classroom courses only) Course Slide Deck Quizzes Who Should Attend?   The course is designed for any member of the organisation whose role includes processing personal data. Data Protection Officers, Information Security team members or Information Governance Leads who may also see benefit in attending. Accreditation Assessment    There is no exam with this course but delegates do receive a Course Attendance Certificate and an 8 hour CPD Certificate. Provided by   This course is Accredited by NACS and administered by the IECB

  ISO/IEC 27032: 2023 Lead Cybersecurity Manager training enables you to acquire the expertise and competence needed to support an organization in implementing and managing a Cybersecurity program based on ISO 27032: 2023 and the NIST Cybersecurity framework. About This Course   During this training course, you will gain a comprehensive knowledge of Cybersecurity, the relationship between Cybersecurity and other types of IT security, and stakeholders' role in Cybersecurity.    After mastering all the necessary concepts of Cybersecurity, you can sit for the exam and gain "Certified ISO/IEC 27032 Lead Cybersecurity Manager' Certification. By holding this certification, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Cybersecurity.   Learning objectives   Acquire comprehensive knowledge on the elements and operations of a Cybersecurity Program in conformance with ISO/IEC 27032 and NIST Cybersecurity framework Acknowledge the correlation between ISO 27032, NIST Cybersecurity framework and other standards and operating frameworks Master the concepts, approaches, standards, methods and techniques used to effectively set up, implement, and manage a Cybersecurity program within an organization Learn how to interpret the guidelines of ISO/IEC 27032 in the specific context of an organization Master the necessary expertise to plan, implement, manage, control and maintain a Cybersecurity Program as specified in ISO/IEC 27032 and NIST Cybersecurity framework Acquire the necessary expertise to advise an organization on the best practices for managing Cybersecurity   Educational approach   This training is based on both theory and best practices used in the implementation and management of a Cybersecurity Program Lecture sessions are illustrated with examples based on case studies Practical exercises are based on a case study which includes role playing and discussions Practical tests are similar to the Certification Exam Prerequisites   A fundamental understanding of ISO/IEC 27032: 2023 and comprehensive knowledge of Cybersecurity. What's Included?   Refreshments & Lunch (Classroom courses only) Course Slide Deck Official Study Guides CPD Certificate The Exam Who Should Attend?   Cybersecurity professionals Information Security experts Professionals seeking to manage a Cybersecurity program Individuals responsible to develop a Cybersecurity program IT specialists Information Technology expert advisors IT professionals looking to enhance their technical skills and knowledge Accreditation Assessment     Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 12 question, essay type exam on Day 4 of the course. The overall passing score is 70%, to be achieved within the 150 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success. Provided by   This course is Accredited by NACS and Administered by the IECB