Overview Objective Understand the requirement of Information Security Concepts and Definitions of Information Security Management Systems Deeply Analysing the policies, Standards and procedures How to deliver a balanced ISMS and following its security procedures Analysing the Information risk management Evaluating the organisational responsibilities Understanding the Information security controls Scrutinising Legal framework Techniques of Cryptographic models
Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.
ITIL® 4 Strategist: Direct, Plan and Improve: In-House Training The ITIL® 4 Strategist: Direct, Plan, and Improve course is based on the ITIL® 4 Strategist Direct, Plan, and Improve candidate syllabus from AXELOS. This course is based on the ITIL® 4 Strategist: Direct, Plan and Improve IT exam specifications from AXELOS. With the help of ITIL® 4 concepts and terminology, exercises, and examples included in the course, candidates acquire the relevant knowledge required to pass the certification exam. This course provides the practical skills necessary to create a 'learning and improving' IT organization, with a strong and effective strategic direction. It was designed to provide practitioners with a practical and strategic method for planning and delivering continual improvement with necessary agility. It covers both practical and strategic elements, making it the universal module that is a key component to both ITIL® 4 Managing Professional and ITIL® 4 Strategic Leader streams. What You Will Learn At the end of this course, participants will be able to: Understand the key concepts of direction, planning, improvement Understand the scope of what is to be directed and/or planned and know how to use key principles and methods of direction and planning in that context Understand the role of GRC and know how to integrate the principles and methods into the service value system Understand and know how to use the key principles and methods of continual improvement for all types of improvements Understand and know how to use the key principles and methods of Communication and Organizational Change Management to direction, planning and improvement Understand and know how to use the key principles and methods of measurement and reporting in direction, planning, and improvement Understand and know how to direct, plan, and improve value streams and practices Course Introduction Let's Get to Know Each Other Course Overview ITIL® 4 Certification Scheme Course Learning Objectives Course Components Course Agenda Exercises Case Study: Axle Car Hire Case Study: HandyPerson on Demand Exam Details Core Concepts of DPI Key Terms Covered in the Module Module Learning Objectives Basics of Direction Basics of Planning Basics of Improvement Other Core Elements DPI through Service Value Chain and Guiding Principles Key Terms Covered in the Module Module Learning Objectives DPI of the SVS DPI of Guiding Principles Role of Direction in Strategy Management Key Terms Covered in the Module Introducing Strategy Management Developing Effective Strategies Implementation of Strategies Key Terms Covered in the Module Module Learning Objectives Managing Risks Making Decisions through Portfolio Management Directing via Governance, Risk, and Compliance (GRC) Introduction to Assessment and Planning Key Terms Covered in the Module Module Learning Objectives Core Concepts of Assessment Conducting Effective Assessments Core Concepts of Planning Assessment and Planning through VSM Key Terms Covered in the Module Module Learning Objectives Introducing VSM Developing Value Stream Maps Knowing More About VSM Measurement, Reporting, and Continual Improvement Key Terms Covered in the Module Module Learning Objectives Measurement and Reporting Alignment of Measurements and Metrics Success Factors and Key Performance Indicators Continual Improvement Measurements and Continual Improvement through Dimensions and SVS Key Terms Covered in the Module Module Learning Objectives Measurements for the Four Dimensions Continual Improvement of the Service Value Chain and Practices OCM Principles and Methods Key Terms Covered in the Module Module Learning Objectives Basics of OCM OCM throughout DPI and Service Value Chain Resistance and Reinforcement Communication Principles and Methods Key Terms Covered in the Module Module Learning Objectives Basics of Effective Communication Communication with Stakeholders SVS Development Using Four Dimensions Key Terms Covered in the Module Module Learning Objectives Organizations and People in the SVS Partners and Suppliers in the SVS Value Streams and Processes in the SVS Information and Technology in the SVS
RESILIA™ Foundation: In-House Training AXELOS RESILIA™: Cyber Resilience Best Practice is designed to help commercial and government organizations around the world prevent, detect, and correct any impact cyber attacks will have on the information required to do business. Adding RESILIA to the existing AXELOS global best practice portfolio, including ITIL® and PRINCE2®, brings a common cyber resilience best practice for security, IT service management, and business. Active cyber resilience is achieved through people, process, and technology. The RESILIA™ Foundation course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions, and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities. What you will Learn At the end of this course, you will be able to: Demonstrate your knowledge of the purpose, benefits, and key terms of cyber resilience Demonstrate your knowledge of the risk management and the key activities needed to address risks and opportunities Demonstrate your knowledge of the purpose of a management system and how best practices and standards can contribute Demonstrate your knowledge of the cyber resilience strategy, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience design, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience transition, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience operation, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience continual improvement, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of the purpose and benefits of segregation of duties and dual controls Course Introduction Course Learning Objectives Course Agenda Activities Course Book Structure RESILIA Certification Introduction to Cyber Resilience What is Cyber Resilience? Defining Cyber Resilience Balancing in Cyber Resilience Characteristics of Cyber Resilience Risk Management Understanding Risk Management: Discussion Defining Risk Management Addressing Risks and Opportunities Managing Cyber Resilience Why and What of Management Systems? Management Systems Common Management Standards and Frameworks Cyber Resilience Strategy What is Strategy? Cyber Resilience Strategy and Activities Security Controls at Cyber Resilience Strategy Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Design Why Cyber Resilience Design? Cyber Resilience Design Activities Security Controls at Cyber Resilience Design Aligning ITSM Processes with Cyber Resilience Processes Cyber Resilience Transition Why Cyber Resilience Transition? Basics of Cyber Resilience Transition Cyber Resilience Transition: Controls Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Operation The Purpose of Cyber Resilience Operation Security Controls in Cyber Resilience Operation Interaction Between IT Processes and Cyber Resilience Interaction Between ITSM Functions and Cyber Resilience Cyber Resilience Continual Improvement Continual or Continuous Improvement Maturity Models Continual Improvement Controls The Seven-Step Improvement Process The ITIL CSI Approach Cyber Resilience Roles & Responsibilities Segregating Duties Dual Controls
Managing Successful Programmes (MSP®) 5th Edition Foundation: In-House Training Managing Successful Programmes (MSP®) is a globally-recognized framework for best practice programme management. MSP certification provides guidance for programme managers, business change managers and the next step for project managers to develop their knowledge and skills to be able to positively respond to the challenges for managing programmes and larger, more strategic or multiple projects. MSP 5th edition emphasizes flexibility, adaptability, and responsiveness by adopting an incremental approach to the programme lifecycle and thus enabling organizational agility. AXELOS offers two levels of MSP Examination: MSP Foundation and MSP Practitioner. The MSP Foundation Examination is intended to assess whether the candidate can demonstrate sufficient recall and understanding of the MSP programme management framework. The MSP Foundation qualification is a prerequisite for the MSP Practitioner Examination, which assesses the ability to apply understanding of the MSP programme management framework in context. The MSP® 5th Edition Foundation course is a training based on the exam specification for MSP Foundation certification and is aligned with the Managing Successful Programmes (5th Edition) guide from AXELOS. What you will Learn At the end of this course, participants will be able to: Understand key concepts relating to programmes and MSP Understand how the MSP principles underpin the MSP framework Understand the MSP themes and how they are applied throughout the programme Understand the MSP processes and how they are carried out throughout the programme Key Concepts of MSP Programmes Three Lenses of MSP Principles Themes and Governance Organization Organization Theme Organization Structure Individual Roles Stakeholder Management Design Design Theme Benefits Risk Identification and Prioritization Target Operating Model Documents and Key Roles Justification Justification Theme Business Case Financial Planning Documents and Key Roles Structure Structure Theme Delivery Planning Dependencies Benefits Realization Plan Resourcing Documents and Key Roles Knowledge Knowledge Theme Knowledge Management Information Management Document and Key Roles Assurance Assurance Theme Assurance at Multiple Levels Assurance Planning Document and Key Roles Decisions Decisions Theme Issue Resolution Risk Response Data Gathering and Reporting Options and Analysis Document and Key Roles MSP Processes Identify the Programmeâ¯â¯â¯ Design the Outcomes Plan Progressive Delivery Deliver the Capabilities Embed the Outcomes Evaluate New Information Close the Programme
Managing Successful Programmes (MSP®) 5th Edition Practitioner: In-House Training Managing Successful Programmes (MSP®) is a globally-recognized framework for best practice programme management. MSP certification provides guidance for programme managers, business change managers, and the next step for project managers to develop their knowledge and skills to be able to positively respond to the challenges of managing programmes and larger, more strategic, or multiple projects. MSP 5th Edition emphasizes flexibility, adaptability, and responsiveness by adopting an incremental approach to the programme lifecycle and thus enabling organizational agility. AXELOS offers two levels of MSP Examination: MSP Foundation and MSP Practitioner. The MSP 5th Edition Foundation Examination is intended to assess whether the candidate can demonstrate sufficient recall and understanding of the MSP programme management framework. MSP 5th Edition Practitioner is for project, programme, and business change managers that want to build on their knowledge of MSP in order to practically apply the MSP framework to real-life scenarios, providing the skills to lead and manage a programme. It is a must-have certification for both project and programme management professionals to deliver organizational value to their employers and boost their careers. What you will Learn At the end of this course, participants will be able to: Understand how to apply the MSP principles in context Understand how to apply and tailor relevant aspects of the MSP themes in context Understand how to apply and tailor relevant aspects of the MSP processes in context Course Introduction Application of MSP Principles Program Strategy and Themes Application of Organization Theme Application of Design Theme Application of Justification Theme Application of Structure Theme Application of Knowledge Theme Application of Assurance Theme Application of Decisions Theme Application of MSP Processes