812 Security Management courses delivered Online

Duration 5 Days 30 CPD hours This course is intended for Security administrators Security consultants Network administrators System engineers Technical support personnel Cisco integrators and partners Overview After taking this course, you should be able to: Describe key concepts of NGIPS and NGFW technology and the Cisco Firepower Threat Defense system, and identify deployment scenarios Perform initial Cisco Firepower Threat Defense device configuration and setup tasks Describe how to manage traffic and implement Quality of Service (QoS) using Cisco Firepower Threat Defense Describe how to implement NAT by using Cisco Firepower Threat Defense Perform an initial network discovery, using Cisco Firepower to identify hosts, applications, and services Describe the behavior, usage, and implementation procedure for access control policies Describe the concepts and procedures for implementing security intelligence features This course gives you knowledge and skills to use and configure Cisco© Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and Secure Sockets Layer (SSL) decryption before moving on to detailed analysis, system administration, and troubleshooting. Cisco Firepower Threat Defense Overview Examining Firewall and IPS Technology Firepower Threat Defense Features and Components Examining Firepower Platforms Examining Firepower Threat Defense Licensing Cisco Firepower Implementation Use Cases Cisco Firepower NGFW Device Configuration Firepower Threat Defense Device Registration FXOS and Firepower Device Manager Initial Device Setup Managing NGFW Devices Examining Firepower Management Center Policies Examining Objects Examining System Configuration and Health Monitoring Device Management Examining Firepower High Availability Configuring High Availability Cisco ASA to Firepower Migration Migrating from Cisco ASA to Firepower Threat Defense Cisco Firepower NGFW Traffic Control Firepower Threat Defense Packet Processing Implementing QoS Bypassing Traffic Cisco Firepower NGFW Address Translation NAT Basics Implementing NAT NAT Rule Examples Implementing NAT Cisco Firepower Discovery Examining Network Discovery Configuring Network Discovery Implementing Access Control Policies Examining Access Control Policies Examining Access Control Policy Rules and Default Action Implementing Further Inspection Examining Connection Events Access Control Policy Advanced Settings Access Control Policy Considerations Implementing an Access Control Policy Security Intelligence Examining Security Intelligence Examining Security Intelligence Objects Security Intelligence Deployment and Logging Implementing Security Intelligence File Control and Advanced Malware Protection Examining Malware and File Policy Examining Advanced Malware Protection Next-Generation Intrusion Prevention Systems Examining Intrusion Prevention and Snort Rules Examining Variables and Variable Sets Examining Intrusion Policies Site-to-Site VPN Examining IPsec Site-to-Site VPN Configuration Site-to-Site VPN Troubleshooting Implementing Site-to-Site VPN Remote-Access VPN Examining Remote-Access VPN Examining Public-Key Cryptography and Certificates Examining Certificate Enrollment Remote-Access VPN Configuration Implementing Remote-Access VPN SSL Decryption Examining SSL Decryption Configuring SSL Policies SSL Decryption Best Practices and Monitoring Detailed Analysis Techniques Examining Event Analysis Examining Event Types Examining Contextual Data Examining Analysis Tools Threat Analysis System Administration Managing Updates Examining User Account Management Features Configuring User Accounts System Administration Cisco Firepower Troubleshooting Examining Common Misconfigurations Examining Troubleshooting Commands Firepower Troubleshooting

Duration 4 Days 24 CPD hours This course is intended for This course is for technical professionals who need to know how to deploy open source intrusion detection systems (IDS) and intrusion prevention systems (IPS), and how to write Snort rules. Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview After taking this course, you should be able to: Describe Snort technology and identify resources available for maintaining a Snort deployment Install Snort on a Linux-based operating system Describe the Snort operation modes and their command-line options Describe the Snort intrusion detection output options Download and deploy a new rule set to Snort Describe and configure the snort.conf file Configure Snort for inline operation and configure the inline-only features Describe the Snort basic rule syntax and usage Describe how traffic is processed by the Snort engine Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor Snort performance and how to tune rules The Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 course shows you how to deploy a network intrusion detection system based on Snort. You?ll learn how to install, configure, operate, and manage a Snort system, rules writing with an overview of basic options, advanced rules writing, how to configure Pulled Pork, and how to use OpenAppID to provide protection of your network from malware. You will learn techniques of tuning and performance monitoring, traffic flow through Snort rules, and more Course outline Introduction to Snort Technology Snort Installation Snort Operation Snort Intrusion Detection Output Rule Management Snort Configuration Inline Operation and Configuration Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort Additional course details: Nexus Humans Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA's Security Technical Implementation Guides (STIGs) The motivations behind STIGs Requirements that the various software development roles must meet Implementing STIG requirements and guidelines Why Hunt Bugs? The Language of CyberSecurity The Changing Cybersecurity Landscape AppSec Dissection of SolarWinds The Human Perimeter Interpreting the 2021 Verizon Data Breach Investigation Report First Axiom in Web Application Security Analysis First Axiom in Addressing ALL Security Concerns Lab: Case Study in Failure Safe and Appropriate Bug Hunting/Hacking Working Ethically Respecting Privacy Bug/Defect Notification Bug Bounty Programs Bug Hunting Mistakes to Avoid Principles of Information Security Secuity Is a Lifecycle Issue Minimize Attack Surface Area Layers of Defense: Tenacious D Compartmentalize Consider All Application States Do NOT Trust the Untrusted Identification and Authentication Failures Applicable STIGs Quality and Protection of Authentication Data Proper hashing of passwords Handling Passwords on Server Side Session Management HttpOnly and Security Headers Lab: STIG Walk-Throughs Injection Applicable STIGs Injection Flaws SQL Injection Attacks Evolve Drill Down on Stored Procedures Other Forms of Server-Side Injection Minimizing Injection Flaws Client-side Injection: XSS Persistent, Reflective, and DOM-Based XSS Best Practices for Untrusted Data Lab: STIG Walk-Throughs Applications: What Next? Common Vulnerabilities and Exposures CWE/SANS Top 25 Most Dangerous SW Errors Strength Training: Project Teams/Developers Strength Training: IT Organizations Cryptographic Failures Applicable STIGs Identifying Protection Needs Evolving Privacy Considerations Options for Protecting Data Transport/Message Level Security Weak Cryptographic Processing Keys and Key Management Threats of Quantum Computing Steal Now, Crack Later Threat Lab: STIG Walk-Throughs Application Security and Development Checklists Checklist Overview, Conventions, and Best Practices Leveraging Common AppSec Practices and Control Actionable Application Security Additional Tools for the Toolbox Strength Training: Project Teams/Developers Strength Training: IT Organizations Lab: Recent Incidents SDL Overview Attack Phases: Offensive Actions and Defensive Controls Secure Software Development Processes Shifting Left Actionable Items Moving Forward Lab: Design Study Review Asset Analysis Asset Analysis Process Types of Application-Related Assets Adding Risk Escalators Discovery and Recon Design Review Asset Inventory and Design Assets, Dataflows, and Trust Boundaries Risk Escalators in Designs Risk Mitigation Options

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is as follows: IT Staff and Managers Network and systems personnel and engineers Small to mid-sized organizations that require fundamental knowledge on networking terms/concepts and configuration guidance for Meraki equipment. This also includes organizations looking to implement remote sites, provide a guest wireless solution, and collect user analytics. Overview Following completion of this course, students will understand, Install, Configure, monitor, and Troubleshoot the following: Navigate and Configure the dashboard Add MX/MR/MS/MV devices to the Dashboard Understand and Configure Configuration Templates Understand and Configure Group Policies Manage/Configure/Integrate Users and Radius Policies Configure, Monitor, and Troubleshoot MX Firewalls Troubleshoot devices and Connectivity This 3-day Cisco course provide students with the skills to configure, optimize, and troubleshoot a Cisco Meraki solution. Students will learn how to install and optimize Meraki MX Firewalls. Students will also learn how to configure the Meraki Dashboard Students will troubleshoot and configure the Meraki environment and learn how to diagnose and resolve user and Network issues that may arise. Introduction to Meraki The Meraki Mission Cisco Meraki: Bringing the Cloud to Enterprise Networks Cloud-Managed Networking Architecture Benefits of a Cloud-Based Solution The Meraki Full Stack: New and Unique Value Proposition Meraki Deployment ? How it works Why Customers Choose Meraki Meraki MS Switches Overview Meraki MX Security Appliances Overview Meraki SD-WAN Overview Meraki MR Wireless Access Points Overview Cisco Meraki Systems Manager Overview Cisco Meraki MV Vision Security Cameras Overview Meraki API Overview Meraki Licensing Enterprise Support Cisco Meraki Documentation Cloud Management with the Meraki Dashboard The Meraki Dashboard Dashboard: Organizational Structure Out-of-band Cloud Management Loss of Connectivity to the Cisco Meraki Cloud Meraki Dashboard Logins Create Dashboard Accounts and Organization MSP Logins - Manage Multiple Organizations Modify an Organization View Organizations Health Meraki Dashboard Best Practices Dashboard Search Meraki Help Organizational Wide Settings Configure Monitor Create and Manage Configuration Templates Network-Wide Settings Configure Meraki MX Security Benefits of a Cloud Managed Security Solution Threat Management Solution Advanced Security Licenses Reliable, Cost Effective Connectivity with Meraki SD-WAN Site-to-Site VPN (Auto VPN) High Availability and Path Redundancy Application-Aware Intelligent Path Control Traffic Monitoring and Analytics Integrating Active Directory Cisco Meraki MX Models and Features Configuring the Local Status Page Adding Appliance to Network Device Configuration Configuring the Warm Spare Feature Device Tags & Notes Configuring Addressing & VLANs DHCP Server Configuration and Options Meraki Firewall Configuration Meraki Site-to-Site VPN One Arm VPN Concentrator Configuration Meraki Client VPN Meraki Active Directory Integration Meraki Access Control Meraki Splash Page Configuration Configuring Access Policies Teleworker VPN/L3 Roaming

Duration 3 Days 18 CPD hours This course is intended for This course is for technical professionals to gain skills in writing rules for Snort-based Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). The primary audience includes: Security administrators Security consultants Network administrators System engineers Technical support personnel using open source IDS and IPS Channel partners and resellers Overview After taking this course, you should be able to: Describe the Snort rule development process Describe the Snort basic rule syntax and usage Describe how traffic is processed by Snort Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor the performance of Snort and how to tune rules The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.1 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules. Course Outline Introduction to Snort Rule Development Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort

Duration 5 Days 30 CPD hours This course is intended for Network security engineers ISE administrators Wireless network security engineers Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages. Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services. Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization. Describe third-party Network Access Devices (NADs), Cisco TrustSec, and Easy Connect. Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios. Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment. Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution. Describe the value of the My Devices portal and how to configure this portal. Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE. Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols. Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool. Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 is a Cisco ISE training program that discusses the Cisco Identity Services Engine, an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device onboarding, and guest management, into a single context-aware identity-based platform. This CCNA course provides students with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints as well as enhance infrastructure security using the Cisco ISE. Introducing Cisco ISE Architecture and Deployment Using Cisco ISE as a Network Access Policy Engine Cisco ISE Use Cases Describing Cisco ISE Functions Cisco ISE Deployment Models Context Visibility Cisco ISE Policy Enforcement Using 802.1X for Wired and Wireless Access Using MAC Authentication Bypass for Wired and Wireless Access Introducing Identity Management Configuring Certificate Services Introducing Cisco ISE Policy Implementing Third-Party Network Access Device Support Introducing Cisco TrustSec Cisco TrustSec Configuration Easy Connect Web Authentication and Guest Services Introducing Web Access with Cisco ISE Introducing Guest Access Components Configuring Guest Access Settings Configuring Sponsor and Guest Portals Cisco ISE Profiler Introducing Cisco ISE Profiler Profiling Deployment and Best Practices Cisco ISE BYOD Introducing the Cisco ISE BYOD Process Describing BYOD Flow Configuring the My Devices Portal Configuring Certificates in BYOD Scenarios Cisco ISE Endpoint Compliance Services Introducing Endpoint Compliance Services Configuring Client Posture Services and Provisioning in Cisco ISE Working with Network Access Devices Review TACACS+ Cisco ISE TACACS+ Device Administration Configure TACACS+ Device Administration TACACS+ Device Administration Guidelines and Best Practices Migrating from Cisco ACS to Cisco ISE Lab outline Access the SISE Lab and Install ISE 2.4 Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage Integrate Cisco ISE with Active Directory Configure Basic Policy on Cisco ISE Configure Policy Sets Configure Access Policy for Easy Connect Configure Guest Access Configure Guest Access Operations Create Guest Reports Configure Profiling Customize the Cisco ISE Profiling Configuration Create Cisco ISE Profiling Reports Configure BYOD Blacklisting a Device Configure Cisco ISE Compliance Services Configure Client Provisioning Configure Posture Policies Test and Monitor Compliance-Based Access Test Compliance Policy Configure Cisco ISE for Basic Device Administration Configure TACACS+ Command Authorization

Duration 0.5 Days 3 CPD hours This course is intended for This course is designed for all users of computers, mobile devices, networks, and the Internet, to enable them to use technology more securely and minimize digital risks, regardless of technical ability. This course is also designed for you to prepare for the CyberSAFE credential. You can obtain your CyberSAFE certificate by completing the CyberSAFE credential process on the CHOICE platform following the course presentation. Overview In this course, you will identify many of the common risks involved in using conventional computing technology, as well as ways to use it safely, to protect yourself from those risks. You will: Identify security compliance measures. Address social engineering attempts. Secure devices such as desktops, laptops, tablets, smartphones, and more. Use the Internet securely. Welcome to CyberSAFE: Exam CBS-410. Regardless of your computer experience, this class will help you become more aware of technology-related risks and what you can do to protect yourself and your organization from them. This course will help you to:Understand both security and compliance needs and requirements.Recognize and avoid phishing and other social engineering attempts.Recognize and avoid viruses, ransomware, and other malware.Help ensure data security on computers, mobile devices, networks, the Internet, and in the cloud.In this course, you will use discussions, case studies, and the experiences of your instructor and fellow students to explore the hazards and pitfalls of technology and learn how to use that technology safely and securely. Identifying Security Compliance Measures Topic A: Identify Organizational Compliance Requirements and Resources Topic B: Identify Legal Compliance Requirements and Resources Topic C: Identify Industry Compliance Requirements and Resources Recognizing and Addressing Social Engineering Attacks Topic A: Recognize Phishing and Other Social Engineering Attacks Topic B: Defend Against Phishing and Other Social Engineering Attacks Securing Devices Topic A: Maintain Physical Security of Devices Topic B: Use Secure Authentication Methods Topic C: Protect Your Data Topic D: Defend Against Malware Topic E: Use Wireless Devices Securely Using the Internet Securely Topic A: Browse the Web Safely Topic B: Use Email Securely Topic C: Use Social Networks Securely Topic D: Use Cloud Services Securely Topic E: Work from Remote Locations Securely

Duration 3 Days 18 CPD hours This course is intended for This course is designed for IoT practitioners who are looking to improve their skills and knowledge of IoT security and privacy. This course is also designed for students who are seeking the CertNexus Certified Internet of Things Security Practitioner (CIoTSP) certification and who want to prepare for Exam ITS-110. Overview This program will validate that the candidate has the knowledge, skills, and abilities to secure network environments for IoT devices, analyze vulnerabilities and determine reasonable controls against threats, and effectively monitor IoT devices and respond to incidents. This course is designed for practitioners who are seeking to demonstrate a vendor-neutral, cross-industry skill set that will enable them to design, implement, operate, and/or manage a secure IoT ecosystem. Managing IoT Risks Map the IoT Attack Surface Build in Security by Design Securing Web and Cloud Interfaces Identify Threats to IoT Web and Cloud Interfaces Prevent Injection Flaws Prevent Session Management Flaws Prevent Cross-Site Scripting Flaws Prevent Cross-Site Request Forgery Flaws Prevent Unvalidated Redirects and Forwards Securing Data Use Cryptography Appropriately Protect Data in Motion Protect Data at Rest Protect Data in Use Controlling Access to IoT Resources Identify the Need to Protect IoT Implement Secure Authentication Implement Secure Authorization Implement Security Monitoring on IoT Systems Securing IoT Networks Ensure the Security of IP Networks Ensure the Security of Wireless Networks Ensure the Security of Mobile Networks Ensure the Security of IoT Edge Networks Ensuring Privacy Improve Data Collection to Reduce Privacy Concerns Protect Sensitive Data Dispose of Sensitive Data Managing Software and Firmware Risks Manage General Software Risks Manage Risks Related to Software Installation and Configuration Manage Risks Related to Software Patches and Updates Manage Risks Related to IoT Device Operating Systems and Firmware Promoting Physical Security Protect Local Memory and Storage Prevent Physical Port Access

Duration 4 Days 24 CPD hours This course is intended for IS Security Officers IS Managers Risk Managers IS Systems Auditors Information Systems Owners IS Control Assessors System Managers Government Employees Overview Upon completion, Certified Information Systems Security Auditor students will be able to establish industry acceptable Cyber Security & IS management standards with current best practices and be prepared to competently take the C)ISSA exam. The Certified Information Systems Security Auditor, C)ISSA , course covers the skills and knowledge to assess vulnerabilities, report on compliance and implement controls for private and public enterprises. Many organizations require an Information System Auditor?s expert knowledge when it comes to identifying critical issues and providing effective auditing solutions. Through the use of a risk-based approach, the C)ISSA is able to implement and maintain cost-effective security controls that are closely aligned with both business and industry standards. Course Outline The Process of Auditing Information Systems Risk-Based Auditing Audit Planning and Performance IS Systems Auditor reports IT Governance and Management Systems Acquisition, Development and Implementation Systems Development Models Types of Specialized Business Applications Application Controls Information Systems Operations, Maintenance, and Support System and Communications Hardware Additional course details: Nexus Humans C)ISSA Certified Information Systems Security Auditor Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSA Certified Information Systems Security Auditor Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Die Zertifizierung EXIN Information Security Foundation based on ISO/IEC 27001 richtet sich an alle in der Datenverarbeitung tätigen Mitarbeiter. Das Modul eignet sich auch für kleine und mittelständische Unternehmer, die ein bestimmtes Grundwissen im Bereich der Informationssicherheit benötigen. Für Fachkräfte, die neu auf dem Gebiet der Informationssicherheit sind, ist dieses Modul ein guter Anfang. Overview Anwendungsbereich Mit einer Zertifizierung EXIN Information Security Foundation based on ISO/IEC 27001 können Professionals ihr Wissen in folgenden Bereichen nachweisen: Information und Sicherheit: der Begriff, der Wert, die Bedeutung und die Informationssicherheit Bedrohungen und Risiken: die Begriffe Bedrohung und Risiko und wie diese mit der Zuverlässigkeit von Informationen in Beziehung stehen Verfahren und Organisation: Sicherheitsrichtlinie und Sicherheitsorganisation einschließlich der Bestandteile der Sicherheitsorganisation sowie der Umgang mit (Sicherheits)vorfällen Maßnahmen: die Bedeutung von Sicherheitsmaßnahmen wie zum Beispiel physischen, technischen und organisatorischen Maßnahmen Gesetze und Vorschriften: die Bedeutung und Auswirkung von Gesetzen und Vorschriften ie EXIN-Module zum Thema Informationssicherheitsmanagement definieren Informationssicherheit wie folgt: Bei dem Informationssicherheitsmanagement geht es um die Definition, Umsetzung, Aufrechterhaltung, Einhaltung und Bewertung von koh„renten Kontrollen (Maánahmen), die die Verfgbarkeit, Integrit„t, und Vertraulichkeit der (manuellen und automatisierten) Informationsverarbeitung sichern. Das Modul EXIN Information Security Foundation based on ISO/IEC 27001 prft die Grundbegriffe der Informationssicherheit und ihre Beziehungen zueinander. Eine der Zielsetzungen des Moduls ist das Bewusstsein fr den Wert von Informationen zu wecken und ein Verst„ndnis fr die Schwachstellen der Informationsverarbeitung zu vermitteln, um zu verstehen, welche Maánahmen zum Schutz von Informationen notwendig sind. Information und Sicherheit Der Begriff Information Der Wert von Informationen Aspekte der Zuverl„ssigkeit Bedrohungen und Risiken Bedrohungen und Risiken Verfahren und Organisation Sicherheitsrichtlinie und Sicherheitsorganisation Bestandteile Incident Management Maánahmen Bedeutung von Maánahmen Physische Maánahmen Technische Maánahmen Organisatorische Maánahmen Gesetzgbeung und Vorschriften Gesetzgebung und Vorschriften