Special Offer - 80% OFF

Code: FOREOCON80, Available until ...

ENROLL NOW
  • 00 Days
  • 00 Hours
  • 00 Minutes
  • 00 Seconds

Course curriculum

    1. Promotional video

      FREE PREVIEW

    2. Context and objectives

      FREE PREVIEW

    1. Introduction

    2. Information Assets

    3. Information Security objectives (CIA)

    4. Governance and Organization objectives levels

    5. COBIT Framework

    6. ISO/IEC 27001 and ISO/IEC 27002 standards

    7. ITIL library

    8. CMMI Reference Model

    9. Principle of Due care and Due Diligence

    10. Documentation hierarchy

    11. Security Policy development

    12. ITSG-33 standard

    13. NIST SP 800-53 standard

    14. NIST Cyber Security Framework 1.1

    15. NIST Cyber Security Framework 2.0

    16. PCI-DSS standard

    17. CIS v8 Critical Security Controls

    18. CSA Cloud Controls Matrix

    19. OWASP Top 10

    20. Conclusion

    21. Knowledge assessment

    1. Introduction

    2. Enterprise Architecture: TOGAF framework

    3. Information Security Architecture

    4. Quiz

    5. Asset Identification

    6. Asset Categorization

    7. Data privacy (PII, PHI, SPI)

    8. Information Classification: Reference framework

    9. Information Classification: Practical example

    10. Information Classification: Process

    11. Roles and Responsibilities

    12. Conclusion

    13. Knowledge Assessment

    1. Introduction

    2. Types of security controls

    3. Physical Security

    4. Identity and Access Management (IAM): Concepts

    5. Identity and Access Management (IAM): Components

    6. Firewall, DMZ and WAF

    7. Network segmentation

    8. Intrusion Prevention System (IPS)

    9. Encryption: Symmetric and Asymmetric methods

    10. Encryption: Hybrid method

    11. Encryption: Digital signature and Hashing

    12. Encryption: Illustrative scenario

    13. Encryption: Virtual Private Network (VPN)

    14. Encryption: HTTPS/SSL

    15. Encryption: Data at rest

    16. Encryption: Keys and Certificates Management (PKI, HSM,...)

    17. Security Training and Awareness

    18. Hardening

    19. Data Loss Prevention (DLP)

    20. Intrusion Detection System (IDS)

    21. Security Information and Event Management (SIEM)

    22. Vulnerability Assessment

    23. Application security

    24. Security audits and Penetration Testing

    25. Configuration Management

    26. Incident Response

    27. Patch Management

    28. Anti-malware and Endpoint security

    29. Recovery controls

    30. Governance controls: Security policies

    31. Asset management Lifecycle

    32. Knowledge Assessment

    1. Introduction

    2. Definition of risks

    3. Threat Agent

    4. Threat Identification and Modeling: STRIDE

    5. Threat Identification and Modeling: STRIDE-LM

    6. CAPEC - Common Attack Pattern Enumeration and Classification

    7. DEMO: Threat Modeling

    8. Quiz

    9. Vulnerability: Definition

    10. Vulnerability: Identification and Detection

    11. “Common” Catalogs : CWE, CPE, CVE, CVSS

      FREE PREVIEW

    12. Practical Example: Integrated use of CWE, CPE, CVE, CVSS

    13. Vulnerability Management (DARC)

    14. DEMO: Vulnerability Assessment & Penetration Testing (OpenVAS, Metasploit)

    15. Quiz

    16. Risk Assessment: Qualitative Analysis

    17. Risk Assessment: Quantitative Analysis

    18. Risk Assessment: Impact and Likelihood

    19. Risk Appetite and Prioritization

    20. Qualitative analysis VS Quantitative analysis

    21. Risk Response Strategies

    22. Practical Example: Risk Prioritization

    23. Cost-Benefit Analysis (CBA)

    24. Risk Management Process

    25. Conclusion

    26. Knowledge Assessment

    1. Introduction

    2. Definition of Incident Management

    3. Incident Response Plan development

    4. Incident Response: Roles and Responsibilities

    5. Incident Response: Communication protocol

    6. Incident Response: Detection, Alert, and Classification

    7. Incident Response Process

    8. Incident Response: Measuring the performance

    9. Practical example: Incident handling

    10. Incident Response Tools (SIEM solutions)

    11. Cyber Kill Chain Model

    12. MITRE ATT&CK Framework

    13. Digital Forensic

    14. Conclusion

    15. Knowledge Assessment

About this course

  • $400.00
  • 123 lessons
  • 7.5 hours of video content
  • 10 Quiz and Exams
  • Interactive discussions
  • French, Italian, Arabic, Chinese, Spanish, Hindi, English

Course description

  • Course Overview

    The course provides a comprehensive understanding of information security from Governance, Security controls, industry standards (COBIT5, NIST SP 800-53, ISO 27001, ...), to Risk management, Incident response and Business continuity.

  • Methodology

    The course combines theoretical knowledge with practical examples and demonstrations to reinforce learning. You will also have access to supplementary resources, including reading materials and tools, to enhance your understanding and practical skills.

  • Target audience

    The course is designed for professionals and aspiring practitioners seeking to establish a solid foundation in information security. It is ideal for IT managers, system administrators, security analysts, and anyone responsible for protecting sensitive information and organizational assets.