logo

Certified In Cybersecurity

Information Technologies

Certified In Cybersecurity

ISC2 developed the Certified in Cybersecurity (CC) credential for newcomers to the field, to recognize the growing trend of people entering the cybersecurity workforce without direct IT experience. Getting Certified in Cybersecurity provides employers with the confidence that you have a solid grasp of the right technical concepts, and a demonstrated aptitude to learn on the job. As an ISC2 certification, those who hold the CC are backed by the world’s largest network of certified cybersecurity professionals helping them continue their professional development and earn new achievements and qualifications throughout their career

 

By the end of this workshop, attendees will be able to:

  • Identify security concepts, including confidentiality, integrity, availability, authentication, non-repudiation, and privacy.
  • Apply the risk management process, considering risk priorities, tolerance, identification, assessment, and treatment.
  • Implement various security controls, including technical, administrative, and physical controls.
  • Adhere to the (ISC)² Code of Ethics, demonstrating professional conduct.
  • Establish and enforce governance processes, including policies, procedures, standards, and compliance with regulations and laws.
  • Define the purpose, importance, and components of business continuity (BC).
  • Outline the purpose, importance, and components of disaster recovery (DR).
  • Articulate the purpose, importance, and components of incident response.
  • Implement physical access controls, such as badge systems, gate entry, and environmental design.
  • Enforce logical access controls, including the principle of least privilege, segregation of duties, discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC).
  • Explain computer networking concepts, such as OSI model, TCP/IP model, IPv4, IPv6, and WiFi.
  • Identify and respond to network threats and attacks, including DDoS, viruses, worms, Trojans, MITM, and side-channel attacks.

hours

30

language

English

Summary

ISC2 developed the Certified in Cybersecurity (CC) credential for newcomers to the field, to recognize the growing trend of people entering the cybersecurity workforce without direct IT experience. Getting Certified in Cybersecurity provides employers with the confidence that you have a solid grasp of the right technical concepts, and a demonstrated aptitude to learn on the job. As an ISC2 certification, those who hold the CC are backed by the world’s largest network of certified cybersecurity professionals helping them continue their professional development and earn new achievements and qualifications throughout their career

 

By the end of this workshop, attendees will be able to:

  • Identify security concepts, including confidentiality, integrity, availability, authentication, non-repudiation, and privacy.
  • Apply the risk management process, considering risk priorities, tolerance, identification, assessment, and treatment.
  • Implement various security controls, including technical, administrative, and physical controls.
  • Adhere to the (ISC)² Code of Ethics, demonstrating professional conduct.
  • Establish and enforce governance processes, including policies, procedures, standards, and compliance with regulations and laws.
  • Define the purpose, importance, and components of business continuity (BC).
  • Outline the purpose, importance, and components of disaster recovery (DR).
  • Articulate the purpose, importance, and components of incident response.
  • Implement physical access controls, such as badge systems, gate entry, and environmental design.
  • Enforce logical access controls, including the principle of least privilege, segregation of duties, discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC).
  • Explain computer networking concepts, such as OSI model, TCP/IP model, IPv4, IPv6, and WiFi.
  • Identify and respond to network threats and attacks, including DDoS, viruses, worms, Trojans, MITM, and side-channel attacks.

Topics Covered

  • 1 - Understand the security concepts of information assurance
  • Confidentiality
  • Integrity
  • Availability
  • Authentication (e.g., methods of authentication, multi-factor authentication (MFA))
  • Non-repudiation
  • Privacy
  • 2 - Understand the risk management process
  • Risk management (e.g., risk priorities, risk tolerance)
  • Risk identification, assessment and treatment
  • 3 - Understand security controls
  • Technical controls
  • Administrative controls
  • Physical controls
  • 4 - Understand ISC2 Code of Ethics
  • Professional code of conduct
  • 5 - Understand governance processes
  • Policies
  • Procedures
  • Standards
  • Regulations and laws

  • 1 - Understand business continuity (BC)
  • Purpose
  • Importance
  • Component
  • 2 - Understand disaster recovery (DR)
  • Purpose
  • Importance
  • Components
  • 3 - Understand incident response
  • Purpose
  • Importance
  • Components

  • 1 – Understand physical access controls
  • Physical security controls (e.g., badge systems, gate entry, environmental design)
  • Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs)
  • Authorized versus unauthorized personnel
  • 2 – Understand logical access controls
  • Principle of least privilege
  • Segregation of duties
  • Discretionary access control (DAC)
  • Mandatory access control (MAC)
  • Role-based access control (RBAC)

  • 1 – Understanding computer networking
  • Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi)
  • Ports
  • Applications
  • 2 – Understand network threats and attacks
  • Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-the-middle (MITM), side-channel)
  • Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS))
  • Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS))
  • 3 – Understand network security infrastracture
  • On-premises (e.g., power, data center/closets, Heating, Ventilation, and Air Conditioning (HVAC), environmental, fire suppression, redundancy, memorandum of understanding (MOU)/memorandum of agreement (MOA))
  • Design (e.g., network segmentation (demilitarized zone (DMZ), virtual local area network (VLAN), virtual private network (VPN), micro-segmentation), defense in depth, Network Access Control (NAC) (segmentation for embedded systems, Internet of Things (IoT))
  • Cloud (e.g., service-level agreement (SLA), managed service provider (MSP), Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), hybrid)
  •  

  • 1 – Understand data security
  • Encryption (e.g., symmetric, asymmetric, hashing)
  • Data handling (e.g., destruction, retention, classification, labeling)
  • Logging and monitoring security events
  • 2 – Understand system hardening
  • Configuration management (e.g., baselines, updates, patches)
  • 3 – Understand best practice security policies
  • Data handling policy
  • Password policy
  • Acceptable Use Policy (AUP)
  • Bring your own device (BYOD) policy
  • Change management policy (e.g., documentation, approval, rollback)
  • Privacy policy
  • 4 – Understand security awareness training
  • Purpose/concepts (e.g., social engineering, password protection)
  • Importance

    • minimize course outline

    Select Learning Format.

    Register

    You Might Also Like

    Your experience on this site will be improved by allowing cookies.