Course Overview

CompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career.

CompTIA Security+ is the first security certification IT professionals should earn.

 

Course Outline

Topics include:

  •   Risk management
  •   Cryptography
  •   Authentication and authorization
  •   Host, LAN, and application security
  •   Wireless, cloud, and mobile security
  •   Environmental security and controls

 

Learning objectives

Trainees enrolled in the CompTia Security+ course, will gain a detailed understanding of:

  • Detect various types of compromise and understand penetration testing and vulnerability scanning concepts
  • Install, configure, and deploy network components while assessing and troubleshooting issues to support organizational security
  • Implement secure network architecture concepts and systems design
  • Install and configure identity and access services, as well as management controls
  • Implement and summarize risk management best practices and the business impact
  • Install and configure wireless security settings and implement public key infrastructure

 

Prerequisites 

To join this course, you need to have basic familiarity with PCs and networks, even though there are no specific prerequisites, since the course covers all the topics in detail.

Unsure whether you do meet the established prerequisites? No problem. Speak to us and based on your background we will help you understand if this course is right for you.

 

Method of Delivery

The tools and techniques used throughout this trainee encompass all aspects of security. The course is designed to bring together theory and concepts through practical representation and application. Each trainee is provided will comprehensive materials that are followed during the training sessions.

 

What’s included

  • Course notes
  • Digital course material voucher
  • Access to virtual training labs
  • Access to PwC’s Learning Management Platform
  • Certified exam voucher

Course Overview

The ISO 27001 Lead Auditor course is a PECB (Professional Evaluation and Certification Board) official course. The three-day intensive course will help you develop the skills needed to audit an Information Security Management System (ISMS). You'll also be able to manage a team of auditors, by applying widely-recognised audit principles, procedures and techniques.

PECB is officially accredited under ISO 17024 from ANSI. They are the first personnel certification body to be accredited by a National Accreditation Authority.

You will gain the skills and knowledge needed to plan and perform audits, compliant with the certification process of the ISO/IEC 27001:2013 standard. Through practical exercises, you will learn the following skills:

  • Mastering audit techniques
  • Managing audit teams and audit program
  • Communicating with customers
  • Conflict resolution

 

Course outline

You will learn the following content:

  • Normative, regulatory and legal framework related to information security
  • Fundamental principles of information security
  • ISO 27001 certification process
  • Information Security Management System
  • Detailed presentation of the clauses 4 to 8 of ISO27001

Planning and Initiating an ISO 27001 audit

  • Fundamental audit concepts and principles
  • Audit approach based on evidence and on risk
  • Preparation of an ISO 27001 certification audit
  • ISMS documentation audit
  • Conducting an opening meeting

Conducting an ISO 27001 audit

  • Communication during the audit
  • Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
  • Audit test plans
  • Formulation of audit findings
  • Documentating non-conformities

Concluding and ensuring the follow-up of an ISO 27001 audit

  • Audit documentation
  • Quality review
  • Conducting a closing meeting and conclusion of an ISO 27001 audit
  • Evaluation of corrective action plans
  • ISO 27001 surveillance audit
  • Internal audit management program

 

Exam track 

You'll take the ISO/IEC 27001 Lead Auditor exam as part of the course.

You will also get one year free PECB membership, and be able to apply for the following titles depending on your experience:

  • Certified ISO/IEC 27001 Provisional Auditor
  • Certified ISO/IEC 27001 Auditor
  • Certified ISO/IEC 27001 Lead Auditor

 

Learning objectives

Participants will gain the knowledge to conduct internal or external audits of an Information Security Management System, either as a sole auditor, a member of an audit team, or as the team leader. Specifically, you will:

  • Learn how to plan and carry out an ISO 27001:2013 audit
  • Learn report writing and how to document an Information Security system
  • Recognise the role of the auditor
  • Understand, and be able to implement processes within the Information Security management system
  • Be able to improve your organisations conformance with ISO/IEC 27001:2013
  • Learn how to identify gaps in an Information Security management system
  • Satisfy training needs for Exemplar Global certification

 

Prerequisites 

It is recommended that you have already attended Information Security Management System (ISMS) Foundation training, or have a basic knowledge of ISO/IEC 27001:2013 and ISO/IEC 27002:2013.

Prior to attending the course, you must also have:

  • 5 years of professional experience
  • 2 years of security experience
  • 300 hours audit activity
  • Professional references proving your experience

 

What’s included

  • The Information Security Management System (ISMS) implementation methodology
  • Student manual - containing over 400 pages of information and practical examples
  • Certificate - worth 31 CPE (Continuing Professional Education) credits
  • Courseware
  • Up-to 12 hours of instructor-led training each day
  • 24-hour lab access
  • Hands-on training through Lecture | Lab | ReviewTM
  • Digital courseware (if available)

Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program offered by EC Council. The training is a skills-based, lab intensive program that is based on a job-task analysis and cybersecurity education framework.

The program prepares trainees on network security technologies and operations to attain in-depth network security preparedness. It covers all elements related to protecting, detecting and responding in terms of network security. The course covers major network security tools and techniques which provide network administrators real world expertise on current network security technologies and operations. The course material provides detailed network security best practices, assessments and protection tools. The kit also contains templates for various network policies  leading to additional learning.

 

Who is it For?

  • Network Administrators
  • Network security Administrators
  • Network Security Engineer
  • Network Technicians
  • Network Analyst
  • Security Analyst
  • Anyone who involves in network operations

 

Course Outline

  • Module 1: Computer Network and Defense Fundamentals Response & Handling
  • Module 2: Network Security Threats, Vulnerabilities, and Attacks
  • Module 3: Network Security Controls, Protocols, and Devices
  • Module 4: Network Security Policy Design and Implementation
  • Module 5: Physical Security
  • Module 6: Host Security
  • Module 7: Secure Firewall Configuration and Management
  • Module 8: Secure IDS Configuration and Management
  • Module 9: Secure VPN Configuration and Management
  • Module 10: Wireless Network Defense
  • Module 11: Network Traffic Monitoring and Analysis
  • Module 12: Network Risk and Vulnerability Management
  • Module 13: Data Backup and Recovery
  • Module 14: Network Incident Response and Management

 

About the Exam

Exam Name: CND (312-38) Exam

Number of Questions: 100

Test Duration: 4 Hours

Test Format: Interactive Multiple Choice Questions

Test Delivery: ECC Exam


This cyber security course immerses the students into an interactive environment where they are shown how to scan, test, hack and secure their own systems - ethically. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential cyber security systems.

Students begin by understanding how perimeter defences work and how to scan and attack their own networks, no real network is harmed. Finally, students then learn how intruders escalate privileges and what steps can be taken to secure a system.

Course outline

  • Introduction to Ethical Hacking
  • Footprinting and reconnaissance
  • Scanning networks
  • Enumeration
  • System hacking
  • Malware Threats
  • Evading IDS, Firewalls and Honeypots
  • Sniffers
  • Social engineering
  • Denial of Service (DoS)
  • Session hijacking
  • Hijacking webservers
  • Hacking web applications
  • SQL injection
  • Hacking wireless networks
  • Hacking Mobile Platforms
  • Cloud Computing
  • Cryptography

 

Prerequisites

  • Knowledge of TCP/IP
  • Basic knowledge of Information Systems
  • Basic knowledge of Networking

 

Who should attend?

  • IT Security Officers
  • Auditors
  • Security professionals
  • Site Administrators
  • Anyone who is concerned about the integrity of the network infrastructure

 

Learning outcomes

By the end of this course, students would be able to understand:

  • Key issues plaguing the information security world, incident management process, and penetration testing
  • Various types of footprinting, footprinting tools, and countermeasures
  • Network scanning techniques and scanning countermeasures
  • Enumeration techniques and enumeration countermeasures
  • System hacking methodology, steganography, steganalysis attacks, and covering tracks
  • Different types of Trojans, Trojan analysis, and Trojan countermeasures
  • Working of viruses, virus analysis, computer worms, malware analysis procedure, and countermeasures
  • Packet sniffing techniques and how to defend against sniffing
  • Social engineering techniques, identify theft, and social engineering countermeasures
  • DoS/DDoS attack techniques, botnets, DDoS attack tools, and DoS/DDoS countermeasures
  • Session hijacking techniques and countermeasures
  • Different types of webserver attacks, attack methodology, and countermeasures


IT Security for End Users: An Overview

  • Security definitions
  • Keep your data safe
  • Specific Scenario Analysis
  • Useful tips
  • Good to know