Learning outcomes

The key objective of the course is for each participant to be able to leave the course with a very solid understanding and appreciation of the fundamentals of Cyber Security:

  • Cyber Security Concepts
  • Risk Management
  • Security Architecture
  • Implementing security in networks, endpoint systems, applications and data
  • Cryptography
  • Business Continuity and Disaster Recovery Planning
  • Incident Response

One of the special features of this course is its mix of theory and practical exercises, all designed to maximise understanding and retention. Strong use is made of a case study. Participants are provided with sample Word and Excel templates for use. Exercises include:

  • Develop an asset register
  • Identify threats and determine risks, and make recommendations
  • Create a data classification scheme and use this for managing risks with cloud solutions
  • Identify and discuss the advantages and disadvantages of different encryption technologies
  • List and prioritise business-critical operations for business continuity
  • Identify and discuss various approaches to security assurance
  • Identify risk remediation strategies and include in a brief management report

Who should attend

The course is designed for:

  • Anyone starting a career in Information / Cyber security
  • IT professionals wanting to transition their career into Cyber Security
  • Anyone needing a robust introduction to Cyber Security
  • Anyone planning to work in a position that requires cyber security knowledge
  • Anyone with information / cyber security responsibilities
  • Anyone who has learned “on the job” but who would benefit from a formal presentation to consolidate their knowledge
  • Professionals familiar with basic IT and information security concepts and who need to round out their knowledge

Course contents

1. Cyber Security Concepts
  • Cyber Security Concepts and Definitions
    - Difference between IT Security, Information Security and Cyber Security
    - Assets, Threats & Vulnerabilities
    - Likelihood, Consequence and Impact
    - Inherent Risk, Current Risk and Residual Risk
  • Cyber Security Strategy
    - Supporting Business Goals and Objectives
    - Cyber Security Policy Framework
    - Awareness, Training and Education
  • Laws, Regulations and Industry Standards
  • Roles and Responsibilities
  • Professional Organisations and Ethics
  • Introduction to the Case Study
  • Practical session:
    Exercise #1 – Development of a cyber asset register
2. Risk Management
  • Risk Management Concepts and Definitions
    - The stages of risk
    - Systemic and systematic Risk, Risk Aggregation
    - Risk Acceptance, Reduction, Transfer and Avoidance
    - Risk Appetite and Tolerance
    - Governance, Risk Management and Compliance (GRC)
    - Risk Management Process
    - Quantitative, Semi-quantitative and Qualitative Risk
  • Threats and Opportunities
    - Assessing the current threat landscape
    - Developing a threat taxonomy
    - Advanced Persistent Threats
    - Bring Your Own Device or Technologies
    - The Internet of Things
  • Controls, Countermeasures and Enablers
  • Business Impact Analysis
    - Sample Business Impact Analysis Template
    - Sample Business Impact Levels
  • Practical session:
    Exercise #2.1 – Development of a threat taxonomy and identification of vulnerabilities
    Exercise #2.2 – Evaluate inherent risk, current controls, current risk, recommend controls and residual risk
3. Security Architecture
  • Security Architecture Concepts and Definitions
  • Security Architecture Frameworks
    - SABSA
    - TOGAF
  • Security Architecture Design Principles
  • Service Models
    - Insourcing
    - Outsourcing
    - Managed Services – Single provider, multiple provider and prime provider
    - Cloud Services – Cloud service models and Cloud deployment models
  • Practical session:
    Exercise #3 – Recommendations for service provider models in addressing risks
    Exercise #4 – Identification of security architecture design principles
4. Implementing Security
  • OSI and TCP/IP Models
  • Network Fundamentals
    - Network Security
    - Network Topologies
    - Security Zones
    - Network Security Technologies
    - Virtualisation Benefits and Security Challenges
  • Endpoint Security
    - Servers, desktops, laptops, tablets, mobile devices, wearables
    - Endpoint Security Technologies
    - Specialised Endpoint Systems
  • Application Security
    - Software Development Lifecycle
    - OWASP Top 10
    - Web Application Firewall and Database Firewall
  • Data Security
    - Data owners, data classification, labelling
    - Access control
    - Data governance and lifecycle
    - Data remanence
  • Australian Signals Directorate Top 35 and Essential Eight
    - ASD Top 4
    - ASD Essential Eight
    - SANS Top 20 mapped to ASD Top 35 and other frameworks
  • Practical session:
    Exercise #5 – Establish a data classification scheme
    Exercise #6 – Design a secure network topology incorporating network security zones, overlay the data classification scheme and placement of recommended controls
5. Cryptography
  • Cryptography Key Terms and Concepts
  • Symmetric Algorithms
    - Data Encryption Standard (DES)
    - Triple DES
    - Advanced Encryption Standard (AES)
    - Other symmetric algorithms
  • Asymmetric Algorithms
  • Hashing Algorithms
  • Non-Repudiation
  • Cryptographic Attacks
    - Side-channel
    - Birthday
    - Implementation
    - Other attack methods
  • Implementing Cryptography in the Real World
    - Public Key Infrastructure (PKI)
    - Electronic Document Exchange
    - Virtual Private Networks (VPNs)
    - Secure e-mail
    - Steganography
    - Digital Watermarks
    - Wireless Security
    - Secure Shell
    - Key Management
  • Practical session:
    Exercise #7 – Select appropriate symmetric, asymmetric and hashing algorithms and develop a draft encryption standard
6. Business Continuity and Disaster Recovery Planning
  • Business Continuity Planning
    - NIST SP800-34 as a framework
  • Disaster Recovery Planning
    - Relationship between the BCP and DRP
    - Events that trigger a BCP/DRP
  • Developing the BCP and DRP
    - Application of NIST SP800-34
    - Initiation
    - Business Impact Analysis
    - Identification of preventive controls
    - Recovery strategies
    - Plan design and development and important BCP/DRP frameworks
    - Ongoing maintenance
  • Practical session:
    Exercise #8 – Identify and rank the most important business operations
7. Incident Response
  • NIST Cyber Security Framework
    - Identify
    - Protect
    - Detect
    - Respond
    - Recover
  • Cyber Forensics
    - General phases of the forensic process
    - Anti-forensics
    - Forensic media analysis
    - Network forensics
    - Forensic analysis of software, Embedded devices and Electronic Discovery
  • Incident Response Management
    - Security events and Security incidents
    - Incident Response Methodology using NIST SP800-61
  • Security Assurance
    - Defining and implementing meaningful metrics
    - Configuration management
    - Minimum Security Baselines
    - Vulnerability Assessments
    - Penetration Testing
    - Security Audits
    - Security Assessments
    - Log reviews, retention, centralisation and analysis
    - Security Information and Event Management System (SIEM)
  • Practical session:
    Exercise #9 – Examination of insourcing or using a managed service for incident response
    Exercise #10 – Develop the first part of a management report highlighting the most appropriate strategies for managing various risks and a high-level roadmap of activities
8. Cyber Security Foundation+PractitionerTM exam

Two hours, multiple choice.

Course fees

Face-to-face classroom training

Foundation + Practitioner Certificate Exam

The Cyber Security Foundation+Practitioner exam is held in the classroom at the end of Day 5. The exam is 2 hours in duration and comprises two parts. in Part A there are 80 questions worth 1 mark each. In Part B there are 10 questions worth 2 marks each.  The pass mark is 65%.  There is only one correct answer to each question and no marks are deducted for incorrect answers.  The Cyber Security Foundation+Practitioner Certificate is issued to those who successfully pass the exam.  One free exam re-sit is available for each participant.