Uncategorized Archives - Page 44 of 101

Module 1

Security Across the Lifecycle

This module introduces the Solution Architect to the various security concerns and considerations when embarking on a new development project all the way to in-service support.

Module 2

The Basics of Security Architecture

This module lays down the basic principles of security architecture and provides an understanding of what it means to be a security architect. It describes the relationship to Enterprise Architecture Frameworks and how these frameworks address security.

Being an SA is a technical job, without doubt, but the key to success in these areas comes from detailed knowledge of what comprises security technology in terms of product assurance, network and technical design/development work, and the trade-off between physical, logical and procedural controls. Unlike technical architecture, where components are added together to create an endsolution based on technical know-how, security architecture adopts a framework approach for deploying patterns of risk-reducing technology that provide varying levels of assurance depending on the underlying security requirements.

Module 3

Advanced Security Architecture Concepts

This module builds on Module 2, laying down the next level of detail for a variety of architectural concepts. It starts with security mechanisms such as cryptography. It then goes on to a wide range of security services. Finally the module describes how the security services can be applied within a system and how design patterns are an important tool for a SA.

Topics covered include:

Common methods for identification, authentication, access control
Common methods for content control, such as anti-virus and data loss prevention
Common cryptographic based services, such as a public key infrastructure
Intruder detection and prevention services and their placement in systems
The role of directories in a system
Functions of security management within a system
Network security controls and the threats they counter, including layer 2 controls, packet filtering, firewalls
Common methods for resilience and recovery capabilities and techniques, including back-up and audit trails
Security aspects of virtualisation
Distinguish between different cryptographic mechanisms and techniques
Use of threat modelling techniques to establish where security services should be positioned within a system
Design patterns to explain the threats and security controls used to counter the threats

Module 4

Information Security Methodologies

This module covers various methodologies and techniques that can be used to assure the implementation of a system or a product. This includes Information Assurance Frameworks and the purpose of vulnerability and penetration testing.

Module 5

Preparation for the SASP exam

The final module provides preparation for the SASP examination.

This course is designed for:

Solution or Technical Architects who wish to build security into their projects
Security professionals wanting to move into a more senior architecture role
Security professionals who need to gain a wider appreciation of the technical and business aspects of their profession

Participants who have successfully completed the SASP course will be able to:

Describe and apply security design principles
Identify information risks that arise from potential solution architectures
Design alternate architectures or countermeasures to mitigate identified information risks
Ensure that proposed architectures and countermeasures adequately mitigate identified information risks
Apply “standard'” security techniques and architectures to mitigate security risks
Develop new architectures that mitigate the risks posed by new technologies and business practices
Securely configure ICT systems in compliance with their approved security architectures

The Solution Architecture Security Practitioner (SASP) course is a 2-day course targeted at Solution Architects who need to know how to design secure systems and how to architect a wide range of security controls into a system .

Key topics covered include:

Security Across the Lifecycle
The Basics of Security Architecture
Advanced Security Architecture Concepts
Information Security Methodologies

It is rare for today’s IT systems to have no security facilities within them. Many organisations or projects cannot afford to have an assigned security architect. Yet many solutions or technical architects do not have a good understanding of Information Security. This means that systems are being designed and built that do not adequately mitigate against current and emerging threats from today’s interconnected IT world.

This is the only course of its kind. It covers, in two concentrated days, the key knowledge and skills needed to design, build and implement secure systems. At the end of the course participants may take the SASP Certificate exam issued by GCI (Global Certification Institute).

[Course_Duration] day course.

[Book_Now_Button] [Enquiry_Button]

Certificate Exam

All participants receive a voucher to take the FCIS (Foundation Certificate in Information Security) Certificate exam after the course. The exam is conducted online, web-proctored.

Short assessments are also taken at the end of each module to determine understanding of the information covered in that module.

Prerequisites

There are no formal prerequisites for this course.

Course

Fees A$ per person

$1650 + gst

Excellent team discounts available. Please contact Dennis Pigram

Fees include:

Course presentation in quality CBD hotel
Perfect-bound 288-page course workbook
Comprehensive online course materials
FCIS Certificate exam (held after the course)
Full catering (morning and afternoon tea plus sit-down lunch each day)

Module 1

Introduction to Information Security Management

This module covers the basic concepts of information security along with the main terminology commonly in use. You will gain an understanding of why information security is becoming increasingly important, not just in the IT community but also in the business community at large.

At the end of this module you will be able to:

Define and explain the key terms used in information security and use these terms correctly and appropriately
Explain and justify a number of the key concepts in information security and explain these concepts correctly and appropriately

Module 2

Introduction to Information Risk Management

This module introduces the basic concepts of business risk management, its rationale, core terminology and fundamental principles. It introduces the need for and application of international standards and regulatory frameworks and stresses the adoption of a strategic approach to information risk management.

At the end of this module you will be able to:

Understand the significance of information risk management to business
Understand and be able to apply basic information risk management terminology
Understand basic information risk management principles

Module 3

Introduction to Business Continuity Management

This module covers the basic concepts of business continuity management along with the main terminology commonly in use. You will gain an understanding of why business continuity management is becoming increasingly important, not just in the IT community but also in the business community at large.

Topics covered include:

The need for business continuity management
The context of business continuity management in the business
The business continuity lifecycle

Module 4

Introduction to Information Security Architecture

Security architecture is at the heart of what it is to be a security architect. However, unlike technical architecture work where components are added together to create an end-solution based on technical know-how, security architecture adopts a framework approach for deploying patterns of risk-reducing technology that provide varying levels of assurance depending on the underlying security requirements. Being an SA is a technical job, without doubt, but the key to success in these areas comes from detailed knowledge of what comprises security technology in terms of product assurance, network and technical design/development work (using secure development principles) and the trade off between physical, logical and procedural controls.

Module 5

Preparation for the Foundation exam

The final module will prepare you for the Foundation examination to be undertaken after the course.

This course is intended for anyone who needs to have a better understanding of information security:

IT professionals taking on additional security responsibilities e.g. network / system administrators, systems analysts
Anyone in IT who needs to have a better understanding of information security
Anyone considering moving into the information / cyber security area
Business Managers and other people in general business who need to better appreciate the key issues in information security

Be able to define and explain the key terms used in information security and use these terms correctly and appropriately
Be able to explain and justify a number of the key concepts in information security and explain these concepts correctly and appropriately
Understand the significance of information risk management to business
Understand and be able to apply basic information risk management terminology
Understand basic information risk management principles
Define and explain the key terms used in business continuity management in their appropriate context
Explain and justify a number of the key concepts of business continuity management
Explain the overall business continuity lifecycle
Describe the role of the security architect and the concept of security architectures in context of enterprise architectures.
Explain the skills, especially soft skills, an SA must possess.
Explain the concepts and design principles used by security architects when designing systems. Design principles such as least privilege, segregation of duties are described.
Describe security architectures at a high level using appropriate contextual terms and have enough knowledge to describe architectural concepts related to security concerns.
Understand the format and scoring of the examination
Be prepared to take and pass the FCIS examination

* Are your IT staff “on the same page” as your security team?

p* Do you or your team just need to have a good basic appreciation of security?

ALC’s 2-day “flagship” course FCIS (Foundation Certificate in Information Security) provides the ideal foundation for:

anyone starting a career in Information/Cyber security
anyone who has information security responsibilities as part of their day-to-day role
anyone with piecemeal knowledge who would benefit from a formal presentation to consolidate their knowledge of information security.

Based upon international standards and industry best practice, the course introduces the fundamental concepts and top four disciplines of Information Security and how these form part of the overall business strategy of the organisation:

Information Security Management
Information Risk Management
Business Continuity Management
Information Security Architecture

The course culminates in a one-hour Foundation Certificate exam issued by GCI (Global Certification Institute). The certificate is useful to both the individual and employer in terms of attesting to the level of professional ability an individual has attained.

[Book_Now_Button] [Enquiry_Button]

Solution Architecture Security Practitioner: Course Contents

Module 1

Security Across the Lifecycle

Module 2

The Basics of Security Architecture

Module 3

Advanced Security Architecture Concepts

Module 4

Information Security Methodologies

Module 5

Preparation for the SASP exam

Solution Architecture Security Practitioner: Who Should Attend

Solution Architecture Security Practitioner: Learning Outcomes

Solution Architecture Security Practitioner: Course Overview

Foundation Certificate in Information Security: Sidebar Content

[Course_Duration] day course.

Foundation Certificate in Information Security: Exams and Stuff

Certificate Exam

Prerequisites

Foundation Certificate in Information Security: Dates and Fees

Course

Fees A$ per person

Fees include:

Foundation Certificate in Information Security: Course Contents

Module 1

Introduction to Information Security Management

Module 2

Introduction to Information Risk Management

Module 3

Introduction to Business Continuity Management

Module 4

Introduction to Information Security Architecture

Module 5

Preparation for the Foundation exam

Foundation Certificate in Information Security: Who Should Attend

Foundation Certificate in Information Security: Learning Outcomes

Foundation Certificate in Information Security: Course Overview

Cybersecurity Nexus (CSX) Fundamentals: Sidebar Content