Name: Test Course: Course Contents
Author: ALC Group

Cyber Security Concepts and Definitions
– Difference between IT Security, Information Security and Cyber Security
– Assets, Threats & Vulnerabilities
– Likelihood, Consequence and Impact
– Inherent Risk, Current Risk and Residual Risk
Cyber Security Strategy
– Supporting Business Goals and Objectives
– Cyber Security Policy Framework
– Awareness, Training and Education
Laws, Regulations and Industry Standards
Roles and Responsibilities
Professional Organisations and Ethics
Introduction to the Case Study
Practical session:
Exercise #1 – Development of a cyber asset register

Risk Management Concepts and Definitions
– The stages of risk
– Systemic and systematic Risk, Risk Aggregation
– Risk Acceptance, Reduction, Transfer and Avoidance
– Risk Appetite and Tolerance
– Governance, Risk Management and Compliance (GRC)
– Risk Management Process
– Quantitative, Semi-quantitative and Qualitative Risk
Threats and Opportunities
– Assessing the current threat landscape
– Developing a threat taxonomy
– Advanced Persistent Threats
– Bring Your Own Device or Technologies
– The Internet of Things
Controls, Countermeasures and Enablers
Business Impact Analysis
– Sample Business Impact Analysis Template
– Sample Business Impact Levels
Practical session:
Exercise #2.1 – Development of a threat taxonomy and identification of vulnerabilities
Exercise #2.2 – Evaluate inherent risk, current controls, current risk, recommend controls and residual risk

Security Architecture Concepts and Definitions
Security Architecture Frameworks
– SABSA
– TOGAF
Security Architecture Design Principles
Service Models
– Insourcing
– Outsourcing
– Managed Services – Single provider, multiple provider and prime provider
– Cloud Services – Cloud service models and Cloud deployment models
Practical session:
Exercise #3 – Recommendations for service provider models in addressing risks
Exercise #4 – Identification of security architecture design principles

OSI and TCP/IP Models
Network Fundamentals
– Network Security
– Network Topologies
– Security Zones
– Network Security Technologies
– Virtualisation Benefits and Security Challenges
Endpoint Security
– Servers, desktops, laptops, tablets, mobile devices, wearables
– Endpoint Security Technologies
– Specialised Endpoint Systems
Application Security
– Software Development Lifecycle
– OWASP Top 10
– Web Application Firewall and Database Firewall
Data Security
– Data owners, data classification, labelling
– Access control
– Data governance and lifecycle
– Data remanence
Australian Signals Directorate Top 35 and Essential Eight
– ASD Top 4
– ASD Essential Eight
– SANS Top 20 mapped to ASD Top 35 and other frameworks
Practical session:
Exercise #5 – Establish a data classification scheme
Exercise #6 – Design a secure network topology incorporating network security zones, overlay the data classification scheme and placement of recommended controls

Cryptography Key Terms and Concepts
Symmetric Algorithms
– Data Encryption Standard (DES)
– Triple DES
– Advanced Encryption Standard (AES)
– Other symmetric algorithms
Asymmetric Algorithms
Hashing Algorithms
Non-Repudiation
Cryptographic Attacks
– Side-channel
– Birthday
– Implementation
– Other attack methods
Implementing Cryptography in the Real World
– Public Key Infrastructure (PKI)
– Electronic Document Exchange
– Virtual Private Networks (VPNs)
– Secure e-mail
– Steganography
– Digital Watermarks
– Wireless Security
– Secure Shell
– Key Management
Practical session:
Exercise #7 – Select appropriate symmetric, asymmetric and hashing algorithms and develop a draft encryption standard

Business Continuity Planning
– NIST SP800-34 as a framework
Disaster Recovery Planning
– Relationship between the BCP and DRP
– Events that trigger a BCP/DRP
Developing the BCP and DRP
– Application of NIST SP800-34
– Initiation
– Business Impact Analysis
– Identification of preventive controls
– Recovery strategies
– Plan design and development and important BCP/DRP frameworks
– Ongoing maintenance
Practical session:
Exercise #8 – Identify and rank the most important business operations

NIST Cyber Security Framework
– Identify
– Protect
– Detect
– Respond
– Recover
Cyber Forensics
– General phases of the forensic process
– Anti-forensics
– Forensic media analysis
– Network forensics
– Forensic analysis of software, Embedded devices and Electronic Discovery
Incident Response Management
– Security events and Security incidents
– Incident Response Methodology using NIST SP800-61
Security Assurance
– Defining and implementing meaningful metrics
– Configuration management
– Minimum Security Baselines
– Vulnerability Assessments
– Penetration Testing
– Security Audits
– Security Assessments
– Log reviews, retention, centralisation and analysis
– Security Information and Event Management System (SIEM)
Practical session:
Exercise #9 – Examination of insourcing or using a managed service for incident response
Exercise #10 – Develop the first part of a management report highlighting the most appropriate strategies for managing various risks and a high-level roadmap of activities

Two hours, multiple choice.