Aegis School of Business, Data Science, Cyber Security & Telecommunication
|Application fee:||13.34 USD|
|Course fee:||466.76 USD|
This course deals with implementing effective security mechanisms in designing and implementing operating systems, applications and networks. It involves the assimilation of the fundamental concepts of security models followed by development. It also deals with deploying solutions to element vulnerabilities. Design and deployment of the security principles of sites and facilities and the relevant aspects of business security are also discussed. This has relevance for participants seeking to become future system and network administrators and consultants; as well as information security professionals.
• Apply contemporary formal mathematical modeling techniques to model and analyze the security of a software system
• Identify project security risks & selecting risk management strategies.
• Describe and discuss security concerns designs at multiple levels of abstraction
• Comply with data privacy and security requirements when designing a software system.
• Design a software solution for secure access and protection of data.
• Use business continuity activities and strategies that support early vulnerability detection.
Objective of the course
This course aims to provide understanding of the techniques and tools needed to implement and audit the Critical Security Controls as documented by the Center for Internet Security (CIS).
These Critical Security Controls are rapidly becoming accepted as the highest priority list of what must be done and proven before anything else at nearly all serious and sensitive organizations.These controls were selected and defined by the US military and other government and private organizations, who are the most respected experts on how attacks actually work and what can be done to stop them.They defined these controls as their consensus for the best way to block the known attacks and the best way to help find and mitigate damage from the attacks that get through.
The course enables you to see how to put the controls in place in existing network though effective and widespread use of cost-effective automation.The Course will also cover the leading international Cyber Security frameworks
Session 1 - Overview
Session 2 - Controls 1-4
Session 3 - Controls 5-8
Session 4 - Controls 9-12
Session 5 - Controls 13-16
Session 6 - Controls 17-20
Session 7 - ISO 27001
Session 8 - ISO 22301
Session 9 - NIST Cyber Security Framework
Session 10 - IT Grundschutz
Detailed understanding of Critical 20 Control Objectives
1: Inventory of Authorized and Unauthorized Devices
2: Inventory of Authorized and Unauthorized Software
3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
4: Continuous Vulnerability Assessment and Remediation
5: Malware Defenses
6: Application Software Security
7: Wireless Access Control
8: Data Recovery Capability
9: Security Skills Assessment and Appropriate Training to Fill Gaps
10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
11: Limitation and Control of Network Ports, Protocols, and Services
12: Controlled Use of Administrative Privileges
13: Boundary Defense
14: Maintenance, Monitoring, and Analysis of Audit Logs
15: Controlled Access Based on the Need to Know
16: Account Monitoring and Control
17: Data Protection
18: Incident Response and Management
19: Secure Network Engineering
20: Penetration Tests and Red Team Exercises
Detailed Understanding of Cyber Security Frameworks - NIST Cyber Security Framework, German IT Baseline (IT-Grundschutz) Methodology, ISO 27001, ISO 22301