Empower Clients Through IT
IT EXPERT SYSTEM, INC
IT Training, Staffing and IT Services Provider
Schaumburg | Des Plaines | Naperville IL, USA
Cyber Security Fundamentals Module System Engineering
Overview
The Cyber Security Fundamentals course will provide learners with principles of data and technology that frame and define Cyber Security. Learners will gain insight into the importance of Cyber Security and the integral role of Cyber Security professionals. The interactive, self-guided format will provide a dynamic learning experience where users can explore foundational Cyber Security principles, security architecture, risk management, attacks, incidents, and emerging IT and IS technologies.
Course Content
DOMAIN 1 - Cloud Computing Concepts and Architecture
-
NIST Definition of Cloud Computing (Essential Characteristics, Cloud Service
-
Models, Cloud Deployment Models)
-
Multi-Tenancy
-
CSA Cloud Reference Model
-
Jericho Cloud Cube Model
-
Cloud Security Reference Model
-
Cloud Service Brokers
-
Quiz
-
LAB
-
Homework
DOMAIN 2 - Governance and Enterprise Risk Management
-
Contractual Security Requirements
-
Enterprise and Information Risk Management
-
Third Party Management Recommendations
-
Supply chain examination
-
Use of Cost Savings for Cloud
-
Quiz
-
LAB
-
Homework
DOMAIN 3 - Legal Issues, Contracts, and Electronic Discovery
-
Contractual Security Requirements
-
Enterprise and Information Risk Management
-
Third Party Management Recommendations
-
Supply chain examination
-
Use of Cost Savings for Cloud
-
Quiz
-
LAB
-
Homework
DOMAIN 4 - Compliance and Audit Management
-
Definition of Compliance
-
Right to audit
-
Compliance impact on cloud contracts
-
Audit scope and compliance scope
-
Compliance analysis requirements
-
Auditor requirements
-
Quiz
-
LAB
-
Homework
DOMAIN 5 - Information Governance & Data Security
-
Six phases of the Data Security Lifecycle and their key elements
-
Volume storage
-
Object storage
-
Logical vs physical locations of data
-
Three valid options for protecting data.
-
Data Loss Prevention
-
Detection Data Migration to the Cloud
-
Encryption in IaaS, PaaS & SaaS
-
Database Activity Monitoring and File Activity Monitoring
-
Data Backup
-
Data Dispersion
-
Data Fragmentation
-
Quiz
-
LAB
-
Homework
DOMAIN 6 – Data Center + Infrastructure Security
-
Relation to Cloud Controls Matrix
-
Queries run by data center operators.
-
Technical aspects of a Provider's data center operations customers should understand.
-
Logging and report generation in multi-site clouds
-
Quiz
-
LAB
-
Homework
DOMAIN 7 - Virtualization and Containers
-
Security concerns for hypervisor architecture
-
VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps
-
In-Motion VM characteristics that can create a serious complexity for audits
-
How can virtual machine communications bypass network security controls?
-
VM attack surfaces
-
Compartmentalization of VMs
-
Quiz
-
LAB
-
Homework
Cyber Security
DOMAIN 8 - Incident Response
-
Factor allowing for more efficient and effective containment and recovery in a cloud.
-
Main data source for detection and analysis of an incident
-
Investigating and containing an incident in an Infrastructure as a Service environment
-
Reducing the occurrence of application-level incidents
-
How often should incident response testing occur?
-
Offline analysis of potential incidents
-
Quiz
-
LAB
-
Homework
DOMAIN 9 - Application Security
-
identity, entitlement, and access management (IdEA)
-
SDLC impact and implications
-
Differences in S-P-I models
-
Consideration when performing a remote vulnerability test of a cloud-based application.
-
Categories of security monitoring for applications
-
Entitlement matrix
-
Quiz
-
LAB
-
Homework
DOMAIN 10 - Identity, Entitlement and Access Management
-
Relationship between identities and attributes
-
Identity Federation
-
Relationship between Policy Decision Point (PDP) and Policy Enforcement Point
-
(PEP)
-
SAML and WS-Federation
-
Provisioning and authoritative sources
-
Quiz
-
LAB
-
Homework
DOMAIN 11 - Security as a Service
-
Barriers to developing full confidence in security as a service (SECaaS)
-
When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA.
-
Logging and reporting implications
-
How can web security as a service be deployed?
-
What measures do Security as a Service provider take to earn the trust of their customers?
-
Quiz
-
LAB
-
Homework
DOMAIN 12 - Related Technologies
-
BIG DATA
-
Mobile Devices
-
IOT Devices
-
Micro Services
-
Certification Preparation
-
Quiz
Staffing Support
-
Resume Preparation
-
Mock Interview Preparation
-
Phone Interview Preparation
-
Face to Face Interview Preparation
-
Project/Technology Preparation
-
Internship with internal project work
-
Externship with client project work
Our Salient Features:
-
Hands-on Labs and Homework
-
Group discussion and Case Study
-
Course Project work
-
Regular Quiz / Exam
-
Regular support beyond the classroom
-
Students can re-take the class at no cost
-
Dedicated conf. rooms for group project work
-
Live streaming for the remote students
-
Video recording capability to catch up the missed class