Brief Description
|
The Cybersecurity short course provides you with practical guidance on how to think like a cybersecurity expert by analysing and minimising the risk of security incidents that can possibly appear in an organisation. The course specifically covers various aspects of security services that include identification and authentication, authorisation, confidentiality, integrity and privacy. You will also become familiar with the fundamental concepts of threats, vulnerabilities, risks and countermeasures; the mechanisms that are used to implement different security services (such as encryption and hash codes); regulatory measures (such as the NIST Framework and ISO 27000); and analysis and recommendations for security improvements
|
Learning Outcomes
|
After successful completing this course, you will have a clearer understanding of: Current state of Cyber-security in South Africa and globally Thinking like a Cyber-security expert / Understanding the Cyber-security landscape Information security service 1: Identification and Authentication Endpoint protection Information security service 2: Authorisation Setting up access control lists: Windows/Linux/Mac etc. Information security service 3: Confidentiality Information security service 4: Integrity Information security service 5: Availability Information security service 6: Privacy NIST Cybersecurity Framework: Putting it all together
|
Course Content
|
DAY 1Lecture 1: IntroductionCurrent state of cybersecurity in South Africa and globallyNIST Cybersecurity Framework Brief overview: Identify/protect/detect/respond/recoverLecture 2: Understanding the cybersecurity landscapeThe building blocks: CIA Confidentiality/integrity/availability Threats Vulnerabilities Risks CountermeasuresLecture 3: Information security service 1: Identification and authentication Digital identity management/digital certificates Passwords and password tools Phishing Anti-virus Digital certificatesPractical Session 1: Endpoint protection Desktop (Firewall) Operating system (iOS, Android) Browser (Internet Explorer, Firefox) Network (Intrusion detection)Lecture 4: Information security service 2: Authorisation Basic access control models military vs. commercial models Concept of least privilege and separation of duties Role-based access controlPractical Session 2: Setting up access control lists Windows/Linux/Mac etc.DAY 2Lecture 5: Information security service 3: Confidentiality Understanding the basics of cryptosystems Normal (symmetric crypto) Private/public key crypto (asymmetric crypto) Internet proxy firewallsPractical Session 3 Using crypto tools Setting up a VPN Penetration testingLecture 6: Information security service 4: Integrity Different ways of implementing integrity Hash codes/SHA etc. Malware protectionPractical Session 4 Vulnerability scanning Using file checkers etc.Lecture 7: Information security service 5: Availability Disaster recovery planning/contingency management Anonymiser network monitoring Honeypots Incident response and event handlingDAY 3Lecture 8: Information security service 6: Privacy Privacy models Social media platforms and browser privacy settings Privacy enhancing technologies (PET) Privacy preservation data miningPractical Session 5 Social media platform (Twitter) and browser privacy settings Anonymisation of dataLecture 9: NIST Cybersecurity Framework: Putting it all together Brief overview: Identify/protect/detect/respond/recover All work done over the three day course mapped onto the NIST Framework Show how the following fit into the NIST Framework: ECT Act in South Africa and EU Data Protection Act POPI Act Governance model ISO27000 family of standards for Cybersecurity/ information securityPractical Session 6Use the NIST Framework Analyse a company and make improvement recommendations based on NIST/ISO27000/Legal/ etc.
|
Entry Requirements
|
Prospective delegates should at least have a matric qualification and five years relevant work experience, or any Bachelors degree.
|
Click here to download the brochure
Course Number: |
P006653 |
Catalogue and Category: |
Information and Communication Technology |
Who Should attend: |
The course would benefit project managers, staff in network operations, computer technicians, M&V professionals and ICT Professionals. |
Delivery Mode: |
Contact Sessions |
Contact Days: |
3 |