CYBER SECURITY TRAINING & CERTIFICATION

Size: px

Start display at page:

Download "CYBER SECURITY TRAINING & CERTIFICATION"

Darcy Bishop
5 years ago
Views:

1 CYBER SECURITY TRAINING & CERTIFICATION 2018

professional qualifications, that are demanded by employers today. Information or cyber security is now a prominent, highly-regarded profession offering many varied career paths.

2 Introduction Dear Colleagues, It is my pleasure to introduce you to lnfosec Skills. We are passionate about providing high quality courses at affordable prices and are committed to helping people not only enter the industry, but also advance throughout their careers with skills and professional qualifications, that are demanded by employers today. Information or cyber security is now a prominent, highly-regarded profession offering many varied career paths. lnfosec Skills offers a formal route to becoming a recognised and respected information security professional, from our foundation courses and certificates for new entrants to our CREST Registered qualifications for Senior Practitioners and our Graduate Programme that leads to a Cyber Technology MSc will see the release of some exciting new courses: ISO Lead Incident Manager (27035LIM), CREST Practitioner Security Analyst (CP SA), CREST Registered Tester (CRT), CREST Practitioner Intrusion Analyst (CPIA) and CREST Registered Intrusion Analyst (CRIA), all of which are 5 day courses, with both live class and e-learning options that lead to professional qualifications. As part of your professional development planning, don't forget to create your 'Skills Profile' using the 'lnfosec Skills Profiler: which is a free tool designed to help individuals understand their skill set and skill levels to inform decisions on professional development and training. The 'Skills Profiles' created using the 'Skills Profiler' are based upon the 'IISP Skills Framework: which provides a high level structure of competencies expected of information security professionals and is used to define skill sets and skill levels for specific job roles. As always, we are happy to discuss your job role goals and advise on the perfect training and certification pathway for you to achieve them in a cost effective and expedited fashion. Whatever stage you are at in your career, we are here to help you, your team or your company, locally or worldwide. Welcome to lnfosec Skills, Terry Neal Chief Executive Officer "We have a responsibility to ourselves and to our clients to ensure that our courses are the best they can be. To that end, we ask every single person to evaluate the course overall, the value of the course content and our instructors teaching skill, every time the course is delivered onsite or online. The feedback and data that we collect tells us how we are performing as an organisation, allows us to gauge the qua/ ity and value of our courses, and informs us where changes are needed to maintain course quality and high standards within our organisation"

Skill Levels lnfosec Skills courses vary in their level of difficulty as defined below: Skill Levels and Contents Skill Level 1: (Awareness) Understands the skill and its application.

Skill Level 2: (Basic Application) Understands the skill and applies it to basic tasks under some supervision.

3 Skill Levels lnfosec Skills courses vary in their level of difficulty as defined below: Skill Levels and Contents Skill Level 1: (Awareness) Understands the skill and its application. Has acquired and can demonstrate basic knowledge associated with the skill. Understands how the skill should be applied, but may have no practical experience of its application. Skill Level 2: (Basic Application) Understands the skill and applies it to basic tasks under some supervision. Has acquired the basic knowledge associated with the skill, for example has acquired an academic or professional qualification in the skill. Understands how the skills should be applied. Has experience of applying the skill to a variety of basic tasks. Determines when problems should be escalated to a higher level. Contributes ideas in the application of the skill. Demonstrates awareness of recent developments in the skill. Skill Level 3: (Skilful Application) Understands the skill and applies it to complex tasks with no supervision. Has acquired a deep understanding of the knowledge associated with the skill. Understands how the skill should be applied. Has experience of applying the skill to a variety of complex tasks. Demonstrates significant personal responsibility or autonomy, with little need for escalation. Contributes ideas in the application of the skill. Demonstrates awareness of recent developments in the skill. Contributes ideas for technical development and new areas for application of the skill. Skill Level 4: (E>q2ert) An authority who leads the development of the skill. Is an acknowledged expert by peers in the skill. Has experience of applying the skill in circumstances without precedence. Proposes, conducts, and/or leads innovative work to enhance the skill. About Us PCilRM - Practitioner Certificate in Information Risk Management 12 PCiBCM - Practitioner Certificate in Business Continuity Management 14 SASP - Solution Architecture Security Practitioner 16 PCilAA - Practitioner Certificate in Information Assurance Architecture 18 ISO Lead Implementer 22 ISO Lead Auditor 26 ISO Lead Incident Manager 30 2 c-_, -, '.) PROFILER Create your own Skills Profile at: nfosecs ki lls.com/profiler CyberTechnology MSc 48 Promotions, Bundles and 0% Financing SO Course Delivery Options S 1 "Courses designed by subject matter experts and leading authors"

About Us InfoSec Skills Ltd, based in Reading Berkshire UK, works with industry and employers to create courses that impart the skills that are in demand today, whilst staying compliant by making use

4 About Us InfoSec Skills Ltd, based in Reading Berkshire UK, works with industry and employers to create courses that impart the skills that are in demand today, whilst staying compliant by making use of international standards. Our faculty of subject matter experts are dedicated to maintaining the currency and relevancy of our course content and each course is assessed and accredited by the respective examination body to confirm alignment with their examination syllabus and to ensure that each course provides professional quality and depth suitable for professional development. Our range of courses span multiple disciplines offering varied career, training and certification pathways for private individuals or enterprise teams. Varying skill levels support new entrants and senior practitioners throughout their careers resulting in faster career advancement. We are about getting you from A to B in the quickest and most affordable way. Explore our delivery methods from 4-day fully residential bootcamps, to 5 day public classes, to e-learning. Our extensive Live Public Class schedule should have what you are looking for because we offer public classes every month of the year. Our continuous investment in our professional curriculum, with new courses under continual development, coupled with an ever-expanding faculty and rapidly growing member community of IA professionals, demonstrates our commitment to the industry, providing a positive, tangible effort in the fight against cybercrime. VENUES: New venues are being used throughout 2018, so we are easier to reach, offer greater UK coverage and provide more delivery options than ever before: Wyboston Lakes Great North Road, Wyboston, Bedfordshire MK44 3AL 107 Cheapside London EC2V 6DN PGI Cyber Academy Cascades 1, 1190 Park Avenue, Aztec West Bristol BS32 4FP De Montfort University The Gateway Leicester LE1 9BH All inclusive, full residential training courses include en-suite accommodation, breakfast, lunch, dinner, parking, wi-fi, snacks and drinks during breaks, with no hidden extras. You will be trained in just 4 days and whereas a day with a traditional training provider generally runs from 9am 5pm, with a nice long break for lunch, with our bootcamps you ll get at least 12 hours/day quality learning time, with your instructor. We use practical exercises to make sure you can apply your new knowledge to the work environment. Our instructors use demonstrations and real-world experience to keep the day interesting and engaging. 2 See our Live Public Class Schedule for a list of courses that are available in this accelerated training and certification bootcamp format:

PRIVATE ONSITE For teams, we are happy to visit you and deliver any course on your own premises allowing you to keep staff close and save on travel and accommodation expenses.

This qualification is based on InfoSec Skills technical hands-on training courses, combined with academic modules delivered by the University.

This is one of the best ways to work towards your MSc while still maintaining full-time employment and is used by many enterprises to qualify and retain their executives and senior staff.

5 PRIVATE ONSITE For teams, we are happy to visit you and deliver any course on your own premises allowing you to keep staff close and save on travel and accommodation expenses. POST GRADUATE QUALIFICATION InfoSec Skills partners with De Montfort University (DMU) to provide a Postgraduate-level information security qualification, namely the Cyber Technology MSc. This qualification is based on InfoSec Skills technical hands-on training courses, combined with academic modules delivered by the University. Upon successful completion of an InfoSec Skills hands-on training course, delegates are eligible to apply to DMU for the Academic Top-up by distance learning. This is one of the best ways to work towards your MSc while still maintaining full-time employment and is used by many enterprises to qualify and retain their executives and senior staff. CONTACT US Feel free to contact us with questions or comments, to schedule your exams or to discuss a complete training plan for you or your team. We also want to hear from Security Professionals who are interested in joining our Faculty of Subject Matter Experts: /contact. UK InfoSec Skills Ltd Atlantic House Imperial Way Reading Berkshire RG2 0TD DMU Admissions Team E: techadmissions@dmu.ac.uk T: +44 (0) WEB: TEL: +44 (0) info@infosecskills.com #: #infosec_skills 3

them and your organisation. Through a combination of interactive modules and clear guidance, best practice advice is delivered before assessing their understanding and providing feedback.

6 SECURITY AWARENESS v2.0 THE TOP 20 TOPICS WE ALL NEED TO BE AWARE ABOUT Our e-learning modules provide a comprehensive training solution to educate pupils/students/employees about the security risks and threats facing them and your organisation. Through a combination of interactive modules and clear guidance, best practice advice is delivered before assessing their understanding and providing feedback. We currently have security awareness content for 20 modules covering a variety of security topics, each of which can be tailored to include individual policy content relevant to your organization. Raising the Security Awareness bar across an organisation reduces risk for that organisation. These Security Awareness topics engage the user and impart important knowledge that will contribute to the security of your organisation. Topics include: Passwords Encryption Social Engineering SCADA Browsers Data Destruction Data Protection Cloud Social Networking Mobile Security Hacked BYOD Physical Security Security Monitoring Protecting Your Computer Peer 2 Peer Wireless Security Weakest Link Security Policies 4

WHY SHOULD YOU ATTEND? Because Information Security is everyone s responsibility Because cyber security threats have increased significantly Because training is an ISO27

7 WHY SHOULD YOU ATTEND? Because Information Security is everyone s responsibility Because cyber security threats have increased significantly Because training is an ISO27001 requirement (A Information security awareness, education and training) Because it is your company policy WHO SHOULD ATTEND? Pupils Students Employees Management Executives New Hires E-LEARNING DURATION: 2.5 HOURS The e-learning tool: Enables users to progress through a selection of quizzes, surveys and interactive slides in a highly intuitive way. Can be tailored to reflect your security and training objectives; learning, compliance, certification, knowledge assessment. Enables you to easily track results on your LMS via SCORM (Sharable Content Object Reference Model). Allows customisation of your project to align it with corporate brand guidelines including layout and navigation options. Provides a flexible solution to delivering consistent security messages to geographically diverse audiences. Management reports provide information such as attendance and grades. The platform and its capabilities The ability to design and tailor content in line with your corporate branding and learning requirements. The provision to create additional modules on specific themes where required. The option to build e-learning course content for specific audiences. The ability for the user to gain feedback and review answers. The option to link back to other courses within our portfolio for further professional development. The ability to link activities, within the Learning Management System (LMS), enabling printed certification for the user. An annual update to refresh employees on their security responsibilities. Prerequisites Knowledge of IT would be advantageous but not essential. Course Contents The course consists of 20 topics but organisations can choose which topics they would like to appear in a security awareness programme for their pupils/students/employees. Assessment At the end of the course the student must undertake a quiz to assess their understanding of the information provided across all topics and to see if the objectives of the course have been met. A completion certificate is then provided once the student achieves a minimum score in the quiz. Attendance and grade reports are accessible to management so that the results can be fed into a metrics framework to allow for measurement of progress over time. 5

implementing cybersecurity and defending against cyber attacks.

8 EXECUTIVE CYBER AWARENESS v1.0 SUMMARY This course prepares members of the board, senior executives and those with management responsibilities to take a proactive posture in implementing cybersecurity and defending against cyber attacks. The course explains the importance of investing in a company's cybersecurity capability and the consequences of under investment. It provides sufficient case studies and information to enable an executive to prepare an investment plan. The course is delivered through e-learning. Should an organisation wish to have it delivered in a classroom environment please contact InfoSec Skills. 6

9 WHO SHOULD ATTEND? Board members and senior executives who need to understand the cyber threats to their organisation. Executives who are responsible for the management of business risk within the organisation. IT and non-it personnel who need to understand more about the protection of corporate systems from internal and cyber attacks. Executives who need to understand more about the risks of doing business over the Internet. LEARNING OBJECTIVES Students who have successfully completed the Executive Cyber Awareness course will be able to: Describe the basic concepts and terminology of cyber and information security and the legal and regulatory environment. Describe the different cyber attacks an organisation might be liable to. Explain how a number of recent cyber attacks were launched and the consequences to that organisation. Explain the potential consequences to an organisation should a cyber attack be successful. Explain how cyber criminals target organisations and make money. Apply the principles of cybersecurity to their own environment. Describe how an organisation can minimise the risk of a successful cyber attack. COURSE AGENDA DURATION: 8 HOURS MODULE 1 Cyber and Information Security An Introduction This module lays down the foundations of understanding cyber and information security. It defines a number of the terms used in cybersecurity and cyber attacks. What is cybersecurity? Common Terms: Malware, Denial of Service, Phishing (Spear and Whale), Spoofing, Spyware, Ransomware, Key logger, Pharming, Virus, Worm, Backdoor, Trojan Horse, zero-day exploit and social engineering. Risk Management. MODULE 2 Understanding the Threats This module examines the types of attack that could affect an organisation and in particular examines the different motivations of the attackers. It will go through a number of recent cyber attacks and describe how the attacks were launched together with the impact on the organisation. Types of threat agents and their motivations. Potential consequences to an attack. Analysis of recent cyber attacks: causes and impacts. Ecosystem of zero-day exploits. MODULE 3 Legal and Regulatory Consequences of an Attack This modules describes the legal, regulatory and management responsibilities of an organisation and the potential penalties for non-compliance or breaches. Data Protection and the EU General Data Protection Regulation (GDPR). Privacy and Electronic Communications Regulations (PECR). NIS Directive Payment Card Industry Data Security Standard (PCI DSS). MODULE 4 Preventing and Defending against Cyber Attacks This final module describes a number of security controls an organisation should consider implementing to lessen the risk of a successful attack. Establishing governance and having an Information Security Management System (ISMS). Security design principles. 10 Steps to Cybersecurity. Implementing the five Cyber Essentials technical controls. ASSESSMENT & EXAMINATION At the end of each module the student is encouraged to undertake an assessment to assess their knowledge of the material provided in that module and to see if the objectives of the module have been met. An examination at the end of the course allows the student to demonstrate the knowledge and understanding obtained during the course. 7

10 FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide the foundation of knowledge necessary for individuals who have IT or information security responsibilities as part of their day-to-day role, or who are thinking of moving into an information security function. Every member of IT staff should have this knowledge. If your IT staff do not know what a Business Impact Analysis is or do not understand the significance of Risk Assessments or do not know what to do during an incident, then it may be time to baseline all your IT staff with this course. The FCIS course introduces the concept of and disciplines within Information Assurance and how this can contribute to and form part of the overall business strategy for an organisation. It provides the opportunity for those exploring or moving into information security roles to enhance or refresh their knowledge and, in the process, gain a recognised industry qualification, regulated by the Global Certification Institute (GCI). This is useful to both the individual and employer in terms of attesting to the level of professional ability an individual has attained. Based upon international standards and industry best practice, this course provides a great foundation for anyone starting a career in Information/Cyber Security or who are taking on extra Information Security responsibilities. 17 hours of condensed knowledge + a 1-hour exam proves your understanding of the top five disciplines of Information Security. 8

11 WHY SHOULD YOU ATTEND? This course is intended for anyone who has an interest in information security, either for potential or existing security professionals, or as an additional part of his or her general business knowledge (for example, the material covered on this course would make good supporting material for network/system administrator who have or who are taking on additional security responsibilities, business managers, IT managers, security analysts and IT staff. When used as a baseline for all IT staff this course ensures that they speak the same language as your security team and that they understand why the security team do what they do. WHO SHOULD ATTEND? Network/System Administrators Business Managers I.T. Managers Security Analysts I.T. Staff New Hires COURSE AGENDA DURATION: 2 DAYS MODULE 1 Introduction to Information Security Management Concepts and definitions Benefits and requirements of information security MODULE 6 Preparation for the FCIS Exam Format, Structure and Scoring of the exam MODULE 2 MODULE 3 MODULE 4 Introduction to Information Risk Management Information risk management terminology Risk management in the business context Information risk management fundamentals Introduction to Business Continuity Management The need for business continuity management The context of business continuity management in the business The business continuity lifecycle Introduction to Information Assurance Architecture What is Security Architecture? The Role of a Security Architect Security Design Principles BONUS TOPIC Web Application Security and OWASP Top 10 Understand the most prevalent security risks to counter Understand the OWASP Risk Methodology Understand the degree of exploitability, prevalence, detectability and technical impact of the Top 10 security risks Understand which security controls to use to mitigate the Top 10 security risks MODULE 5 Soft Skills and Incident Handling Engagement Lifecycle Management Incident Chronology Law and Compliance Record Keeping, Interim Reporting & Final Results 9

CERTIFICATE IN INFORMATION SECURITY MANAGEMENT PRINCIPLES v3.0 A comprehensive overview of all the key principles in Information Security.

12 CERTIFICATE IN INFORMATION SECURITY MANAGEMENT PRINCIPLES v3.0 A comprehensive overview of all the key principles in Information Security. SUMMARY The Certificate in Information Security Management Principles (CISMP) course is designed to provide the foundation of knowledge necessary for individuals who have information security responsibilities as part of their day-to-day role, or who are thinking of moving into an information security function. The CISMP course and associated qualification provides the opportunity for those already serving as information security professionals to enhance or refresh their knowledge and, in the process, gain a recognised industry qualification, regulated by the British Computer Society (BCS), the Chartered Institute of IT. This is useful to both the individual and employer in terms of attesting to the level of professional ability an individual has attained. The InfoSec Skills CISMP course primes the student with all the knowledge needed to sit and pass the BCS s CISMP examination. 10

13 WHY SHOULD YOU ATTEND? This course is intended for anyone who has an interest in information security, either for a potential or existing security professionals, or as an additional part of his or her general business knowledge (for example, the material covered on this course would make good supporting material for solution architects or risk managers). WHO SHOULD ATTEND? Network/System Administrators Business Managers I.T. Managers Security Analyst New Hires MODULE 5 MODULE 4 MODULE 3 MODULE 2 MODULE 1 COURSE AGENDA Information Security Management Principles Concepts and definitions Benefits and requirements of information security Information Risk Threats and Vulnerabilities to information systems Risk Management Information Security Framework Organisation and Responsibilities Legal Framework Security standards and procedures Procedural/People Security Controls People User access controls Communication, training and awareness Technical Security Controls Protection from malicious software Networks and communications External services Cloud computing IT Infrastructure MODULE 6 M 10 M 9 MODULE 8 MODULE 7 DURATION: 5 DAYS (40 hours) Software Development and Lifecycle Testing, audit and review Systems development and support Physical and Environment Controls General controls Physical, technical and procedural controls Protection of equipment Intruder alarms Clear screen and clear desk policy Moving property on and off site Procedures for secure disposal Security requirements for delivery and loading areas Disaster Recovery & Business Continuity Management Business Continuity Management and Disaster Recovery Planning Approaches to writing plans and implementation plans The need for documentation, maintenance and testing Other Technical Aspects Investigations and forensics Role of cryptography Preparation for the CISMP exam Format, structure and scoring of the test Mock exam 11

14 PRACTITIONER CERTIFICATE IN INFORMATION RISK MANAGEMENT v2.0 HANDS-ON APPROACH TO LEARNING ABOUT ALL ASPECTS OF INFORMATION RISK MANAGEMENT SUMMARY The Practitioner Certificate in Information Risk Management (PCiIRM) course is designed to provide foundation knowledge of the terminology and principles of information risk management. It is intended for individuals from information technologies or IT security backgrounds who are embarking on information risk management responsibilities or those who already fulfil information risk management roles who wish to formalise their accumulated experience. It is equally suitable for business managers who need to gain a formal insight into information risk management in support of wider business risk decision-making. The content of the course is aligned to international risk management standards. It thus provides grounding in the requirements for fulfilment of increasingly mandatory corporate compliance obligations. The InfoSec Skills PCiIRM course leads to the PCiIRM qualification regulated by the British Computer Society (BCS), which has become an industry-recognised credential for information risk managers. 12

WHY SHOULD YOU ATTEND? This course will prepare IT and information management practitioners for a formal qualification in information risk management.

business or infrastructure risk management. WHO SHOULD ATTEND? Anyone who is involved in the areas of information security and information assurance.

5 hours) MODULE 2 MODULE 1 Information Risk Management Concepts Information risk management terminology Risk management in the business context Information risk management fundamentals Information

15 WHY SHOULD YOU ATTEND? This course will prepare IT and information management practitioners for a formal qualification in information risk management. It provides grounding in information risk management principles that will assist both technical individuals and business managers to gain a deeper insight into information risk in support of broader business or infrastructure risk management. WHO SHOULD ATTEND? Anyone who is involved in the areas of information security and information assurance. Business Managers COURSE AGENDA DURATION: 5 DAYS (37.5 hours) MODULE 2 MODULE 1 Information Risk Management Concepts Information risk management terminology Risk management in the business context Information risk management fundamentals Information Risk Management Frameworks Establishing an information risk management strategy Setting internal risk management standards and criteria EXAMINATION PCiIRM Exam Syllabus The concepts and framework of information risk management (5%) Information risk management fundamentals (10%) Establishing an information risk management programme (25%) Risk Identification (25%) Risk Assessment (20%) MODULE 4 MODULE 3 The Information Risk Management Process Setting the risk management scope Threat and vulnerability assessment Business Impact Analysis Risk determination Information risk management controls Classification principles Implementing Information Risk Management Information risk management methodologies Risk reporting and presentation Business cases Decision making Risk treatment Risk monitoring Risk Treatment (5%) Presenting risks and business case (5%) Monitor and review (5%) Duration and Format of the Examination A three-hour scenario based written examination consisting of: Section A multiple-choice questions: Answer all of the 10 questions each answer carries 1 mark. Section B short answer questions: Answer all of the 6 questions each answer carries 5 marks. Section C essay questions: Answer all 3 questions each answer carries 20 marks. MODULE 5 Preparation for the PCIRM Examination Format, structure and scoring of the exam Mock Examination, using the BCS sample paper 13

PRACTITIONER CERTIFICATE IN BUSINESS CONTINUITY MANAGEMENT v2.

a hands-on approach to all stages of the business continuity management (BCM) lifecycle from conducting a business impact analysis to the exercising of business continuity plans.

16 PRACTITIONER CERTIFICATE IN BUSINESS CONTINUITY MANAGEMENT v HANDS-ON APPROACH TO BUSINESS CONTINUITY MANAGEMENT, MAKING USE OF CURRENT STANDARDS SUMMARY The Practitioner Certificate in Business Continuity Management (PCiBCM) course is designed to provide a hands-on approach to all stages of the business continuity management (BCM) lifecycle from conducting a business impact analysis to the exercising of business continuity plans. Making full use of the current standard ISO 22301, students are able to make a significant contribution to the BCM process when returning to their organisation. The PCiBCM course and associated qualification provides the opportunity for those already serving as business continuity professionals to enhance or refresh their knowledge and, in the process, gain a recognised industry qualification, regulated by the BCS The Chartered Institute for IT. The InfoSec Skills PCiBCM course primes the student with all the knowledge needed to sit the BCS PCiBCM examination.

WHY SHOULD YOU ATTEND? This Certificate in Business Continuity Management is intended for (but not limited to) those who are involved in the areas of business continuity and disaster recovery.

17 WHY SHOULD YOU ATTEND? This Certificate in Business Continuity Management is intended for (but not limited to) those who are involved in the areas of business continuity and disaster recovery. It will provide guidance to the student in good business continuity management practice, and assist the path to ISO accreditation. WHO SHOULD ATTEND? Anyone who is involved in the areas of information security and information assurance. Business Managers COURSE AGENDA DURATION: 5 DAYS (40 hours) MODULE 4 MODULE 3 MODULE 2 MODULE 1 Introduction to Business Continuity Management The need for business continuity management The context of business continuity management in the business Review of risk management fundamentals The business continuity lifecycle Business Continuity Programme Management Business continuity policy Business continuity governance Business continuity implementation Ongoing business continuity management Involvement of third parties Business continuity documentation Understanding the Organisation Identification of mission-critical areas and Business Impact Analysis (BIA) Continuity Requirements Analysis (CRA) Evaluation of threats and risk assessment Evaluation of options and business cases Determining the Business Continuity Strategy Identifying and selecting strategies People Premises Information and communications technology Information Supply chain and stakeholders Civil emergencies EXAMINATION MODULE 8 MODULE 7 MODULE 6 MODULE 5 Business Continuity Response The Incident management process Types of plan, including incident management, business continuity, disaster recovery and business resumption plans Exercising, Maintenance and Review Exercising and testing of plans Maintenance and review of plans Embedding Business Continuity Awareness Overall awareness Skills training Preparation for the PCiBCM Examination Format, structure and scoring of the exam Mock examination Duration and Format of the Examination A three-hour scenario based written examination consisting of: Part A: 10 multiple-choice questions (1 mark each) - answer all questions Part B: 6 Compulsory short narrative questions (5 marks each) - answer all questions. Part C: 3 Compulsory essay style questions. (20 marks each) answer all questions 15

SOLUTION ARCHICTECTURE SECURITY PRACTITIONER v2.0 DEVELOP NEW ARCHITECTURES THAT MITIGATE THE RISKS POSED BY NEW TECHOLOGIES AND BUSINESS PRACTICES.

18 SOLUTION ARCHICTECTURE SECURITY PRACTITIONER v2.0 DEVELOP NEW ARCHITECTURES THAT MITIGATE THE RISKS POSED BY NEW TECHOLOGIES AND BUSINESS PRACTICES. SUMMARY It is rare for todays IT systems to have no security facilities within them. Many organisations, or projects, cannot afford to have an assigned security architect. Yet many solutions or technical architects do not have a good understanding of Information Assurance (IA). This means that many systems are being designed and built that do not mitigate many of the current and emerging threats from today s interconnected IT world. The Solution Architecture Security Practitioner (SASP) course is targeted at Solution Architects wishing to know how to design secure systems and gain the knowledge of how to architect into a system a wide range of security controls. 16

19 WHO SHOULD ATTEND? Solution or Technical Architects who wish to build security into their projects. IT staff looking to enhance their technical skills and knowledge Security professionals wanting to gain an appreciation of the technical and business aspects of their profession, or move into a more senior architecture role. COURSE AGENDA DURATION: 3 DAYS MODULE 4 MODULE 3 MODULE 2 MODULE 1 Security Across the Lifecycle This module introduces the Solution Architect to the various security concerns and considerations when embarking on a new development project all the way to in-service support and decommissioning. It highlights the major areas of security work throughout a project that will be built upon in the following modules. This module looks at auditing and traceability of solutions, building systems using COTS or bespoke code (and the complications of each choice), some aspects related to the business matters needing consideration when embarking on a secure development programme, and how systems are accepted as fit for purpose and put into an operational capacity Security Across the Lifecycle The Basics of Security Architecture What is Security Architecture? This module lays down the foundation of understanding of what it means to be a security architect and what the basic principles of architecture are. It describes the relationship to Enterprise Architecture Frameworks and how some of these frameworks address security. Security Design Principles. Conceptual Architectures. Advanced Security Architecture Concepts This module builds on the Module 2, laying down the next level of detail for a variety of architectural concepts. It starts by describing security mechanisms, such as cryptographic mechanisms. It then goes on to describe a wide range of security services. Finally the module describes how the security services can be applied within a system and how design patterns are an important tool for a SA. Core Security Mechanisms. Security Services (parts 1 and 2). Security Design. Information Assurance Methodologies This final module goes into the various methodologies and techniques that can be used to assure the implementation of a system or a product. This includes the purpose of vulnerability and penetration testing. Information Assurance Frameworks. Vulnerability and Penetration Testing. LEARNING OBJECTIVES Students that have successfully completed the SASP course will be able to: Describe and apply security design principles. Identify information risks that arise from potential solution architectures. Design alternate architectures or countermeasures to mitigate identified information risks. Ensure that proposed architectures and countermeasures adequately mitigate identified information risks. Apply standard ' security techniques and architectures to mitigate security risks. Develop new architectures that mitigate the risks posed by new technologies and business practices. Securely configure ICT systems in compliance with their approved security architectures. EDUCATIONAL APPROACH This training is based on both theory and practice: - Sessions of lectures illustrated with examples based on real cases - Review exercises to assist the exam preparation - Practical exercises To benefit from the practical exercises, the number of training participants is limited ASSESSMENT, EXAMINATION AND CERTIFICATION At the end of each module the student is encouraged to undertake an assessment to assess their knowledge of the material provided in that module and to see if the objectives of the module have been met. Throughout the course quizzes are undertaken that enables a student to test their knowledge of the information covered in that topic. The Solution Architecture Security Practitioner (SASP) course leads to the Global Certification Institute (GCI) SASP Certificate and professional qualification, which is taken on Day 3 of the course. 17

SUMMARY This course prepares the student to challenge either the British Computer Society s Practitioner Certificate in Information Assurance Architecture (PCiIAA) exam or the CREST Registered

20 PRACTITIONER CERTIFICATE IN INFORMATION ASSURANCE ARCHITECTURE v2.3 A Security Architect (SA) is a senior-level enterprise architect role, either within a dedicated security team or as part of a more general Enterprise Architecture (EA) team. SUMMARY This course prepares the student to challenge either the British Computer Society s Practitioner Certificate in Information Assurance Architecture (PCiIAA) exam or the CREST Registered Technical Security Architect (CRTSA) exam for Senior or Lead Practitioners. It has been designed to cover all learning objectives required of all domains covered in both certifications. PCiIAA explains what the role of a Security Architect is, covering responsibilities, as well as the business, technical, procedural and administrative requirements of the role. The role of the SA originates from a modern approach to IT in business, known as Enterprise Architecture, as explained by a variety of frameworks in use today, such as TOGAF, MODAF, DODAF and Zachman, all of which have their own views pertaining to security architecture. 18

21 WHO SHOULD ATTEND? Students who wish to gain the BCS PCiIAA or CREST's CRTSA certificate and qualify as a Practitioner, Senior Practitioner or Lead Practitioner in Security Architecture under the CESG Certified Professional (CCP) scheme. System administrators who wish to become security architects. Technical architects looking to move into the field of security architecture. Security professionals wanting to gain an appreciation of the technical and business aspects of their profession, or move into a more senior architecture role. LEARNING OBJECTIVES Students who have successfully completed the PCiIAA course will be able to: Describe the business environment and the information risks that apply to systems. Describe and apply security design principles. Identify information risks that arise from potential solution architectures. Design alternate architectures or countermeasures to mitigate identified information risks. Ensure that proposed architectures and countermeasures adequately mitigate identified information risks. Apply standard ' security techniques and architectures to mitigate security risks. Develop new architectures that mitigate the risks posed by new technologies and business practices. Provide consultancy and advice to explain Information Assurance and architectural problems. Securely configure ICT systems in compliance with their approved security architectures. COURSE AGENDA DURATION: 5 DAYS MODULE 1 The Basics of Security Architecture What is Security Architecture? This module lays down the foundation of understanding of what it means to be a security architect and what the basic principles of architecture are. It describes the relationship to Enterprise Architecture Frameworks and how some of these frameworks address security. Security architecture is at the heart of what it is to be a security architect. What is Security Architecture? The Role of a Security Architect. Security Design Principles. Conceptual Architectures. MODULE 2 MODULE 3 MODULE 4 Advanced Security Architecture Concepts This module lays down the next level of detail for a variety of architectural concepts. It starts by describing security mechanisms, such as cryptographic mechanisms. It then goes on to describe a wide range of security services. Finally the module describes how the security services can be applied within a system and how design patterns are an important tool for a SA. Core Security Mechanisms. Security Services, Part 1, Part 2 and Part 3. Security Design. Information Assurance Methodologies This module goes into the various methodologies and techniques that can be used to assure the implementation of a system or a product. This includes the purpose of vulnerability and penetration testing. Information Assurance Frameworks. Product and Service Assurance. Cryptographic Assurance. Vulnerability and Penetration Testing. Innovation and Business Improvement This module explains how security can drive change and improve business functions when done properly. Different business scenarios and sectors can drive a wide variety of security architecture innovations and changes and it s important that the accomplished security architect has a good understanding of business practices, such as mergers, outsourcing and SaaS solutions. Business Change, Security Metrics and ROI. Risk, Security Postures and Security Culture. Security as a Business Enabler. IA Maturity Models. 19

COURSE AGENDA MODULE 5 MODULE 6 Security Across the Lifecycle This module introduces the Solution Architect to the various security concerns and considerations when embarking on a new development

22 COURSE AGENDA MODULE 5 MODULE 6 Security Across the Lifecycle This module introduces the Solution Architect to the various security concerns and considerations when embarking on a new development project all the way to in-service support and decommissioning. It highlights the major areas of security work throughout a project that will be built upon in the following modules. This module looks at auditing and traceability of solutions, building systems using COTS or bespoke code (and the complications of each choice), some aspects related to the business matters needing consideration when embarking on a secure development programme, and how systems are accepted as fit for purpose and put into an operational capacity Security Across the Lifecycle Preparation for the PCiIAA and CRTSA Exams and Mock Exam This final module will prepare the student for the PCiIAA or the CRTSA examinations. Format, structure and scoring of the PCiIAA examination Format, structure and scoring of the CRTSA examination Mock Examination, using the BCS sample paper EDUCATIONAL APPROACH This training is based on both theory and practice: - Sessions of lectures illustrated with examples based on real cases - Review exercises to assist the exam preparation - Practical exercises To benefit from the practical exercises, the number of training participants is limited ASSESSMENT, EXAMINATION AND CERTIFICATION At the end of each module the student is encouraged to undertake an assessment to assess their knowledge of the material provided in that module and to see if the objectives of the module have been met. Throughout the course quizzes are undertaken that enables a student to test their knowledge of the information covered in that topic. The Practitioner Certificate in Information Assurance Architecture (PCiIAA) course leads to either the BCS PCiIAA practitioner level certificate or the CREST Registered Technical Security Architect (CRTSA) senior practitioner level qualification. 20

23 NOTES 21

PECB CERTIFIED ISO/IEC 27001 LEAD IMPLEMENTER MASTERING THE IMPLEMENTATION AND MANAGEMENT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27001 SUMMARY This five-day intensive

24 PECB CERTIFIED ISO/IEC LEAD IMPLEMENTER MASTERING THE IMPLEMENTATION AND MANAGEMENT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC SUMMARY This five-day intensive course enables the participants to develop the expertise necessary to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC The participants will also be given a thorough grounding in best practices used to implement Information Security controls from all areas of ISO/IEC This training is consistent with the project management practices established in ISO (Quality Management Systems - Guidelines for Quality Management in Projects). This training is also fully compatible with ISO (Guidelines for the Implementation of an ISMS), ISO (Measurement of Information Security) and ISO/IEC (Risk Management in Information Security). 22

25 WHO SHOULD ATTEND? Compliance project managers Information Security consultants Internal and external ISO/IEC auditors Members of an Information Security team COURSE AGENDA DURATION: 5 DAYS DAY 5 DAY 4 DAY 3 DAY 2 DAY 1 Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001; initiating an ISMS Introduction to the management systems and the process approach Presentation of the ISO family standards and regulatory framework Fundamental principles of Information Security Preliminary analysis and determining the level of maturity based on ISO Writing a business case and a project plan for the implementation of an ISMS Planning the implementation of an ISMS based on ISO/IEC Defining the scope of an ISMS Drafting an ISMS and Information Security policies Selection of the approach and methodology for risk assessment Risk management: identification, analysis and treatment of risk (based on ISO 27005) Drafting the statement of applicability Implementing an ISMS based on ISO/IEC Implementation of a document management framework Design of and implementation of controls Information Security training, awareness and communication program Incident management (drawing on guidance from ISO 27035) Operations management of an ISMS Control, monitor and measure an ISMS and the certification audit of the ISMS in accordance with ISO/IEC Monitoring the ISMS controls Development of metrics, performance indicators and dashboards in accordance with ISO ISO/IEC internal audit Management review of an ISMS Implementation of a continual improvement program Preparing for an ISO/IEC certification audit Certification Exam 23

LEARNING OBJECTIVES To understand the implementation of an ISMS To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS To acquire the

26 LEARNING OBJECTIVES To understand the implementation of an ISMS To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS To acquire the necessary expertise to support an organization in implementing, managing and maintaining an ISMS To acquire the necessary expertise to manage a team implementing ISO/IEC EXAMINATION The PECB Certified ISO/IEC Lead Implementer exam fully meets the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competence domains: 1 Domain 1: Fundamental principles and concepts in information security Main Objective: To ensure that the ISO/IEC Lead Implementer candidate can understand, interpret and illustrate the main Information Security concepts related to an Information Security Management System (ISMS) 2 Domain 2: Information Security Control Best Practice based on ISO/IEC Main Objective: To ensure that the ISO/IEC Lead Implementer candidate can understand, interpret and provide guidance on how to implement and manage Information Security controls best practices based on ISO/IEC Domain 3: Planning an ISMS based on ISO/IEC Main Objective: To ensure that the ISO Lead Implementer candidate can plan the implementation of an ISMS in preparation for an ISO certification 4 Domain 4: Implementing an ISMS based on ISO/IEC Main Objective: To ensure that the ISO/IEC Lead Implementer candidate can implement the processes and security controls of an ISMS required for an ISO/IEC certification 5 Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO/IEC Main Objective: To ensure that the ISO/IEC Lead Implementer candidate can evaluate, monitor and measure the performance of an ISMS in the context of an ISO/IEC certification 6 Domain 6: Continuous improvement of an ISMS based on ISO/IEC Main Objective: To ensure that the ISO/IEC Lead Implementer candidate can provide guidance on the continuous improvement of an ISMS in the context of ISO/IEC Domain 7: Preparation for an ISMS certification audit Main Objective: To ensure that the ISO/IEC Lead Implementer candidate can prepare and assist an organization for the certification of an ISMS against the ISO/IEC standard 24 The PECB Certified ISO/IEC Lead Implementer exam is available in different languages, such as English, French, Spanish and Portuguese Duration: 3 hours For more information about the exam, please visit:

CERTIFICATION After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Provisional Implementer, PECB Certified ISO/IEC 27001 Implementer or

27 CERTIFICATION After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC Provisional Implementer, PECB Certified ISO/IEC Implementer or PECB Certified ISO/IEC Lead Implementer, depending on their level of experience A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential: Credential Exam Professional Experience ISMS Audit Experience ISMS Project Experience Other Requirements PECB ISO/IEC Provisional Implementer PECB ISO/IEC Lead Implementer Exam None None None Signing the PECB code of ethics PECB ISO/IEC Implementer PECB ISO/IEC Lead Implementer Exam Two years One year of Information Security work experience None Project activities totalling 200 hours Signing the PECB code of ethics PECB ISO/IEC Lead Implementer PECB ISO/IEC Lead Implementer Exam Five years One year of Information Security work experience None Project activities totalling 300 hours Signing the PECB code of ethics GENERAL INFORMATION Certification fees are included in the exam price Participant manual contains over 450 pages of information and practical examples A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants In case of failure of the exam, participants are allowed to retake it for free under certain conditions For additional information, please contact us at info@infosecskills.com 25

PECB CERTIFIED ISO/IEC 27001 LEAD AUDITOR MASTERING THE AUDIT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27001, IN COMPLIANCE WITH THE REQUIREMENTS OF ISO 19011 AND ISO

28 PECB CERTIFIED ISO/IEC LEAD AUDITOR MASTERING THE AUDIT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27001, IN COMPLIANCE WITH THE REQUIREMENTS OF ISO AND ISO SUMMARY This five-day intensive course enables the participants to develop the expertise needed to audit an Information Security Management System (ISMS), and manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participants will acquire the knowledge and skills needed to proficiently plan and perform internal and external audits in compliance with certification process of the ISO/IEC standard. Based on practical exercises, the participants will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to conduct an audit efficiently. 26

29 WHO SHOULD ATTEND? Internal auditors Auditors wanting to perform and lead an ISMS certification audits Members of an Information Security team Technical experts wanting to prepare for an Information Security audit function COURSE AGENDA DURATION: 5 DAYS DAY 5 DAY 4 DAY 3 DAY 2 DAY 1 Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC Normative, regulatory and legal framework related to Information Security Fundamental principles of Information Security The ISO/IEC certification process Detailed presentation of the clauses of ISO/IEC Planning and initiating an ISO/IEC audit Fundamental audit concepts and principles Audit the approach based on evidence and on risk Preparation of an ISO/IEC certification audit Documenting of an ISMS audit Conducting an ISO/IEC audit Communication during the audit Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation Drafting test plans Formulation of audit findings, drafting of nonconformity reports Concluding and ensuring the follow-up of an ISO/IEC audit Audit documentation Conducting a closing meeting and conclusion of an ISO/IEC audit Evaluation of corrective action plans ISO/IEC surveillance audit and audit management program Certification Exam 27

LEARNING OBJECTIVES To acquire expertise of performing an ISO/IEC 27001 internal audit, following the ISO 19011 guidelines To acquire expertise of performing an ISO 27001 certification audit,

30 LEARNING OBJECTIVES To acquire expertise of performing an ISO/IEC internal audit, following the ISO guidelines To acquire expertise of performing an ISO certification audit, following the ISO guidelines and the specifications of ISO and ISO To acquire necessary expertise for managing an ISMS audit team To understand the operation of an ISO/IEC EXAMINATION The PECB Certified ISO/IEC Lead Auditor exam fully meets the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competence domains: 1 Domain 1: Fundamental principles and concepts in Information Security Main Objective: To ensure that the ISO/IEC Lead Auditor candidate can understand, interpret and illustrate the main Information Security concepts related to an Information Security Management System (ISMS) 2 Domain 2: Information Security Management System (ISMS) Main Objective: To ensure that the ISO/IEC Lead Auditor candidate can understand, interpret and illustrate the main concepts and components of an Information Security Management System based on ISO/IEC Domain 3: Fundamental Audit Concepts and Principles Main Objective: To ensure that the ISO/IEC Lead Auditor candidate can understand, interpret and apply the main concepts and principles related to an ISMS audit in the context of ISO/IEC Domain 4: Preparation of an ISO/IEC audit Main Objective: To ensure that the ISO/IEC Lead Auditor candidate can prepare appropriately an ISMS audit in the context of ISO/IEC Domain 5: Conduct of an ISO/IEC audit Main Objective: To ensure that the ISO Lead Auditor candidate can conduct efficiently an ISMS audit in the context of ISO/IEC Domain 6: Conclusion and follow-up of an ISO/IEC audit Main Objective: To ensure that the ISO/IEC Lead Auditor candidate can conclude an ISMS audit, and conduct the followup activities in the context of ISO/IEC Domain 7: Management of an ISO/IEC audit program Main Objective: To ensure that the ISO/IEC Lead Auditor understands how to establish and manage an ISMS audit program 28 The PECB Certified ISO/IEC Lead Auditor exam is available in different languages, such as English, French, Spanish and Portuguese Duration: 3 hours For more information about the exam, please visit:

31 CERTIFICATION After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC Provisional Auditor, PECB Certified ISO/IEC Auditor or PECB Certified ISO/IEC Lead Auditor depending on their level of experience. Those credentials are available for internal and external auditors A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential: Credential Exam Professional Experience ISMS Audit Experience ISMS Project Experience Other Requirements PECB ISO/IEC Provisional Auditor PECB ISO/IEC Lead Auditor Exam None None None Signing the PECB code of ethics PECB ISO/IEC Auditor PECB ISO/IEC Lead Auditor Exam Two years One year of Information Security work experience Audit activities totalling 200 hours None Signing the PECB code of ethics PECB ISO/IEC Lead Auditor PECB ISO/IEC Lead Auditor Exam Five years Two years of Information Security work experience Audit activities totalling 300 hours None Signing the PECB code of ethics GENERAL INFORMATION Certification fees are included in the exam price Participant manual contains over 450 pages of information and practical examples A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants In case of failure of the exam, participants are allowed to retake it for free under certain conditions For additional information, please contact us at info@infosecskills.com 29

PECB CERTIFIED ISO/IEC 27035 LEAD INCIDENT MANAGER MASTERING THE INCIDENT MANAGEMENT PROCESS BASED ON ISO/IEC 27035 SUMMARY In this five-day intensive course participants develop the competence to

32 PECB CERTIFIED ISO/IEC LEAD INCIDENT MANAGER MASTERING THE INCIDENT MANAGEMENT PROCESS BASED ON ISO/IEC SUMMARY In this five-day intensive course participants develop the competence to master a model for implementing an incident management process throughout their organization using the ISO/IEC standard as a reference framework. Based on practical exercises, participants acquire the necessary knowledge and skills to manage information security incidents in time by being familiar with their life cycle. During this training, we will present the ISO/IEC information security incident management standard, a process model for designing and developing an organizational incident management process, and how companies may use the standard. This training is also fully compatible with ISO/IEC which supports ISO/IEC by providing guidance for incident management. 30

33 WHO SHOULD ATTEND? Incident managers Business Process Owners Information Security Risk Managers Regulatory Compliance Managers Members of Incident Response Team Persons responsible for information security or conformity within an organization COURSE AGENDA DURATION: 5 DAYS DAY 5 DAY 4 DAY 3 DAY 2 DAY 1 Introduction, incident management framework according to ISO/IEC Concepts and definitions related to information security and incident management Incident management standards, and best practices Choosing an incident management framework Understanding an organization and its context Planning the implementation of an Organizational Incident Management Process based on ISO/IEC Incident management strategy and project management Planning the implementation of an effective incident management process Preliminary analysis and selection of an approach and methodology Design and document an incident detection, reporting and management process Defining roles and responsibilities in the context of the implementation and management of an Incident Management Process Implementing an Incident Management Process Define the document and record management processes Incident Management policies & procedures Implementation of security processes and controls related to incident management Change management process Incident analysis processes Effective communication and the communication strategies Establish the Information Security Incident Response Team Monitoring, measuring and improving an Incident Management Process Monitoring and evaluating the effectiveness of incident management process in operations Development of metrics, performance indicators and dashboards Management reviews Implementation of a continual improvement program Develop and propose the best corrective and preventive action plans Certification Exam 31

34 LEARNING OBJECTIVES To understand the concepts, approaches, methods, tools and techniques allowing an effective information security incident management according to ISO/IEC To understand, interpret and provide guidance on how to implement and manage incident management processes based on best practices of ISO/IEC and other relevant standards To acquire the competence to implement, maintain and manage an ongoing information security incident management program according to ISO/IEC To acquire the competence to effectively advise organizations on the best practices in information security management EXAMINATION The PECB Certified ISO/IEC Lead Incident Manager exam fully meets the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competence domains: 1 Domain 1: Fundamental Principles and Concepts in Incident Management Main Objective: To ensure that the Certified ISO/IEC Lead Incident Manager candidate can understand, interpret and illustrate the main Incident Management concepts related to published standards including ISO/IEC Domain 2: Incident Management Best Practice based on ISO/IEC Main Objective: To ensure that the Certified ISO/IEC Lead Incident Manager candidate can understand, interpret and provide guidance on how to implement and manage Incident Management requirements based on best practices of ISO/IEC and other relevant standards 3 Domain 3: Designing and Developing an Organisational Incident Management Process based on ISO/IEC Main Objective:To ensure that the Certified ISO/IEC Lead Incident Manager candidate can plan the implementation of an effective Incident Management Process 4 Domain 4: Preparing for Incident Management and Implementing an Incident Management Process Main Objective: To ensure that the Certified ISO/IEC Lead Incident Manager candidate can implement the Incident Management process and associated security controls required for an effective Incident Management process 5 Domain 5: Enacting the Incident Management Process and Handling Security Incidents Main Objective: To ensure that Certified ISO/IEC Lead Incident Manager candidate can lead the response to an Incident in an effective, legal and professional manner 6 Domain 6: Performance Monitoring and Measuring Main Objective: To ensure that the Certified ISO/IEC Lead Incident Manager candidate can evaluate, monitor and measure the performance of an Incident Management Process 7 Domain 7: Improving the Incident Management Process Main Objective: To ensure that the Certified ISO/IEC Lead Incident Manager candidate can provide guidance on the Continual improvement of an Incident Management Process The PECB Certified ISO/IEC Lead Incident Manager exam is available in different languages, such as English, French, Spanish and Portuguese Duration: 3 hours For more information about the exam, please visit: 32

CERTIFICATION After successfully completing the PECB Certified ISO/IEC 27035 Lead Incident Manager exam, participants can apply for the credentials of PECB Certified ISO/IEC 27035 Provisional

35 CERTIFICATION After successfully completing the PECB Certified ISO/IEC Lead Incident Manager exam, participants can apply for the credentials of PECB Certified ISO/IEC Provisional Incident Manager, PECB Certified ISO/IEC Incident Manager or PECB Certified ISO/IEC Lead Incident Manager, depending on their level of experience. A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential: Credential Exam Professional Experience Incident Management Experience Other Requirements PECB Certified ISO/IEC Provisional Incident Manager PECB Certified ISO/IEC Lead Incident Manager Exam None None Signing the PECB code of ethics PECB Certified ISO/IEC Incident Manager PECB Certified ISO/IEC Lead Incident Manager Exam Two years One year of Incident Management related work experience Incident Management activities totaling 200 hours Signing the PECB code of ethics PECB Certified ISO/IEC Lead Incident Manager PECB Certified ISO/IEC Lead Incident Manager Exam Five years Two year of Incident Management related work experience Incident Management activities totaling 300 hours Signing the PECB code of ethics GENERAL INFORMATION Exam and certification fees are included in the training price A student manual containing over 450 pages of information and practical examples will be distributed to participants A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions ISO standard provides guidance for incident management to which organizations cannot get certified against For additional information, please contact us at: info@infosecskills.com 33

candidate s knowledge in assessing operating systems and common network services at a basic level below that of the main CRT and CCT qualifications.

36 CREST PRACTITIONER SECURITY ANALYST v1.0 CREST Practitioner Security Analyst (CPSA) The InfoSec Skills CPSA course leads to the CREST Practitioner Security Analyst (CPSA) examination, which is an entry level qualification that tests a candidate s knowledge in assessing operating systems and common network services at a basic level below that of the main CRT and CCT qualifications. The CPSA examination also includes an intermediate level of web application security testing and methods to identify common web application security vulnerabilities. The examination covers a common set of core skills and knowledge that assess the candidate s technical knowledge. The candidate must demonstrate that they are able to perform basic infrastructure and web application testing and interpret the results to locate security vulnerabilities. Success will confer the CREST Practitioner status to the individual. This qualification is a pre-requisite for the CREST Registered Penetration Tester (CRT) examination and comprises a multiple-choice examination. 34

37 WHO SHOULD ATTEND? Aspiring information security personnel who wish to be part of a PenTest team System administrators who are responding to attacks Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics Government departments who wish to raise and baseline skills across all security teams Law enforcement officers or detectives who want to expand their investigative skills Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications New hires / apprentices starting their security careers Anyone needing CPSA as a pre-requisite for the CREST Registered Tester (CRT) examination. COURSE AGENDA DURATION: 5 DAYS (40 hours) MODULE 4 MODULE 3 MODULE 2 MODULE 1 Soft Skills and Assessment Management Engagement Lifecycle Law & Compliance Scoping Understanding Explaining and Managing Risk Record Keeping, Interim Reporting & Final Results Core Technical Skills IP Protocols Network Architectures Network Routing Network Mapping & Target Identification Interpreting Tool Output Filtering Avoidance Techniques Packet Crafting OS Fingerprinting Application Fingerprinting and Evaluating Unknown Services Network Access Control Analysis Cryptography Applications of Cryptography File System Permissions Audit Techniques Information Gathering & Open Source Registration Records Domain Name Server (DNS) Customer Web Site Analysis Google Hacking and Web Enumeration NNTP Newsgroups and Mailing Lists Information Leakage from Mail & News Headers Networking Equipment Management Protocols Network Traffic Analysis Networking Protocols IPSec VoIP Wireless Configuration Analysis MODULE 5 MODULE 6 MODULE 7 Microsoft Windows Security Assessment Domain Reconnaissance User Enumeration Active Directory Windows Passwords Windows Vulnerabilities Windows Patch Management Strategies Desktop Lockdown Exchange Common Windows Applications Unix Security Assessment User Enumeration Unix Vulnerabilities FTP Sendmail / SMTP Network File System (NFS) R* services X11 RPC services SSH Web Technologies Web Server Operation Web Servers & their Flaws Web Enterprise Architectures Web Protocols Web Mark-up Languages Web Programming Languages Web Application Servers Web APIs Web Sub- Components 35

38 COURSE AGENDA MODULE 8 Web Testing Methodologies Web Application Reconnaissance Threat Modelling and Attack Vectors Information Gathering from Web Mark-up Authentication Mechanisms Authorisation Mechanisms Input Validation Application Fuzzing Information Disclosure in Error Messages Use of Cross Site Scripting Attacks Use of Injection Attacks Session Handling Encryption Source Code Review MODULE 9 MODULE 10 MODULE 11 Web Testing Techniques Session ID Attacks Fuzzing Data Confidentiality and Integrity CRLF Attacks Application Logic Flaws Databases Microsoft SQL Server Oracle RDBMS Web / App / Database Connectivity Preparation for the CPSA Examination Examination guidance Mock exam CREST Penetration Testing - Career Pathway 36

39 NOTES 37

40 CREST REGISTERED TESTER v1.0 CREST Registered Tester (CRT) The InfoSec Skills CRT course leads to the the CREST Registered Tester (CRT) examination, which is recognised by the NCSC as providing the minimum standard for CHECK Team Member status and is designed to assess a candidate s ability to carry out basic vulnerability assessment and penetration testing tasks. The CREST Registered Tester exam is a practical assessment, where the candidate will be expected to find known vulnerabilities across common network, application and database technologies aimed at assessing the candidate s technical knowledge of penetration testing methodology and skills against reference networks, hosts and applications. A pass at CPSA level is a pre-requisite for the Registered Tester examination and success at both CPSA and CRT will confer the CREST Registered status to the individual. An individual passing the CPSA but failing the practical element, which is this CRT exam, will still retain the CPSA Practitioner certificate and may apply to re-take the CRT practical exam at a later date, when they feel that they are ready to do so. Individuals who pass the CRT exam can request that their information be provided to the NCSC to be considered for CHECK Team Member Status. 38

41 WHO SHOULD ATTEND? Aspiring information security personnel who wish to be part of a PenTest team System administrators who are responding to attacks Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics Government departments who wish to raise and baseline skills across all security teams Law enforcement officers or detectives who want to expand their investigative skills Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications Anyone meeting the pre-requisites who is considering a career in Penetration Testing COURSE AGENDA DURATION: 5 DAYS (40 hours) MODULE 5 MODULE 4 MODULE 3 MODULE 2 MODULE 1 Core Technical Skills Network Mapping & Target Identification Interpreting Tool Output OS Fingerprinting Application Fingerprinting and Evaluating Unknown Services File System Permissions Background Information Gathering & Open Source Networking Equipment Management Protocols Unix Security Assessment Domain Name Server (DNS) Microsoft Windows Security Assessment Domain Reconnaissance User Enumeration Active Directory Windows Passwords Windows Vulnerabilities Common Windows Applications User Enumeration Unix Vulnerabilities FTP Sendmail / SMTP Network File System (NFS) R* services X11 RPC services SSH MODULE 6 MODULE 9 MODULE 8 MODULE 7 Web Technologies Web Servers & their Flaws Web Protocols Web Testing Techniques Web Site Structure Discovery Cross Site Scripting Attacks SQL Injection Parameter Manipulation Directory Traversal File Uploads Code Injection Databases Microsoft SQL Server Oracle RDBMS Web / App / Database Connectivity Preparation for the CRT Examination CRT - Examination Guidance CRT - Practice Exam CREST Penetration Testing - Career Pathway 39

42 CREST PRACTITIONER INTRUSION ANALYST v1.0 THE STORY OF AN ATTACK FROM START TO FINISH 40 The InfoSec Skills CPIA course leads to the CREST Practitioner Intrusion Analyst (CPIA) examination, which prepares the student for a career in Incident Response. This is the first cross discipline course of its kind that covers the essential knowledge and skills needed for intrusion detection, incident handling, computer/ network forensics and malware reverse engineering. This course raises the bar and sets a new security baseline for aspiring Intrusion Analysis and Digital Forensics professionals. Every team member should take this course before embarking upon their very own, more specialised, career path. Following this course a student may challenge the CREST core skills exam resulting in the CREST Practitioner Intrusion Analyst (CPIA) professional qualification, which is a pre-requisite for the CREST Registered Intrusion Analyst (CRIA) professional qualification. You will learn how to detect an attack, how to handle it, how to trace and acquire the evidence, investigate, analyse and re-construct the incident. The course then lays the groundwork for malware analysis by presenting the key tools and techniques malware analysts use to examine malicious programs. Quizzes and tests throughout, with feedback, re-enforce the knowledge and prepare you for the CPIA multiple choice exam.

43 WHO SHOULD ATTEND? Aspiring information security personnel who wish to be part of an incident response team System administrators who are responding to attacks Incident handlers who wish to expand their knowledge into Digital Forensics Government departments who wish to raise and baseline skills across all security teams Law enforcement officers or detectives who want to expand their investigative skills Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications Anyone meeting the pre-requisites who is considering a career in Intrusion Analysis or Digital Forensics COURSE AGENDA DURATION: 5 DAYS (40 hours) MODULE 1 MODULE 2 MODULE 3 Soft Skills and Incident Handling Engagement Lifecycle Management Incident Chronology Law & Compliance Record Keeping, Interim Reporting & Final Results Threat Assessment Core Technical Skills IP Protocols Network Architectures Common Classes of Tools OS Fingerprinting Application Fingerprinting Network Access Control Analysis Cryptography Applications of Cryptography File System Permissions Host Analysis Techniques Understanding Common Data Formats Background Information Gathering & Open Source Registration Records Domain Name Server (DNS) Open Source Investigation and Web Enumeration Extraction of Document Meta Data Community Knowledge MODULE 4 MODULE 5 Network Intrusion Analysis Network Traffic Capture Data Sources and Network Log Sources Network Configuration Security Issues Unusual Protocol Behaviour Beaconing Encryption Command and Control Channels Exfiltration of Data Incoming Attacks Reconnaissance Internal Spread and Privilege Escalation Web Based Attacks False Positive Acknowledgement Analysing Host Intrusions Host-Based Data Acquisition Live Analysis Laboratory Set-up Windows File System Essentials Windows File Structures Application File Structures Windows Registry Essentials Identifying Suspect Files Storage Media Memory Analysis Infection Vectors Malware Behaviours and Anti-Forensics Rootkit Identification Live Malware Analysis 41

MODULE 6 MODULE 7 COURSE AGENDA Reverse Engineering Malware Windows Anti-Reverse Engineering Functionality Identification Windows NT Architecture Windows API Development Binary code structure

44 MODULE 6 MODULE 7 COURSE AGENDA Reverse Engineering Malware Windows Anti-Reverse Engineering Functionality Identification Windows NT Architecture Windows API Development Binary code structure Cryptographic Techniques Processor Architectures Windows Executable File Formats Hiding Techniques Malware Reporting Binary Obfuscation Behavioural Analysis CPIA Exam Preparation & Mock Exam CPIA- Examination Guidance CPIA- Mock Examination CREST Assessor statement: CREST EXAM CREST Practitioner Intrusion Analyst (CPIA) The CREST Practitioner Intrusion Analyst (CPIA) examination is an entry level qualification that tests a candidate s knowledge in all three subject areas of network intrusion, host intrusion and malware reverse engineering at a basic level below that of the main Registered and Certified qualifications. Success will confer the CREST Practitioner status to the individual. This qualification is a prerequisite for the CREST Registered Intrusion Analyst (CRIA) examination and comprises a multiple choice written only examination. CREST Accredited Training CREST has assessed and accredited this training course confirming alignment with 100% of the CREST CPIA exam syllabus. "The course quality is good and is structured in a manner which closely follows the CREST syllabus. It covers each section in detail and discusses every topic in reasonable depth. The online supporting material is also good, with quizzes and feedback provided on all answers (right or wrong). Previous CPIA candidates believe that the multiple choice tests too are relevant and appropriate. In conclusion, candidates who complete this course will gain a good grounding in all of the CREST CPIA syllabus requirements." CREST Incident Response - Career Pathway The certification process is designed to increase levels of professionalism in Information Assurance and uses the established IISP Skills Framework to define the competencies, knowledge and skills required for specialist IA roles. Developed through public and private sector collaboration by world-renowned academics and security experts, the Framework has been adopted by GCHQ as the basis for its CESG Certified Professional specification. 42

45 NOTES 43

46 CREST REGISTERED INTRUSION ANALYST v1.0 THE STORY OF AN ATTACK FROM START TO FINISH 44 The InfoSec Skills CRIA course leads to the CREST Registered Intrusion Analyst (CRIA) examination, which supports career advancement in Incident Response. This is the first cross discipline course of its' kind that covers the essential knowledge and hands-on practical skills needed for intrusion detection, incident handling, computer/network forensics and malware reverse engineering. This course raises the bar and sets a new security baseline for existing practitioners and aspiring Intrusion Analysis and Digital Forensics professionals. Every team member should take this course at some point along their career path. Following this course a student may challenge the CREST core skills exam resulting in the CREST Registered Intrusion Analyst (CRIA) professional qualification. You will learn how to detect an attack, how to handle it, how to trace and acquire the evidence, investigate, analyse and re-construct the incident. We then lay the groundwork for malware analysis by presenting the key tools and techniques malware analysts use to examine malicious programs. Practical exercises throughout ensure that the skills learned can be put to work immediately and that you are prepared for the practical CRIA exam. You must already hold the CREST Practitioner Intrusion Analyst (CPIA) qualification, which is a prerequisite for the CRIA qualification.

47 WHO SHOULD ATTEND? Aspiring information security personnel who wish to be part of an incident response team Existing practitioners wishing to become CREST Registered System administrators who are responding to attacks Incident handlers who wish to expand their knowledge into Digital Forensics Government departments who wish to raise and baseline skills across all security teams Law enforcement officers or detectives who want to expand their investigative skills Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications Anyone meeting the pre-requisites who is considering a career in Intrusion Analysis or Digital Forensics COURSE AGENDA DURATION: 5 DAYS (40 hours) MODULE 1 MODULE 2 MODULE 3 Soft Skills and Incident Handling Incident Chronology Record Keeping, Interim Reporting & Final Results Core Technical Skills IP Protocols Common Classes of Tools OS Fingerprinting Application Fingerprinting Network Access Control Analysis File System Permissions Host Analysis Techniques Background Information Gathering & Open Source Domain Name Server (DNS) MODULE 7 MODULE 6 MODULE 5 Analysing Host Intrusions Windows File Structures Application File Structures Windows Registry Essentials Identifying Suspect Files Infection vectors Live Malware Analysis Reverse Engineering Malware Functionality Identification Processor Architectures Windows Executable File Formats Behavioural Analysis CRIA Exam Preparation & Mock Exam CRIA - Examination Guidance CRIA - Practice Exam MODULE 4 Network Intrusion Analysis Network Traffic Capture Data Sources and Network Log Sources Network Configuration Security Issues Beaconing Command and Control Channels Exfiltration of Data Incoming Attacks Reconnaissance Internal Spread and Privilege Escalation False Positive Acknowledgement CREST Assessor statement: "The course quality is good and is structured in a manner which closely follows the CREST syllabus. It covers each section in detail and discusses every topic in reasonable depth. The online supporting material is also good, with quizzes and feedback provided on all answers (right or wrong). Previous CRIA candidates believe that the practical exercises too are relevant and appropriate. In conclusion, candidates who complete this course will gain a good grounding in all of the CREST CRIA syllabus requirements." 45

CREST EXAM CREST Registered Intrusion Analyst (CRIA) The technical syllabus for Intrusion Analysis identifies at a high level the technical skills and knowledge that CREST expects candidates to

48 CREST EXAM CREST Registered Intrusion Analyst (CRIA) The technical syllabus for Intrusion Analysis identifies at a high level the technical skills and knowledge that CREST expects candidates to possess for the Certification examinations in this area. The CREST Registered Intrusion Analyst (CRIA) examination is a practical assessment where the candidate will be expected to perform basic network intrusion analysis, host intrusion analysis, and malware reverse engineering. A pass at CPIA level is a pre-requisite for the Registered Intrusion Analyst examination and success at both CPIA and CRIA will confer the CREST Registered status to the individual. An individual passing the CPIA but failing the practical element, which is the CRIA exam, will still retain the CPIA Practitioner certificate and may apply to re-take the CRIA practical exam at a later date, when they feel that they are ready to do so. CREST Accredited Training CREST has assessed and accredited this training course confirming alignment with 100% of the CREST CRIA exam syllabus. CREST Incident Response - Career Pathway The certification process is designed to increase levels of professionalism in Information Assurance and uses the established IISP Skills Framework to define the competencies, knowledge and skills required for specialist IA roles. Developed through public and private sector collaboration by world-renowned academics and security experts, the Framework has been adopted by GCHQ as the basis for its CESG Certified Professional specification. 46

49 NOTES 47

CYBER TECHNOLOGY MSc POST GRADUATE QUALIFICATION InfoSec Skills partners with De Montfort University (DMU) to provide a Postgraduate-level information security qualification, namely the Cyber

50 CYBER TECHNOLOGY MSc POST GRADUATE QUALIFICATION InfoSec Skills partners with De Montfort University (DMU) to provide a Postgraduate-level information security qualification, namely the Cyber Technology MSc. This qualification is based on InfoSec Skills technical hands-on training courses, combined with academic modules delivered by the University. Design your own Cyber MSc, no fixed syllabus, you choose your own modules based upon your target job role Provides the latest tools, techniques and knowledge in one of the most exciting areas of modern computing Purpose-built, state-of-the-art computer security and forensics laboratories Expert staff with extensive experience in the field of digital forensics and information security Excellent career prospects in a rapidly expanding industry Self-paced, part-time, mostly-online, attend anytime from anywhere Full-time study option available To be awarded this certification, delegates are required to take four InfoSec Skills technical hands-on training courses and exams (CISMP, PCiIRM, PCiBCM and PCiIAA), successfully complete the four associated Academic Top-ups (written assignments set by the University) = 60 credits, choose and complete four modules from the list of University modules = 60 credits and finally complete the MSc Project/Dissertation set by the University = 60 credits, for a total of 180 credits. Successful completion of the MSc therefore provides students with four industry-recognised professional certificates as well as the Cyber Technology MSc qualification. 48

ACADEMIC TOP-UPs On successful completion of an InfoSec Skills hands-on training course, you are then eligible to apply to DMU for the Academic Top-up by distance learning.

51 ACADEMIC TOP-UPs On successful completion of an InfoSec Skills hands-on training course, you are then eligible to apply to DMU for the Academic Top-up by distance learning. This is one of the best ways to work towards your MSc while still maintaining full-time employment. Academic Top-ups, with 15 credits each, are available for the following accredited courses from InfoSec Skills: CISMP PCiIRM PCiBCM PCiIAA INFORMATION AND ADMISSIONS InfoSec Skills E: T: +44 (0) DMU Admissions Team E: T: +44 (0) COURSE MODULES Compulsory Research Methods MSc Project/Dissertation Choose 8 from the following: Cyber Security Foundations of Cyber Security Cyber Threat Intelligence Host and Network Security Penetration Testing and Incident Response Cyber Engineering Digital Forensics Principles and Practice Practitioner Certificate in Information Assurance Architecture* Malware Analysis Legal, Ethical and Professional Practice and Research Methods Advanced Research Topics in Cyber Technology Alternative Operating Systems Forensics Current Issues for Practitioners Management Agile Project Management Certificate in Information Security Management Principles* Practitioner Certificate in Information Risk Management* Practitioner Certificate in Business Continuity Management* Project Management Managing Uncertainty, Complexity and Conflicts Software Engineering Pervasive Systems Software Project Assurance and Testing Advanced Requirements Engineering and Software Architecture Software Evolution Software Engineering for Dependable Systems Formal Methods Engineering Functional Programming Advanced Web Technologies and Applications Digital Forensics Network Security and Ethical Hacking 1 Network Security and Ethical Hacking 2 Wireless Security Forensic Tools and Processes - Forensic Investigations Applied Forensics - Malware Investigation Advanced Forensics and Incident Response Security Strategy and Standards * InfoSec Skills courses result in professional qualifications from the British Computer Society, the Chartered Institute for IT. Notes: All modules are accessed remotely online (elearning), except the Digital Forensics modules from 7Safe, which are delivered in the classroom. Module assessments are either online and remotely invigilated or paper-based and locally invigilated. Talk to us about your scenario and we will make the necessary arrangements for you. 49

The MoD's Enhanced Learning Credits Scheme (ELC) is an initiative to promote lifelong learning amongst members of the Armed Forces.

52 Promotions, Bundles and 0% Financing We offer promotions throughout the year so it is always worth checking our web site for a good deal. Throughout 2018 we have reduced our List Prices, continued existing promotions and now bundle exams with every course, unless there is a choice of exam, in which case we keep the price low. The MoD's Enhanced Learning Credits Scheme (ELC) is an initiative to promote lifelong learning amongst members of the Armed Forces. We are approved by ELCAS to offer training and certification to service leavers and provide the best possible learning experience for professions in information security governance and information security architecture, expanding to cover more professions throughout the year. Unlike most security training providers, we are a content producer rather than content reseller. Courses are designed by Subject Matter Experts and packaged by the expert editorial ELC Provider Number 5560 team at lnfosec Skills to ensure a seamless delivery of knowledge at an affordable price. Courses can be taken over the Internet, via our custom e-learning platform, or delivered in a classroom environment through one of our live public classes. Our courses result in a nationally recognised qualification equivalent to Level three or Level four on the National Qualifications Framework (NQF). To ensure that you always have the most up-to-date information, always check the ELCAS website before you book your course(s) with us. Why walk through your career when you can take a CAB? The Career Accelerator Bundle (CAB) offers a learning and professional certification pathway for people who know what they want to do and where they want to go in their cyber career, in the shortest time and at the best possible price (40% discount). The bundle includes two levels of certification: Foundation and Practitioner, with four disciplines to choose from at the practitioner level. The bundle contains three professional e-learning certification courses and three exams, you can even choose the practitioner level course at a later date, once you have decided which discipline you would like to concentrate on. With unlimited access until you pass the exams, you can plan your schedule and take all the time you need to achieve three industry recognised professional certificates or take the courses back-to-back to accelerate your learning and your earning potential. " You get the training you want " You get to spread the cost " More affordable than credit cards or bank loans " It's easy to apply " Simple to repay by direct debit ff'n... "'" Professional Certification All e-learning courses or Live Public Classes are eligable. 50 Please contact us with any questions or comments about current promotions, bundles or financing options via our website: /contact or by telephone: +44 (020)

Course Delivery Options ONSITE, PUBLIC & e-learning COURSES Option 1 - Onsite: Delivered in the privacy of your own premises, this delivery method will save your organisation travel and accommodation

Aberdttn Our minimum class size is 8 people with discounts available for larger groups of 12 or more people.

53 Course Delivery Options ONSITE, PUBLIC & e-learning COURSES Option 1 - Onsite: Delivered in the privacy of your own premises, this delivery method will save your organisation travel and accommodation costs (compared to a public venue) and deliver private LIVE instruction that can be tailored, on-the-fly, to your team in a short time-frame. Aberdttn Our minimum class size is 8 people with discounts available for larger groups of 12 or more people. Option 2 - Live Public Classes: We have partnered with Firebrand and PGI Cyber Academy to provide easily accessible venues in St. Neots and Bristol, with excellent accommodation options, for our Live Public Class delegates. We offer a range of courses every month to the general public and with no pre-requisites, anyone can join these classes to perfect their cyber skills and gain professional qualifications that will propel their cyber career. Other Live Public Classes are offered in the form of 'All Inclusive, Full Residential' packages delivered form Wyboston Lakes in Bedfordshire. Please check our Live Class schedule, where you will find a list of planned events for 2018, with new events now running regularly in London. Please note that Onsite or Public courses leading to the CISMP, PCiBCM, PCilRM and PCilAA BCS Certificates are Ii mited to 16 people per live class so please register early. Option 3 - e-learning: Isle of Mnn WALES Swao=sea Kingdom f omiddltsh<ouoh 4-day'Residential Bootcamps' now available in Bedfordshire! Delivered through our state-of-the-art online course delivery platform, delegates have access to streaming audio and synchronized slides of the Author delivering the course. The delegate will receive the full colour printed and perfect bound course book (by courier) containing all course slides and notes to keep for future reference. ONLINE BUNDLE All live classroom options include FREE access for each public delegate to the Online Bundle - full online course and associated topic quizzes (with feedback), module tests and three attempts at the mock exam. The lnfosec Skills Pass Guarantee provides unlimited access to any course until you pass the official BCS exam. This means that should you fail for any reason then you can still access the online course, quizzes and tests indefinitely until you pass. We do not charge extension or additional course fees. We currently hold a 100% pass rate for our customers and we intend to keep it that way! d_ MOCK EXAMS ONLINE BUNDLE FOR EVERY PUBLIC DELEGATE 51

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide