Get to know about our course outline
5 Days Training
5 Days Training for Individuals Involved in Today’s Cybersecurity Analysis, and IT Audits using the National Institute of Standards and Technology (NIST) 800-53 R5, 800-37, other Best Practices, and Personally Identifiable Information (PII), as businesses in every industry face scrutiny for how they handle sensitive data including customer and prospect information. This Training is About arming Interested individuals and or Employees to Better Protect Organizations Digital Assets in Terms of Knowledge, Skills, Values and Abilities. In addition, we have developed a fully comprehensive and highly interactive Annual Cybersecurity Security Awareness Training program to train your workforce Lasting Between Three to Four Hours Using the Traditional “Top-Down” Approach Across the Board.
Course Goals and Objectives
Participants will learn the offensive and defensive Cybersecurity skills, including Security Analysis, IT Audits using (NIST) Cybersecurity Framework, tools, techniques procedures for network and application protection), and to learn more about Advanced Cybersecurity Certifications Preparation.
Participants will learn the latest techniques used in Cybersecurity and understand how many securities technologies work behind the scenes.
Why invest On This
There are over half a million Cybersecurity jobs that employers are trying to fill, and businesses actively seeking Cybersecurity Professionals span across all industries and sizes.
- If you are serious about becoming an expert in Cybersecurity Analysis and or IT Auditing, we strongly suggest you join all five modules of this course.
- Infosecact instructors are the masters of Cybersecurity, and participants will appreciate that the instructors always openly and respectfully answer every question from participants.
- Infosecact hosts top-rated Cybersecurity experts who are ready to walk you through every step of preparing for the Approved Baseline Certifications by the Department of Defense (DoD) Approved 8570 for the Information Assurance (IA) Workforce.
- Personnel performing Information Assurance (IA) functions must obtain one of the certifications required for their position category or specialty and level.
Approved Baseline Certifications
IAT Level I | IAT Level II | IAT Level III |
A+ CE | CCNA Security | CASP+ CE |
IAM Level I | IAM Level II | IAM Level III |
CAP | CAP | CISM |
Course Outline
DAY ONE: 8:30 AM – 4:30 PM
Cybersecurity Analysis and IT Audits Training
- Cyber Security Objectives
- Privacy VS. Security
- Evaluating Security Risks
- Identity Threats
- Identity Vulnerabilities
- Determine Likelihood, Impact, and Risk Reviewing Controls
- Building a Secure Network
- Network Access Control
- Firewalls and Network Perimeter Security
- Network Segmentation
- Defense Through Deception
- Security Endpoint Management
- Hardening System Configurations
- Patch Management
- Group Policies
- Endpoint Security Software
- Penetration Testing
- Planning a Penetration Test
- Contacting Discovery
- Executing a Penetration Test
- Communicating Penetration Test Results
- Training and Exercises
- Reverse Engineering
- Isolation and Sandboxing
- Reverse Engineering Software
- Reverse Engineering Hardware
- The Future of Cyber Security Analytics
Day One Summary
Day One Essentials
DAY TWO: 8:30 AM – 4:30 PM
Identity and Access Management Security
- Understanding Identity
- Identity Systems and Security Design
- Threats to Identity and Access
- Understanding Security Issues with Identities
- Attacking AAA Systems and Protocols
- Targeting Account Creation, Provisioning, and Deprovisioning
- Preventing Common Exploits of Identity and Authorization
- Acquiring Credentials
- Identify as a Security Layer
- Identity and Defense-In-Depth
- Securing Authentication and Authorization
- Detecting Attacks and Security Operations
- Federation and Single Sign-On
- Federated Identity Security Considerations
- Federated Identity Design Choices
- Federated Identity Technologies
- Federation Incident Response
Day Two Summary
Day Two Essentials
DAY THREE: 8:30 AM – 4:30 PM
Software and Hardware Development Security
- Software Assurance Best Practices
- The Software Development Lifecycle
- Software Development Phases
- Software Development Models
- DevSecOps and DevOps
- Designing and Coding for Security
- Common Software Development Security Issues
- Security Implications of Target Platforms
- Secure Coding Best Practices
- API Security
- Service-Oriented Architectures
- Application Testing
- Information Security and the SDLC
- Code Review Models
- Software Security Testing
- Software Assessment Testing and Analyzing Code
- Web Application Vulnerability Scanning
- Hardware Assurance Best Practices
- Cryptographic Hardware
- Firmware Security
- Hardware Security
Day Three Summary
Day Three Essentials
DAY FOUR: 8:30 AM – 4:30 PM
- Infrastructure Security and Controls
- Understanding Defense in Depth
- Layered Security
- Zero Trust
- Segmentation
- Network Architecture
- Physical Network Architectures
- Software-Defined Networks
- Virtualization
- Asset and Change Management
- Logging, Monitoring, and Validation
- Encryption
- Active Defense
- Infrastructure Security and the Cloud
- Improving Security by Improving Controls
- Layered Host Security Permissions
- Whitelisting and Blacklisting
- Technical Controls
- Policy, Process, and Standards
- Analyzing Security Architecture
- Analyzing Security Requirements
- Reviewing Architecture
- Common Issues
- Reviewing a Security Architecture
- Maintaining a Security Design
Day Four Summary
Day Four Essentials
DAY FIVE: 8:30 AM – 12:00 PM
Cloud Security
- Understanding Cloud Computing
- The Case for Cloud Computing
- Cloud Service Models
- Cloud Deployment Models
- Operating in the Cloud
- DevOps Strategies
- Infrastructure as a Code (IAC)
- Application Programming Interfaces
- Cloud Monitoring
- Cloud Infrastructure Security
- Cloud Infrastructure Security Tools
- Cloud Access Security Brokers (CASB)
Day Five Summary
Day Five Essentials
Day Five - Continuation 1:30 AM – 4:00 PM
Risk Management
- Analyzing Risk
- Risk Identification
- Risk Calculation
- Business Impact Analysis
- Managing Risk
- Risk Mitigation
- Risk Avoidance
- Risk Transference
- Risk Acceptance
- Security Controls
- Nontechnical Controls
- Technical Controls
Day Five Summary
Day Five Essentials
Training Fee
Infosecact Training Fee Structure | Duration | Fee |
Annual Cybersecurity/Privacy Awareness Training | 3-4 Hours | $200.00 |
An Introduction to Cybersecurity Security Basics for Beginner | 2 Days | $400.00 |
CompTIA Security+ | 4 days | $600.00 |
Systems Security Certified Practitioner (SSCP) | 4 Days | $600.00 |
Cybersecurity Analyst (CYSA+) | 5 Days | $1,000.00 |
Certified Information Security Manager (CISM) | 5 Days | $1,500.00 |
Certified Information System Auditor (CISA) | 5 Days | $1,500.00 |
Cybersecurity Analyst Course Includes
Certificate of completion
- Instructor’s evaluation report (To be opened by the sponsors only)
- 100 Cybersecurity free sample questions with explanations and answers.
Get in touch
Please get in touch with us if interested.
John W, Kiruri, M.S., CISA, CISM, SSCP
Cybersecurity Consultant and Trainer of Trainers (TOT).
Office: +1 301-592-1533 or +254 758950447
e-mail: jkiruri@infosecact.com
Website: www.infosecact.com