If you’re looking to enhance your cyber security skills, this pro package might be what you’re after. It contains ten cyber security certification courses, and four CompTIA certification courses aimed at anyone looking to brush up on their general IT skills before embarking on the more advanced cyber security certification courses. This pro package also contains a choice of four foundation certification exams; and five specialist certification exams. Take a look at the list of courses further down the page to see which course has the option to sit an exam. Look for the label ‘EXAM AVAILABLE’ next to the course title. You can choose to sit any two foundation exams and any two specialist exams. You can forfeit the foundation exams if you’re able to show proof that you have prior cyber security, IT support, or networking experience.
An example of the CompTIA Security+ certification you can gain through this course.
Learn what the CompTIA Security+ can do for your career.
Course Features
Video Learning
Access to video based online learning material. Tutors use diagrams and illustrations to teach the classes, as well as giving demonstrations of equipment. Lessons are pre-recorded allowing you to fast-forward, rewind and pause at any time throughout the lessons. Videos can be viewed on different devices including a desktop computer, laptop, tablet, and smart phone.
Accessible from Anywhere
Your course can be done from any where in the world. If you decide to move to a different city or even country, you can continue with the course from wherever you are. All you need is a device such as a desktop computer, laptop, tablet, smart phone, and an internet connection.
Live Practice Labs
Some of the courses provide access to live practice labs (e.g. Mile2 Ethical Hacking, CompTIA Security+), allowing you to put your course skills to the test in a live simulated environment. For instance, learn how to setup a firewall to protect a network from cyber attacks. The live labs have two functions: 1. guided exercises, instructing you to carry out tasks; 2. sand box environment, allowing you to play with the online equipment to test out your skills. Click here to learn more about the live labs.
MeasureUP Practice Tests
Before you sit a CompTIA exam, you will be given access to a MeasureUP practice test. These tests have two modes: 1. practice-mode, allowing you learn the questions and answers with resources included; 2. certification mode, allowing you to test yourself with a limited time and without the answers. These tests are the closest experience to the real exams. MeasureUP have been the gold standard in exam preparation for over 20 years.
Exam Fees Paid
Your course comes with official CompTIA exam vouchers. This means all exam fees are fully paid. Exams can be taken online in your own home. Your course also comes with other vendor exams, such as Mile2 ethical hacking. This exam can also be taken at home. You have the option to take two foundation exams and two specialist exams. See the list of courses below to see which course titles include an exam.
CompTIA Certifications
Upon passing your exams, you will receive up to four certifications from CompTIA. These certifications are globally recognised, meaning you can work any where in the world with them. CompTIA certifications are held in high regard by IT employers and IT recruiters. Click here to view salary and employment information.
Spread the cost
Spread your course payments over 12 monthly installments through Knoma. There’s no interest or charges. Just one easy online application to complete. You’ll get an instant decision.
Who are CompTIA? Watch this video to find out.
Course Syllabus
1. CompTIA IT Fundamentals FC0-U61 (FOUNDATION EXAM AVAILABLE)
IT Concepts and Terminology
Understand the basics of computing Understand basic terminology Comprehend notational systems Explain the value of data and troubleshooting
Infrastructure
Setting up and installing common peripheral devices
Applications and Software
Manage applications software Understand various components of an operating system Explain the purpose of methods of application architecture
Software Development
Comprehend programming language categories Interpret logic Understand the purpose of programming concepts
Database Fundamentals
Explain database concepts Explain structures Explain purpose Understand methods used to interface
Security
Understand confidentiality Understand integrity Understand availability concerns of secure devices Understand best practice methods of secure devices
2. CompTIA A+ 220-1001 and 1002 (FOUNDATION EXAMS AVAILABLE)
CompTIA A+ 220-1001
Mobile Devices • 1.0 What are we covering? • 1.1 Given a scenario, install and configure laptop hardware and components • 1.2 Given a scenario, install components within the display of a laptop • 1.3 Given a scenario, use appropriate laptop features • 1.4 Compare and contrast characteristics of various types of other mobile devices • 1.5 Given a scenario, connect and configure accessories and ports of other mobile devices • 1.6 Given a scenario, configure basic mobile device network connectivity and application support • 1.7 Given a scenario, use methods to perform mobile device synchronization Networking • 2.0 What are we covering? • 2.1 Compare and contrast TCP and UDP ports, protocols and their purpose • 2.2 Compare and contrast common networking hardware devices • 2.3 Given a scenario, install and configure a basic wired/wireless SOHO network • 2.4 Compare and contrast wireless networking protocols • 2.5 Summarize the properties and purposes of services provided by networked hosts • 2.6 Explain common network configuration concepts • 2.7 Compare and contrast internet connection types, network types and their features • 2.8 Given a scenario, use appropriate networking tools Hardware • 3.0 What are we covering? • 3.1 Explain basic cable types, features and their purposes • 3.2 Identify common connector types • 3.3 Given a scenario, install RAM types • 3.4 Given a scenario, select, install and configure storage devices • 3.5 Given a scenario, install and configure motherboards, CPUs and add-on cards • 3.6 Explain the purposes and uses of various peripheral types • 3.7 Summarize power supply types and features • 3.8 Given a scenario, select and configure appropriate components for a custom PC configuration to meet customer specifications/needs • 3.9 Given a scenario, install and configure common devices • 3.10 Given a scenario, configure SOHO multifunction devices/printers and settings • 3.11 Given a scenario, install and maintain various print technologies Virtualization and Cloud Computing • 4.1 Compare and contrast cloud computing concepts • 4.2 Given a scenario, set up and configure client-side virtualization Hardware and Network Troubleshooting • 5.0 What are we covering? • 5.1 Given a scenario, use the best practice methodology to resolve problems • 5.2 Given a scenario, troubleshoot problems related to motherboards, RAM, CPUs and power • 5.3 Given a scenario, troubleshoot hard drives and RAID arrays • 5.4 Given a scenario, troubleshoot video, projector and display issues • 5.5 Given a scenario, troubleshoot common mobile device issues while adhering to the appropriate procedures • 5.6 Given a scenario, troubleshoot printers • 5.7 Given a scenario, troubleshoot common wires and wireless network problems
CompTIA A+ 220-1002
Operating Systems • 1.1 Compare and contrast common operating system types and their purposes • 1.2 Compare and contrast features of Microsoft Windows versions • 1.3 Summarize general OS installation considerations and upgrade methods • 1.4 Given a scenario, use appropriate Microsoft command line tools • 1.5 Given a scenario, use Microsoft operating system features and tools • 1.6 Given a scenario, use Microsoft Windows Control Panel utilities • 1.7 Summarize application installation and configuration concepts • 1.8 Given a scenario, configure Microsoft Windows networking on a client/desktop • 1.9 Given a scenario, use features and tools of the Mac OS and Linux client/desktop operating systems Security • 2.1 Summarize the importance of physical security measures • 2.2 Explain logical security concepts • 2.3 Compare and contrast wireless security protocols and authentication methods • 2.4 Given a scenario, detect, remove, and prevent malware using appropriate tools and methods • 2.5 Compare and contrast social engineering, threats, and vulnerabilities • 2.6 Compare and contrast the differences of basic Microsoft Windows OS security settings • 2.7 Given a scenario, implement security best practices to secure a workstation • 2.8 Given a scenario, implement methods for securing mobile devices • 2.9 Given a scenario, implement appropriate data destruction and disposal methods • 2.10 Given a scenario, configure security on SOHO wireless and wired networks Software Troubleshooting • 3.1 Given a scenario, troubleshoot Microsoft Windows OS problems • 3.2 Given a scenario, troubleshoot and resolve PC security issues • 3.3 Given a scenario, use best practice procedures for malware removal • 3.4 Given a scenario, troubleshoot mobile OS and application issues • 3.5 Given a scenario, troubleshoot mobile OS and application security issues Operational Procedures • 4.1 Compare and contrast best practices associated with types of documentation • 4.2 Given a scenario, implement basic change management best practices • 4.3 Given a scenario, implement basic disaster prevention and recovery methods • 4.4 Explain common safety procedures • 4.5 Explain environmental impacts and appropriate controls • 4.6 Explain the processes for addressing prohibited content/activity, and privacy, licensing, and policy concepts • 4.7 Given a scenario, use proper communication techniques and professionalism • 4.8 Identify the basics of scripting
3. Cyber Security Awareness and Prevention
Introduction to Cyber Security Awareness Managing Mobile Device Security
4. Data Security Compliance
Data Breaches And ID Theft Device Security Basics Avoiding Inadvertent Disclosure Physical And Technical Safeguards
1.1 Basic Networking • Intro to networking • Networking architectures • Activity: Basic Networking 1.2 OSI Model • Layer 7 – Application • Layer 6 – Presentation • Layer 5 – Session • Layer 4 – Transport • Layer 3 – Network • Layer 2 – Data Link • Layer 1 – Physical • Activity: Exploring the OSI Model 1.3 Protocols and Ports • Protocols and ports overview • Activity: Examining Protocols and Ports • Connection-oriented vs. connectionless • Transmission Control Protocol (TCP) • User Datagram Protocol (UDP) • Activity: Comparing TCP and UDP • Internet Protocol (IP) • Internet Control Messaging Protocol (ICMP) • Internet Group Messaging Protocol (IGMP) • Activity: Examining the Lower Layer Protocols • Layer 7 Remote Control Protocols • Layer 7 File Transfer Protocols • Layer 7 Messaging Protocols • Activity: Examining Messaging Protocols • Layer 7 Web Traffic Protocols • Layer 7 Streaming Media Protocols • Layer 7 Infrastructure Management Protocols 1.4 Switching • Properties of Network Traffic • Contention Management • Activity: Creating Collision and Broadcast Domains • Interface Properties and Segmentation • Activity: Creating a Basic Network Segment • Switching prt 2 • Activity: Switching • Switching Loop Management • Activity: Managing Switching Loops • VLANs • Activity: Creating VLANs 1.5 Routing • ARP • Activity: Examining ARP • IP Addressing Basics • Activity: Configuring IP • Routers • Activity: Setting Up a Router • Routing Basics • Activity Adding Static Routes • VLAN Routing • Activity: Routing Between VLANs • NAT/PAT • Activity: Configuring NAT/PAT • Routing Protocols • Activity Configuring a Routing Protocol • Firewalls • Activity: Configuring Firewalls 1.6 Advanced Switching and Routing Concepts • IPv6 Concepts • Activity: Exploring IPv6 • Performance Concepts • Distributed Switching • Software-defined Networking 1.7 IP Addressing • Public vs. Private • Loopback and Reserved • Subnet Mask • Default Gateway • Virtual IP • Subnetting • Activity: Learning to Subnet • Address Assignments 1.8 Network Types and Topologies • Wired Topologies • Wireless Topologies • Network Types • Technologies that Facilitate the Internet Of Things (IoT) 1.9 Wireless Technologies • Radio Basics • 802.11 Standards • Wi-Fi Frequencies • Wi-Fi Antenna Concepts • Bluetooth • Cellular • Site Surveys • Activity: Using an RF Spectrum Analyzer 1.10 Cloud Concepts • Types of Services • Cloud Delivery Models • Security Implications/Considerations • Activity: Exploring Cloud Services 1.11 Network Services • DNS Service • Activity: Setting up DNS • DHCP Service • Activity: Setting Up DHCP • NTP • IPAM
Module 2 – Infrastructure
2.1 Cabling Solutions • Media Types • Activity: Testing a Fiber Optic Cable • Plenum vs.PVC • Connector Types • Activity: Crimping on an RJ-45 Connector • Transceivers • Termination Points • Activity: Terminating Cable to a 110 Block • Copper Cable Standards • Copper Termination Standards • Activity: Creating a Crossover Cable • Ethernet Deployment Standards 2.2 Network Device Placement and Installation • Network Interface • Repeater • Hub • Bridge • Switch • Router • Modem • Wireless Access Point • Activity Setting up a WAP • Firewall • Media Converter • Wireless Range Extender • VoIP Endpoint 2.3 Advanced Network Devices • Multilayer Switch • Wireless Controller • Load Balancer • IDS/IPS • Proxy Server • Activity Configuring Proxy Settings • VPN Concentrator • AAA/RADIUS Server • UTM Appliance • NGFW/Layer 7 Firewall • VoIP PBX • VoIP Gateway • Content Filter 2.4 Virtualization and Network Storage Technologies • Virtual Networking Components • Network Storage Types • Connection Types • Jumbo Frames 2.5 WAN Technologies • Service Types • Transmission Mediums • Characteristics of Service • Activity Configuring WAN Links • Termination
Module 3 – Network Operations
3.1 Documentation • Diagram Symbols • Standard Operating Procedures/Work Instructions • Logical vs. Physical Diagrams • Rack Diagrams • Change Management Documentation • Wiring and Port Locations • IDF/MDF Documentation • Labeling • Network Configuration and Performance Baselines • Inventory Management • Activity Using Documentation 3.2 Business Continuity and Disaster Recovery • Availability Concepts • Recovery • Activity Backing Up Your Data • MTTR • MTBF • SLA Requirements 3.3 Scanning, Monitoring, and Patching • Processes • Event Management • SNMP Monitors • Metrics • Activity: Testing the Network 3.4 Remote Access Methods • VPN • RDP • SSH • VNC • Telnet • HTTPS/Management URL • Remote File Access • Out-of-Band Management • Activity: Making Remote Connections 3.5 Policies and Best Practices • Privileged User Agreement • Password Policy • On-boarding/Off-boarding Procedures • Licensing Restrictions • International Export Controls • Data Loss Prevention • Remote Access Policies • Incident Response Policies • BYOD • AUP • NDA • System Life Cycle • Safety Procedures And Policies • Activity: Creating Policies and Procedures
Module 4 – Network Security
4.1 Physical Security Devices • Detection • Prevention 4.2 Authentication and Access Control • Authorization, Authentication, and Accounting • Multifactor Authentication • Access Control • Activity: Examining Access Control Mechanisms 4.3 Basic Wireless Network Security • WPA • WPA2 • TKIP-RC4 • CCMP-AES • Authentication and Authorization • Geofencing • Activity: Demonstrating the Need for Wireless Security 4.4 Common Network Attacks • DoS • Social Engineering • Insider Threat • Logic Bomb • Rogue Access Point • Evil Twin • War-driving • Phishing • Ransomware • DNS Poisoning • ARP Poisoning • Spoofing • Deauthentication • Brute Force • VLAN Hopping • Man-in-the-Middle • Exploits vs. Vulnerabilities • Activity Conducting a Phishing Attack 4.5 Network Device Hardening • Changing Default Credentials • Avoiding Common Passwords • File Hashing • Generating New Keys • Activity Supporting Secure Authentication and Encryption • Upgrading Firmware • Patching and Updates • Disabling Unnecessary Services • Using Secure Protocols • Disabling Unused Ports 4.6 Common Mitigation Techniques • Signature Management • Device Hardening • Change Native VLAN • Switchport Protection • Network Segmentation • Privileged User Account • File Integrity Monitoring • Role Separation • Restricting Access Via ACLs • Honeypot/Honeynet • Penetration Testing • Activity: Implementing a Honeypot
Module – Network Troubleshooting and Tools
5.1 Network Troubleshooting Methodology • Identify the Problem • Establish a Theory of Probable Cause • Test the Theory to Determine the Cause • Establish a Plan of Action to Resolve the Problem and Identify Potential Effects • Implement the Solution or Escalate as Necessary • Verify Full System Functionality and , if Applicable, Implement Preventive Measures • Document Findings, Actions, and Outcomes 5.2 Using the Appropriate Tool • Hardware Tools – Basic Hand Held • Hardware Tools – Analyzers • Activity: Troubleshooting with Hardware Tools • Software Tools – Testers and Analyzers • Activity: Troubleshooting with Software Tools • Software Tools – Command Line • Activity: Using Command Line Tools 5.3 Troubleshoot Wired Connectivity and Performance • Signal Issues: o Attenuation o Latency o Jitter o Crosstalk o EMI • Activity Troubleshooting Signal Problems • Physical Issues: o Open/short o Incorrect pin-out o Incorrect Cable Type o Bad Port o Damaged cable o Bent pins • Transceiver Issues: o Transceiver mismatch o TX/RX reverse o Duplex/speed mismatch • Activity: Troubleshooting Transceiver Problems • Traffic Flow Issues: o Bottleneck o VLAN mismatch o Network connection LED status indicators 5.4 Troubleshoot Wireless Connectivity and Performance • Signal Loss: o Attenuation o Reflection o Refraction o Absorption • Latency & Jitter • Antenna Issues: o Incorrect antenna type o Incorrect antenna placement • Incorrect WAP type • WAP Issues: o Interference o Channel overlap o Overcapacity o Distance limitations o Frequency mismatch o Power levels o Signal-to-noise ratio • WAP Misconfiguration: o Wrong SSID o Wrong passphrase o Security type mismatch • Activity Troubleshooting WAP Issues 5.5 Troubleshoot Common Network Service Issues • Common Network Issues: o Physical Connectivity o Incorrect IP Address o Incorrect Gateway o Incorrect Netmask o Names Not Resolving o Untrusted SSL Certificate • DHCP Issues: o Duplicate IP Addresses o Expired IP Address o Rogue DHCP o Exhausted DHCP Scope • Firewall/ACL Issues: o Blocked TCP/UDP Ports o Incorrect Host-based Firewall Settings o Incorrect ACL Settings • Advanced Network Issues: o DNS Server Issues o Duplicate MAC Addresses o Incorrect Time • Unresponsive Service • Hardware Failure • Activity Case Study: Troubleshooting an Unusual Network Issue
• Compare and contrast different types of social engineering techniques • analyze potential indicators to determine the type of attack • Analyze potential indicators associated with application attacks • Analyze potential indicators associated with network attacks • Explain different threat actors, vectors, and intelligence sources • Explain the security concerns associated with various types of vulnerabilities • Summarize the techniques used in security assessments • Explain the techniques used in penetration testing • Explain the importance of security concepts in an enterprise environment • Summarize virtualization and cloud computing concepts • Summarize secure application development, deployment, and automation concepts • Summarize authentication and authorization design concepts • Implement cybersecurity resilience • Explain the security implications of embedded and specialized systems • Explain the importance of physical security controls • Summarize the basics of cryptographic concepts • Implement secure protocols • Implement host or application security solutions • Implement secure network designs • Install and configure wireless security settings • Implement secure mobile solutions • Apply cybersecurity solutions to the cloud • Implement identity and account management controls • Implement authentication and authorization solutions • Implement public key infrastructure • Use the appropriate tool to assess organizational security • Summarize the importance of policies, processes, and procedures for incident response • Utilize appropriate data sources to support an investigation • Apply mitigation techniques or controls to secure an environment • Explain the key aspects of digital forensics • Compare and contrast various types of controls • Explain the importance of applicable regulations, standards, or frameworks that impact organizational security posture • Explain the importance of policies to organizational security • Summarize risk management processes and concepts • Explain privacy and sensitive data concepts in relation to security.
Module 1: Threat and Vulnerability Management Instructor Intro About the Exam Test Taking Tips and Techniques Explain the importance of threat data and intelligence Given a scenario, utilize threat intelligence to support organizational security Given a scenario, perform vulnerability management activities Pt 1 Given a scenario, perform vulnerability management activities Pt 2 Given a scenario, analyze the output from common vulnerability assessment tools Explain the threats and vulnerabilities associated with specialized technology Explain the threats and vulnerabilities associated with operating in the Cloud Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 1 Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 2 Module 2: Software and Systems Security Outline Given a scenario, apply security solutions for infrastructure management Pt 1 Given a scenario, apply security solutions for infrastructure management Pt 2 Given a scenario, apply security solutions for infrastructure management Pt 3 Flashcards Explain software assurance best practices Scatter Explain hardware assurance best practices Learn Speller Workbook Module 3: Security Operations and Monitoring Given a scenario, analyze data as part of security monitoring activities Pt 1 Given a scenario, analyze data as part of security monitoring activities Pt 2 Given a scenario, analyze data as part of security monitoring activities Pt 3 Given a scenario, implement configuration changes to existing controls to improve security Pt 1 Given a scenario, implement configuration changes to existing controls to improve security Pt 2 Explain the importance of proactive threat hunting Compare and contrast automation concepts and technologies Module 4: Incident Response Explain the importance of the incident response process Given a scenario, apply the appropriate the incident response procedure Given an incident, analyze potential indicators of compromise Given a scenario, utilize basic digital forensic techniques Module 5: Compliance and Assessment Understand the importance of data privacy and protection Given a scenario, apply security concepts in support of organizational risk mitigation Pt 1 Given a scenario, apply security concepts in support of organizational risk mitigation Pt 2 Explain the importance of frameworks, policies, procedures, and controls Pt 1 Explain the importance of frameworks, policies, procedures, and controls Pt 2 Module 6: Afterword Recap Review Questions Before the Exam
Mod 1.4 Analyze Security Solution Metrics and Attributes
Mod 1.4 Analyze Risk
Mod 1.4 Trend Analysis Act
Module 2 – Enterprise Security Architecture
Module 2 Notes
Mod 2 Enterprise Security Architecture
Mod 2.1 Network Device Security Act
Mod 2.1 Application and Protocol
Mod 2.1 Advanced Network Security Act
Mod 2.1 Complex Network Security Solution
Mod 2.1 Implementing VLANs Switchport Sec Act
Mod 2.1 Implementing VLANs Switchport Sec Act Part2
Mod 2.1 Distributed Denial of Service
Mod 2.1 Exploring DoS Attacks Act
Mod 2.1 Security Zones
Mod 2.1 Network Access Control
Mod 2.1 Searching for Vulnerable ICS-SCADA Act
Mod 2.2 Analyze a Scenario Integrate Security
Mod 2.2 Configuring Windows Firewall Act
Mod 2.2 Log Monitoring and Auditing
Mod 2.2 Group Policy Act
Mod 2.2 Patch Management
Mod 2.2 Management Interface
Mod 2.2 Measured Launch
Mod 2.3 Analyze a Scenario to Integrate Security Controls
Mod 2.3 Security Implications Privacy
Mod 2.3 Baseband
Mod 2.4 Given Software Vulnerability Scenarios
Mod 2.4 SQL Injection Act
Mod 2.4 Improper Error and Exception Handling
Mod 2.4 Buffer Overflows Act
Mod 2.4 Memory Leaks
Mod 2.4 Researching Vulnerabilities Exploits Act
Module 3 – Enterprise Security Operations
Module 3 Notes
Mod 3 Enterprise Security Operations
Mod 3 Runtime Debugging
Mod 3.1 Fingerprinting an OS Services Act
Mod 3.1 Code Review
Mod 3.1 Conducting OSINT Act
Mod 3.1 Types
Mod 3.1 Conducting a Vulnerability Assessment Act
Mod 3.2 Analyze a Scenario Output
Mod 3.2 Network Sniffing Act
Mod 3.2 Security Content Automation
Mod 3.2 Using a SCAP Scanner Act
Mod 3.2 Network Enumerator
Mod 3.2 Password Cracking Act
Mod 3.2 Host Vulnerability Scanner
Mod 3.2 Using Command Line Tools Act
Mod 3.2 OpenSSL
Mod 3.2 Scanning for Heartbleed Act
Mod 3.2 Local Exploitation Tools
Mod 3.2 Verifying File Integrity with SFC Act
Mod 3.2 Log Analysis Tools
Mod 3.3 Given Scenario Implement Incident
Mod 3.3 Facilitate Incident Detection Response
Mod 3.3 Using Incident Response Support Tools Act
Mod 3.3 Severity of Incident Detection Breach
Module 4 – Technical Integration of Enterprise Security
Module 4 Notes
Mod 4 Technical Integration of Enterprise
Mod 4 Technical Integration of Enterprise Part2
Mod 4.1 Data Security Considerations
Mod 4.1 Examining Network Diagrams Act
Mod 4.1 Security and Privacy Considerations of Storage integration
Mod 4.1 Exploring Directory Services and DNS Act
Mod 4.2 Given Scenario Integrate Cloud and Virtualization
Mod 4.2 Taking Another Look at Cloud Services Act
Mod 4.2 Security Advantages and Disadvanatages of Virtualization
Mod 4.2 Using Virtualization Act
Mod 4.2 Cloud Augmented Security
Mod 4.3 Given Scenario Integrate and Troubleshoot Advanced Authentication
Mod 4.4 Given Scenario Cryptographic
Mod 4.4 Cryptographic Part2
Mod 4.4 Mobile Device Encryption
Mod 4.4 Cryptography Act
Mod 4.5 Select the Appropriate Control
Mod 4.5 Phishing Act
Mod 4.5 Telephony VoIP Integration
Module 5 – Research, Development and Collaboration
Module 5 Notes
Mod 5 Research Methods to Determine Industry Trends
Mod 5.1 Practising Threat Intelligence Act
Mod 5.2 Scenario Implement Security Activities Across
Mod 5.2 Static Testing
Mod 5.3 Explain the Importance of Interaction
CASP Conclusion
10. Mile2 Certified Professional Ethical Hacker (C)PEH) (SPECIALIST EXAM AVAILABLE)
Module 1 – Security Fundamentals
Module 2 – Access Controls
Module 3 – Protocols
Module 4 -Cryptography
Module 5 – Why Vulnerability Assessments?
Module 6 – Vulnerability Tools of the Trade
Module 7 – Output Analysis and Reports
Module 8 – Reconnaissance, Enumeration & Scanning
Module 9 – Gaining Access
Module 10 – Maintaining Access
Module 11 – Covering Tracks
Module 12 – Malware
Module 13 – Buffer Overflows
Module 14 – Password Cracking
Appendix 1 – Economics and Law
Appendix 2 – Vulnerability Types
Appendix 3 – Assessing Web Servers
Appendix 4 – Assessing Remote & VPN Services
Appendix 5 – Denial of Services
11. Certified Information Security Manager (CISM)
Domain 1: Information Security Governance
CISM Introduction
Information Security
Business Goals, Objectives, and Functions
Business Goals and Information Security
Information Security Threats
Information Security Management
Identity Management
Data Protection
Network Security
Personnel Security
Facility Security
Security Compliance and Standards
Information Security Strategy
Inputs and Outputs of the Information Security Strategy
Processes in an Information Security Strategy
People in an Information Security Strategy
Technologies in an Information Security Strategy
Logical and Physical Information Security Strategy Architectures
Information Security and Business Functions
Information Security Policies and Enterprise Objectives
International Standards for the Security Management
ISO/IEC 27000 Standards
International Info Government Standards
Information Security Government Standards in the United States
Methods of Coordinating Information Security Activities
How to Develop an Information Security Strategy
Information Security Governance
Role of the Security in Governance
Scope of Information Security Governance
Charter of Information Security Governance
Information Security Governance and Enterprise Governance
How to Align Information Security Strategy with Corporate Governance
Regulatory Requirements and Information Security
Business Impact of Regulatory Requirements
Liability Management
Liability Management Strategies
How to Identify Legal and Regulatory Requirements
Business Case Development
Budgetary Reporting Methods
Budgetary Planning Strategy
How to Justify Investment in Info Security
Organizational Drivers
Impact of Drivers on Info Security
Third Party Relationships
How to Identify Drivers Affecting the Organization
Purpose of Obtaining Commitment to Info Security
Methods for Obtaining Commitment
ISSG
ISSG Roles and Responsibilities
ISSG Operation
How to Obtain Senior Management’s Commitment to Info Security
Info Security Management Roles and Responsibilities
How to Define Roles and Responsibilities for Info Security
The Need for Reporting and Communicating
Methods for Reporting in an Organization
Methods of Communication in an Organization
How to Establish Reporting and Communicating Channels
Domain 2: Risk Management
Risk
Risk Assessment
Info Threat Types
Info Vulnerabilities
Common Points of Exposure
Info Security Controls
Types of Info Security Controls
Common Info Security Countermeasures
Overview of the Risk Assessment Process
Factors Used in Risk Assessment and Analysis
Risk Assessment Methodologies
Quantitative Risk Assessment – Part 1
Quantitative Risk Assessment – Part 2
Qualitative Risk Assessment
Hybrid Risk Assessment
Best Practices for Info Security Management
Gap Analysis
How to Implement an Info Risk Assessment Process
Info Classification Schemas
Components of Info Classification Schemas
Info Ownership Schemas
Components of Info Ownership Schemas
Info Resource Valuation
Valuation Methodologies
How to Determine Info Asset Classification and Ownership
Baseline Modelling
Control Requirements
Baseline Modelling and Risk Based Assessment of Control Requirements
How to Conduct Ongoing Threat and Vulnerability Evaluations
BIA’s
BIA Methods
Factors for Determining Info Resource Sensitivity and Critically
Impact of Adverse Events
How to Conduct Periodic BIA’s
Methods for Measuring Effectiveness of Controls and Countermeasures
Risk Mitigation
Risk Mitigation Strategies
Effect of Implementing Risk Mitigation Strategies
Acceptable Levels of Risk
Cost Benefit Analysis
How to Identify and Evaluate Risk Mitigation Strategies
Life Cycle Processes
Life Cycle-Based Risk Management
Risk Management Life Cycle
Business Life Cycle Processes Affected by Risk Management
Life Cycled-Based Risk Management Principles and Practices
How to Integrate Risk Management Into Business Life Cycle Processes
Significant Changes
Risk Management Process
Risk Reporting Methods
Components of Risk Reports
How to Report Changes in Info Risk
Domain 3: Information Security Program
Info Security Strategies
Common Info Security Strategies
Info Security Implementation Plans
Conversation of Strategies Into Implementation Plans
Info Security Programs
Info Security Program Maintenance
Methods for Maintaining an Info Security Program
Succession Planning
Allocation of Jobs
Program Documentation
How to Develop Plans to Implement an Info Security Strategy
Security Technologies and Controls
Cryptographic Techniques
Symmetric Cryptography
Public Key Cryptography
Hashes
Access Control
Access Control Categories
Physical Access Controls
Technical Access Controls
Administrative Access Controls
Monitoring Tools
IDS’s
Anti-Virus Systems
Policy-Compliance Systems
Common Activities Required in Info Security Programs
Prerequisites for Implementing the Program
Implementation Plan Management
Types of Security Controls
Info Security Controls Development
How to Specify info Security Program Activities
Business Assurance Function
Common Business Assurance Functions
Methods for Aligning info Security Programs with Business Assurance Functions
How to Coordinate Info Security Programs with Business Assurance Functions
SLA’s
Internal Resources
External Resources
Services Provided by External Resources – Part 1
Services Provided by External Resources – Part 2
Skills Commonly Required for Info Security Program Implementation
Dentification of Resources and Skills Required for a Particular Implementation
Resource Acquisition Methods
Skills Acquisition Methods
How to Identify Resources Needed for Info Security Program Implementation
Info Security Architectures
The SABSA Model for Security Architecture
Deployment Considerations
Deployment of Info Security Architectures
How to Develop Info Security Architecture
Info Security Policies
Components of Info Security Policies
Info Security Policies and the Info Security Strategy
Info Security Policies and Enterprise Business Objectives
Info Security Policy Development Factors
Methods for Communicating Info Security Policies
Info Security Policy Maintenance
How to Develop Info Security Policies
Info Security Awareness Program, Training Programs, and Education Programs
Security Awareness, Training, and Education Gap Analysis
Methods for Closing the Security Awareness, Training, and Education Gaps
Security-Based Cultures and Behaviours
Methods for Establishing and Maintaining a Security-Based Culture in the Enterprise
How to Develop Info Security Awareness, Training, and Education Programs
Supporting Documentation for Info Security Policies
Standards, Procedures, Guidelines, and Baselines
Codes of Conduct
NDA’s
Methods for Developing Supporting Documentation
Methods for Implementing Supporting Documentation and for Communicating Supporting Documentation
Methods for Maintaining Supporting Documentation
C and A
C and A Programs
How to Develop Supporting Documentation for Info Security Policies
Domain 4: Information Security Program Implementation
Enterprise Business Objectives
Integrating Enterprise Business Objectives & Info Security Policies
Organizational Processes
Change Control
Merges & Acquisitions
Organizational Processes & Info Security Policies
Methods for Integrating Info Security Policies & Organizational Processes
Life Cycle Methodologies
Types of Life Cycle Methodologies
How to Integrate Info Security Requirements Into Organizational Processes
Types of Contracts Affected by Info Security Programs
Joint Ventures
Outsourced Provides & Info Security
Business Partners & Info Security
Customers & Info Security
Third Party & Info Security
Risk Management
Risk Management Methods & Techniques for Third Parties
SLA’s & Info Security
Contracts & Info Security
Due Diligence & Info Security
Suppliers & Info Security
Subcontractors & Info Security
How to Integrate Info Security Controls Into Contracts
Info Security Metrics
Types of Metrics Commonly Used for Info Security
Metric Design, Development & Implementation
Goals of Evaluating Info Security Controls
Methods of Evaluating Info Security Controls
Vulnerability Testing
Types of Vulnerability Testing
Effects of Vulnerability Assessment & Testing
Vulnerability Correction
Commercial Assessment Tools
Goals of Tracking Info Security Awareness, Training, & Education Programs
Methods for Tracking Info Security Awareness, Training, & Education Programs
Evaluation of Training Effectiveness & Relevance
How to Create Info Security Program Evaluation Metrics
Domain 5: Information Security Program Management
Management Metrics
Types of Management Metrics
Data Collection
Periodic Reviews
Monitoring Approaches
KPI’s
Types of Measurements
Other Measurements
Info Security Reviews
The Role of Assurance Providers
Comparing Internal and External Assurance Providers
Line Management Technique
Budgeting
Staff Management
Facilities
How to Manage Info Security Program Resources
Security Policies
Security Policy Components
Implementation of Info Security Policies
Administrative Processes and Procedures
Access Control Types
ACM
Access Security Policy Principles
Identity Management and Compliance
Authentication Factors
Remote Access
User Registration
Procurement
How to Enforce Policy and Standards Compliance
Types of Third Party Relationships
Methods for Managing Info Security Regarding Third Parties
Security Service Providers
Third Party Contract Provisions
Methods to Define Security Requirements in SLA’s, Security Provisions and SLA’s, and Methods to Monitor Security
How to Enforce Contractual Info Security Controls
SDLC
Code Development
Common Techniques for Security Enforcement
How to Enforce Info Security During Systems Development
Maintenance
Methods of Monitoring Security Activities
Impact of Change and Configuration Management Activities
How to Maintain Info Security Within an Organization
Due Diligence Activities
Types of Due Diligence Activities
Reviews of Info Access
Standards of Managing and Controlling Info Access
How to Provide Info Security Advice and Guidance
Info Security Awareness
Types of Info Security Stakeholders
Methods of Stakeholder Education
Security Stakeholder Education Process
How to Provide Info Security Awareness and Training
Methods of Testing the Effectiveness of Info Security Control
The Penetration Testing Process
Types of Penetration Testing
Password Cracking
Social Engineering Attacks
Social Engineering Types
External Vulnerability Reporting Sources
Regulatory Reporting Requirements
Internal Reporting Requirements
How to Analyze the Effectiveness of Info Security Controls
Noncompliance Issues
Security Baselines
Events Affecting the Security Baseline
Info Security Problem Management Process
How to Resolve Noncompliance Issues
Domain 6: Incident Management and Response
Incident Response Capability
Components of Incident Response
BCP
BIA Phase
Coop
DRP
Alternate Sites
Develop a BCP
Develop a DRP
MTD
RPO
RTO
Data Backup Strategies
Data Backup Types
Data Restoration Strategies
Info Incident Management Practices
IRP
Trigger Events and Types of Trigger Events
Methods of Containing Damage
How to Develop an IRP
Escalation Process
Notification Process
IRT
Crisis Communication
How to Establish an Escalation Process
Internal Reporting Requirements
External Reporting Requirements
Communication Process
How to Develop a Communication Process
IRP and DRP
IRP and BCP
Methods of Identifying Business Resources Essential to Recovery
How to Integrate an IRP
Role of Primary IRT Members and Role of Additional IRT Members
Response Team Tools and Equipment
How to Develop IRT’s
BCP testing
Disaster Recovery Testing
Schedule Disaster Recovery Testing
Refine IRP
How to Test an IRP
Damage Assessment
Business Impacts Cause by Security Incidents
How to Manage Responses to Info Security Incidents
Computer and Digital Forensics
Forensic Requirements for Responding to Info Security Incidents
Evidence Life Cycle
Evidence Collection
Evidence Types
Five Common Rules of Evidence
Chain of Custody
How to Investigate an Info Security Incident
PIR Methods
Security Incident Review Process
Investigate Cause of a Security Incident
Identify Corrective Actions
Reassess Security Risks After a Security Incident
How to Conduct a Post-Incident Review
Outro – Pre Test/Test Strategy
Post Test
12. Certified Information Systems Auditor (CISA)
Lesson 1
Introduction
Audit Process
Auditing Standards
Auditing Guidelines
Cobit Model
Audit Management
Internal Control Classifications
Planning
Program
Evidence
Audit Control Evaluation
CSA Control Self-Assessment
Lesson 2
IT Governance
Governance & Security Policies
Outsourcing & Governance
Outsourcing & Globalization
Organizational Compliance
IT Strategy
IT Performance
Lesson 3
System & Infrastructure
Requirements
Project Management Tools – Part 1
Project Management Tools – Part 2
Applications
Agile Development
Monitoring & Controlling
Acquisition Process
Testing Process
Information Systems Maintenance Practices
Data Conversion Tools
Lesson 4
Media Disposal Process
Post Implementation Review
Periodic Review
System Maintenance
Lesson 5
IT Service Delivery and Support
How to Evaluate Service Level Management Practices
Operations Management
Databases
Structured Query Language (SQL)
Monitoring Performance
Source Code and Performance Monitoring
Patch Management
Incident Management
Hardware Component Types
Network Component Types
Lesson 6
IS Auditor Technical Overview
Security Design
Monitoring Systems
Types of Attacks
Cryptography
Encryption
Asymmetric Encryption
Digital Certificate
Different Kinds of Attacks
Access Controls
Identification and Authentication
Physical Access Exposure
Environmental Security
Network Security Devices and Network Components
Network Address Translation
Virtual Private Networks (VPNs)
Voice System Risks
Intrusion Detection
Firewalls
Firewall Implementation
Network Access Protection
HoneyPot
Risks to Portable and Wireless Devices
Bluetooth
OSI Networking
Managing Data
Lesson 7
Business Continuity and Disaster Recovery
Fault Tolerance
Business Continuity and Disaster Recovery Regulations
13. Certified Information Systems Security Professional (CISSP)
Module 1: Security and Risk Management
Introduction
CIA Triad Security Governance – Part 1
CIA Triad Security Governance – Part 2
Compliance Legal And Regulatory Issues – Part 1
Compliance Legal And Regulatory Issues – Part 2
Understanding Professional Ethics – Part 1
Understanding Professional Ethics – Part 2
Risk Management – Part 1
Risk Management – Part 2
Threat Modelling Acquisition Strategy And Practice Security Awareness And Training – Part 1
Threat Modelling Acquisition Strategy And Practice Security Awareness And Training – Part 2
Module 2: Asset Security
Asset Security – Part 1
Asset Security – Part 2
Module 3: Security Engineering
Engineering And Management Of Security – Part 1
Engineering And Management Of Security – Part 2
Engineering And Management Of Security – Part 3
Engineering And Management Of Security – Part 4
Engineering And Management Of Security – Part 5
Engineering And Management Of Security – Part 6
Module 4: Communication and Network Security
Apply Secure Design Principles To Networks – Part 1
Apply Secure Design Principles To Networks – Part 2
Apply Secure Design Principles To Networks – Part 3
Apply Secure Design Principles To Networks – Part 4
Apply Secure Design Principles To Networks – Part 5
Apply Secure Design Principles To Networks – Part 6
Securing Network Components – Part 1
Securing Network Components – Part 2
Design And Establish Secure Communication Channels – Part 1
Design And Establish Secure Communication Channels – Part 2
Design And Establish Secure Communication Channels – Part 3
Module 5: Identity and Access Management
Controlling Access And Managing Identity – Part 1
Controlling Access And Managing Identity – Part 2
Controlling Access And Managing Identity – Part 3
Controlling Access And Managing Identity – Part 4
Module 6: Security Assessment Testing
Designing Performing And Analyzing Security Testing
Module 7: Security Operations
Foundational Concepts And Investigations – Part 1
Foundational Concepts And Investigations – Part 2
Incident Management And Preventative Measures – Part 1
Incident Management And Preventative Measures – Part 2
Disaster Recovery Process – Part 1
Disaster Recovery Process – Part 2
Module 8: Software Development Security
Understanding Applying And Enforcing Software Security – Part 1
Understanding Applying And Enforcing Software Security – Part 2
Conclusion
14. Cloud Computing Security Knowledge (CCSK)
Module 1: Architecture
Cloud Security Overview-Part1
Cloud Security Overview-Part2
Cloud Diagrams
Cloud Services
Module 2: Governance and Enterprise Risk
Risk Management
Corporate Governance
Enterprise Risk Management
Risk Management Balance Process Supply Chain Security
ERM Incidents Recommendations-Part1
ERM Incidents Recommendations-Part2
ERM Incidents Recommendations-Part3
Module 3: Legal Issues- Contracts and Electronic
Cloud Legal Issues-Part1
Cloud Legal Issues-Part2
Cloud Legal Issues-Part3
Module 4: Compliance and Audit Management
Audits
Compliance And Audit
Audit Recommendations
Audit Requirements
Module 5: Information Management and Data Security
Information And Security
Storage
Information Governance Classification
Data Security
Protecting Data Moving
Client Database Encryption
PaaS Encryption
Module 6: Interoperability and Portability
Interoperability And Portability
Interoperability Recommendations
Portability Recommendations
Recommendations SAAS
Module 7: Traditional Security, Business Continuity, and Disaster Recovery
Business Continuity And Disaster Recovery
Assessing CSP Security
Equipment Maintenance
Recommendations
Module 8: Data Center Operations
Data Center Operations
Module 9: Incident Response
Incident Response
Testing
IaaS
C.E.R.- Containment, Eradication, And Recovery
Module 10: Application Security
Application Security
Security Testing
Audit Compliance
Security Assurance Recommendations
Module 11: Encryption and Key Management
Encryption And Key Management
Content Aware Encryption
Storage Of Keys
Module 12: Identity, Entitlement, and Access Management
Building Access Control
Intro To Identity
Entitlement Process
Trust With Identity
Recommendations For Identity Management
Module 13: Virtualization
Virtualization
Hypervisor And Virtual Machine
Inter-Virtual Machine Attacks
Virtual Machine Encryption
Virtual Machine Recommendations And Requirements
Module 14: Security as a Service
Security As A Service
Security Offerings
Intrusion Detection Prevention
Business Continuity And Disaster Recovery
European CCSK
Top Security Benefits
European Legal Based Issues
Meet someone working in cyber security
MeasureUP practice tests included
As part of this course, you will get access to MeasureUP practice tests to help prepare you for your exams. MeasureUP practice tests are endorsed by a range of certification bodies such as CompTIA, Microsoft, and Cisco.
Features of MeasureUP practice tests:
Questions are similar to exam questions, allowing you to test your knowledge of exam objectives
Detailed explanations for both correct and distractor answers reinforce the material
‘Practice Mode’ covers all objectives ensuring topics are covered
‘Certification Mode’ (timed) prepares students for exam taking conditions
Instant, drill-down score reports tell you exactly the areas to focus on
Watch this video to learn more about MeasureUP practice tests.
Potential future career paths
Cyber Security Engineer
Cyber Security Analyst
Cyber Security Investigator
Cyber Threat Analyst
Cyber Threat Consultant
IT Security Specialist
IT Security Consultant
IT Support Technician
Network Engineer
Network Consultant
Data Centre Manager
IT Manager
IT Sales Account Manager
IT Consultant
Systems Administrator
How long do I have to complete the course?
You have 12 months to complete the courses and take the exams.
Watch this video to learn more about CompTIA certifications.
Further questions?
If you have any further questions about this course, please call us on 020 7183 8790 or drop us an email at support@redbridgecourses.com. We’re available Mon-Fri, 9am-6pm. Our support team will be happy to answer any questions you may have.
Would you like to see a demo?
Complete the form below and we’ll be in contact to arrange a demo of the course material and features. You can also use this form to arrange a call back. We’re happy to discuss the course and career program with you in more depth.