Cyber Security Pro Package

    £1,195.00

    Pay over 1 year at £99.58 per month

    If you’re looking to enhance your cyber security skills, this pro package might be what you’re after. It contains ten cyber security certification courses, and four CompTIA certification courses aimed at anyone looking to brush up on their general IT skills before embarking on the more advanced cyber security certification courses. This pro package also contains a choice of four foundation certification exams; and five specialist certification exams. Take a look at the list of courses further down the page to see which course has the option to sit an exam. Look for the label ‘EXAM AVAILABLE’ next to the course title. You can choose to sit any two foundation exams and any two specialist exams. You can forfeit the foundation exams if you’re able to show proof that you have prior cyber security, IT support, or networking experience.

    An example of the CompTIA Security+ certification you can gain through this course.

     

    Learn what the CompTIA Security+ can do for your career.

     

     

    Course Features

     

       Video Learning

    Access to video based online learning material. Tutors use diagrams and illustrations to teach the classes, as well as giving demonstrations of equipment. Lessons are pre-recorded allowing you to  fast-forward, rewind and pause at any time throughout the lessons. Videos can be viewed on different devices including a desktop computer, laptop, tablet, and smart phone.

      Accessible from Anywhere

    Your course can be done from any where in the world. If you decide to move to a different city or even country, you can continue with the course from wherever you are. All you need is a device such as a desktop computer, laptop, tablet, smart phone, and an internet connection.

       Live Practice Labs

    Some of the courses provide access to live practice labs (e.g. Mile2 Ethical Hacking, CompTIA Security+), allowing you to put your course skills to the test in a live simulated environment. For instance, learn how to setup a firewall to protect a network from cyber attacks. The live labs have two functions: 1. guided exercises, instructing you to carry out tasks; 2. sand box environment, allowing you to play with the online equipment to test out your skills. Click here to learn more about the live labs.

      MeasureUP Practice Tests

    Before you sit a CompTIA exam, you will be given access to a MeasureUP practice test. These tests have two modes: 1. practice-mode, allowing you learn the questions and answers with resources included; 2. certification mode, allowing you to test yourself with a limited time and without the answers. These tests are the closest experience to the real exams. MeasureUP have been the gold standard in exam preparation for over 20 years.

      Exam Fees Paid

    Your course comes with official CompTIA exam vouchers. This means all exam fees are fully paid. Exams can be taken online in your own home. Your course also comes with other vendor exams, such as Mile2 ethical hacking. This exam can also be taken at home. You have the option to take two foundation exams and two specialist exams. See the list of courses below to see which course titles include an exam.

       CompTIA Certifications

    Upon passing your exams, you will receive up to four certifications from CompTIA. These certifications are globally recognised, meaning you can work any where in the world with them. CompTIA certifications are held in high regard by IT employers and IT recruiters. Click here to view salary and employment information.

      Spread the cost

    Spread your course payments over 12 monthly installments through Knoma. There’s no interest or charges. Just one easy online application to complete. You’ll get an instant decision.

     

    Who are CompTIA? Watch this video to find out.

    Course Syllabus

    1. CompTIA IT Fundamentals FC0-U61 (FOUNDATION EXAM AVAILABLE)

    IT Concepts and Terminology

    Understand the basics of computing
    Understand basic terminology
    Comprehend notational systems
    Explain the value of data and troubleshooting

    Infrastructure

    Setting up and installing common peripheral devices

    Applications and Software

    Manage applications software
    Understand various components of an operating system
    Explain the purpose of methods of application architecture

    Software Development

    Comprehend programming language categories
    Interpret logic
    Understand the purpose of programming concepts

    Database Fundamentals

    Explain database concepts
    Explain structures
    Explain purpose
    Understand methods used to interface

    Security

    Understand confidentiality
    Understand integrity
    Understand availability concerns of secure devices
    Understand best practice methods of secure devices

    2. CompTIA A+ 220-1001 and 1002 (FOUNDATION EXAMS AVAILABLE)

    CompTIA A+ 220-1001

    Mobile Devices
    • 1.0 What are we covering?
    • 1.1 Given a scenario, install and configure laptop hardware and components
    • 1.2 Given a scenario, install components within the display of a laptop
    • 1.3 Given a scenario, use appropriate laptop features
    • 1.4 Compare and contrast characteristics of various types of other mobile devices
    • 1.5 Given a scenario, connect and configure accessories and ports of other mobile devices
    • 1.6 Given a scenario, configure basic mobile device network connectivity and application support
    • 1.7 Given a scenario, use methods to perform mobile device synchronization
    Networking
    • 2.0 What are we covering?
    • 2.1 Compare and contrast TCP and UDP ports, protocols and their purpose
    • 2.2 Compare and contrast common networking hardware devices
    • 2.3 Given a scenario, install and configure a basic wired/wireless SOHO network
    • 2.4 Compare and contrast wireless networking protocols
    • 2.5 Summarize the properties and purposes of services provided by networked hosts
    • 2.6 Explain common network configuration concepts
    • 2.7 Compare and contrast internet connection types, network types and their features
    • 2.8 Given a scenario, use appropriate networking tools
    Hardware
    • 3.0 What are we covering?
    • 3.1 Explain basic cable types, features and their purposes
    • 3.2 Identify common connector types
    • 3.3 Given a scenario, install RAM types
    • 3.4 Given a scenario, select, install and configure storage devices
    • 3.5 Given a scenario, install and configure motherboards, CPUs and add-on cards
    • 3.6 Explain the purposes and uses of various peripheral types
    • 3.7 Summarize power supply types and features
    • 3.8 Given a scenario, select and configure appropriate components for a custom PC configuration to meet customer specifications/needs
    • 3.9 Given a scenario, install and configure common devices
    • 3.10 Given a scenario, configure SOHO multifunction devices/printers and settings
    • 3.11 Given a scenario, install and maintain various print technologies
    Virtualization and Cloud Computing
    • 4.1 Compare and contrast cloud computing concepts
    • 4.2 Given a scenario, set up and configure client-side virtualization
    Hardware and Network Troubleshooting
    • 5.0 What are we covering?
    • 5.1 Given a scenario, use the best practice methodology to resolve problems
    • 5.2 Given a scenario, troubleshoot problems related to motherboards, RAM, CPUs and power
    • 5.3 Given a scenario, troubleshoot hard drives and RAID arrays
    • 5.4 Given a scenario, troubleshoot video, projector and display issues
    • 5.5 Given a scenario, troubleshoot common mobile device issues while adhering to the appropriate procedures
    • 5.6 Given a scenario, troubleshoot printers
    • 5.7 Given a scenario, troubleshoot common wires and wireless network problems

    CompTIA A+ 220-1002

    Operating Systems
    • 1.1 Compare and contrast common operating system types and their purposes
    • 1.2 Compare and contrast features of Microsoft Windows versions
    • 1.3 Summarize general OS installation considerations and upgrade methods
    • 1.4 Given a scenario, use appropriate Microsoft command line tools
    • 1.5 Given a scenario, use Microsoft operating system features and tools
    • 1.6 Given a scenario, use Microsoft Windows Control Panel utilities
    • 1.7 Summarize application installation and configuration concepts
    • 1.8 Given a scenario, configure Microsoft Windows networking on a client/desktop
    • 1.9 Given a scenario, use features and tools of the Mac OS and Linux client/desktop operating systems
    Security
    • 2.1 Summarize the importance of physical security measures
    • 2.2 Explain logical security concepts
    • 2.3 Compare and contrast wireless security protocols and authentication methods
    • 2.4 Given a scenario, detect, remove, and prevent malware using appropriate tools and methods
    • 2.5 Compare and contrast social engineering, threats, and vulnerabilities
    • 2.6 Compare and contrast the differences of basic Microsoft Windows OS security settings
    • 2.7 Given a scenario, implement security best practices to secure a workstation
    • 2.8 Given a scenario, implement methods for securing mobile devices
    • 2.9 Given a scenario, implement appropriate data destruction and disposal methods
    • 2.10 Given a scenario, configure security on SOHO wireless and wired networks
    Software Troubleshooting
    • 3.1 Given a scenario, troubleshoot Microsoft Windows OS problems
    • 3.2 Given a scenario, troubleshoot and resolve PC security issues
    • 3.3 Given a scenario, use best practice procedures for malware removal
    • 3.4 Given a scenario, troubleshoot mobile OS and application issues
    • 3.5 Given a scenario, troubleshoot mobile OS and application security issues
    Operational Procedures
    • 4.1 Compare and contrast best practices associated with types of documentation
    • 4.2 Given a scenario, implement basic change management best practices
    • 4.3 Given a scenario, implement basic disaster prevention and recovery methods
    • 4.4 Explain common safety procedures
    • 4.5 Explain environmental impacts and appropriate controls
    • 4.6 Explain the processes for addressing prohibited content/activity, and privacy, licensing, and policy concepts
    • 4.7 Given a scenario, use proper communication techniques and professionalism
    • 4.8 Identify the basics of scripting

    3. Cyber Security Awareness and Prevention
    Introduction to Cyber Security Awareness
    Managing Mobile Device Security
    4. Data Security Compliance
    Data Breaches And ID Theft
    Device Security Basics
    Avoiding Inadvertent Disclosure
    Physical And Technical Safeguards
    5. CompTIA Network+ N10-007 (FOUNDATION EXAM AVAILABLE)

    Module 1: Networking Concepts

    1.1 Basic Networking
    • Intro to networking
    • Networking architectures
    • Activity: Basic Networking
    1.2 OSI Model
    • Layer 7 – Application
    • Layer 6 – Presentation
    • Layer 5 – Session
    • Layer 4 – Transport
    • Layer 3 – Network
    • Layer 2 – Data Link
    • Layer 1 – Physical
    • Activity: Exploring the OSI Model
    1.3 Protocols and Ports
    • Protocols and ports overview
    • Activity: Examining Protocols and Ports
    • Connection-oriented vs. connectionless
    • Transmission Control Protocol (TCP)
    • User Datagram Protocol (UDP)
    • Activity: Comparing TCP and UDP
    • Internet Protocol (IP)
    • Internet Control Messaging Protocol (ICMP)
    • Internet Group Messaging Protocol (IGMP)
    • Activity: Examining the Lower Layer Protocols
    • Layer 7 Remote Control Protocols
    • Layer 7 File Transfer Protocols
    • Layer 7 Messaging Protocols
    • Activity: Examining Messaging Protocols
    • Layer 7 Web Traffic Protocols
    • Layer 7 Streaming Media Protocols
    • Layer 7 Infrastructure Management Protocols
    1.4 Switching
    • Properties of Network Traffic
    • Contention Management
    • Activity: Creating Collision and Broadcast Domains
    • Interface Properties and Segmentation
    • Activity: Creating a Basic Network Segment
    • Switching prt 2
    • Activity: Switching
    • Switching Loop Management
    • Activity: Managing Switching Loops
    • VLANs
    • Activity: Creating VLANs
    1.5 Routing
    • ARP
    • Activity: Examining ARP
    • IP Addressing Basics
    • Activity: Configuring IP
    • Routers
    • Activity: Setting Up a Router
    • Routing Basics
    • Activity Adding Static Routes
    • VLAN Routing
    • Activity: Routing Between VLANs
    • NAT/PAT
    • Activity: Configuring NAT/PAT
    • Routing Protocols
    • Activity Configuring a Routing Protocol
    • Firewalls
    • Activity: Configuring Firewalls
    1.6 Advanced Switching and Routing Concepts
    • IPv6 Concepts
    • Activity: Exploring IPv6
    • Performance Concepts
    • Distributed Switching
    • Software-defined Networking
    1.7 IP Addressing
    • Public vs. Private
    • Loopback and Reserved
    • Subnet Mask
    • Default Gateway
    • Virtual IP
    • Subnetting
    • Activity: Learning to Subnet
    • Address Assignments
    1.8 Network Types and Topologies
    • Wired Topologies
    • Wireless Topologies
    • Network Types
    • Technologies that Facilitate the Internet Of Things (IoT)
    1.9 Wireless Technologies
    • Radio Basics
    • 802.11 Standards
    • Wi-Fi Frequencies
    • Wi-Fi Antenna Concepts
    • Bluetooth
    • Cellular
    • Site Surveys
    • Activity: Using an RF Spectrum Analyzer
    1.10 Cloud Concepts
    • Types of Services
    • Cloud Delivery Models
    • Security Implications/Considerations
    • Activity: Exploring Cloud Services
    1.11 Network Services
    • DNS Service
    • Activity: Setting up DNS
    • DHCP Service
    • Activity: Setting Up DHCP
    • NTP
    • IPAM

    Module 2 – Infrastructure

    2.1 Cabling Solutions
    • Media Types
    • Activity: Testing a Fiber Optic Cable
    • Plenum vs.PVC
    • Connector Types
    • Activity: Crimping on an RJ-45 Connector
    • Transceivers
    • Termination Points
    • Activity: Terminating Cable to a 110 Block
    • Copper Cable Standards
    • Copper Termination Standards
    • Activity: Creating a Crossover Cable
    • Ethernet Deployment Standards
    2.2 Network Device Placement and Installation
    • Network Interface
    • Repeater
    • Hub
    • Bridge
    • Switch
    • Router
    • Modem
    • Wireless Access Point
    • Activity Setting up a WAP
    • Firewall
    • Media Converter
    • Wireless Range Extender
    • VoIP Endpoint
    2.3 Advanced Network Devices
    • Multilayer Switch
    • Wireless Controller
    • Load Balancer
    • IDS/IPS
    • Proxy Server
    • Activity Configuring Proxy Settings
    • VPN Concentrator
    • AAA/RADIUS Server
    • UTM Appliance
    • NGFW/Layer 7 Firewall
    • VoIP PBX
    • VoIP Gateway
    • Content Filter
    2.4 Virtualization and Network Storage Technologies
    • Virtual Networking Components
    • Network Storage Types
    • Connection Types
    • Jumbo Frames
    2.5 WAN Technologies
    • Service Types
    • Transmission Mediums
    • Characteristics of Service
    • Activity Configuring WAN Links
    • Termination

    Module 3 – Network Operations

    3.1 Documentation
    • Diagram Symbols
    • Standard Operating Procedures/Work Instructions
    • Logical vs. Physical Diagrams
    • Rack Diagrams
    • Change Management Documentation
    • Wiring and Port Locations
    • IDF/MDF Documentation
    • Labeling
    • Network Configuration and Performance Baselines
    • Inventory Management
    • Activity Using Documentation
    3.2 Business Continuity and Disaster Recovery
    • Availability Concepts
    • Recovery
    • Activity Backing Up Your Data
    • MTTR
    • MTBF
    • SLA Requirements
    3.3 Scanning, Monitoring, and Patching
    • Processes
    • Event Management
    • SNMP Monitors
    • Metrics
    • Activity: Testing the Network
    3.4 Remote Access Methods
    • VPN
    • RDP
    • SSH
    • VNC
    • Telnet
    • HTTPS/Management URL
    • Remote File Access
    • Out-of-Band Management
    • Activity: Making Remote Connections
    3.5 Policies and Best Practices
    • Privileged User Agreement
    • Password Policy
    • On-boarding/Off-boarding Procedures
    • Licensing Restrictions
    • International Export Controls
    • Data Loss Prevention
    • Remote Access Policies
    • Incident Response Policies
    • BYOD
    • AUP
    • NDA
    • System Life Cycle
    • Safety Procedures And Policies
    • Activity: Creating Policies and Procedures

    Module 4 – Network Security

    4.1 Physical Security Devices
    • Detection
    • Prevention
    4.2 Authentication and Access Control
    • Authorization, Authentication, and Accounting
    • Multifactor Authentication
    • Access Control
    • Activity: Examining Access Control Mechanisms
    4.3 Basic Wireless Network Security
    • WPA
    • WPA2
    • TKIP-RC4
    • CCMP-AES
    • Authentication and Authorization
    • Geofencing
    • Activity: Demonstrating the Need for Wireless Security
    4.4 Common Network Attacks
    • DoS
    • Social Engineering
    • Insider Threat
    • Logic Bomb
    • Rogue Access Point
    • Evil Twin
    • War-driving
    • Phishing
    • Ransomware
    • DNS Poisoning
    • ARP Poisoning
    • Spoofing
    • Deauthentication
    • Brute Force
    • VLAN Hopping
    • Man-in-the-Middle
    • Exploits vs. Vulnerabilities
    • Activity Conducting a Phishing Attack
    4.5 Network Device Hardening
    • Changing Default Credentials
    • Avoiding Common Passwords
    • File Hashing
    • Generating New Keys
    • Activity Supporting Secure Authentication and Encryption
    • Upgrading Firmware
    • Patching and Updates
    • Disabling Unnecessary Services
    • Using Secure Protocols
    • Disabling Unused Ports
    4.6 Common Mitigation Techniques
    • Signature Management
    • Device Hardening
    • Change Native VLAN
    • Switchport Protection
    • Network Segmentation
    • Privileged User Account
    • File Integrity Monitoring
    • Role Separation
    • Restricting Access Via ACLs
    • Honeypot/Honeynet
    • Penetration Testing
    • Activity: Implementing a Honeypot

    Module – Network Troubleshooting and Tools

    5.1 Network Troubleshooting Methodology
    • Identify the Problem
    • Establish a Theory of Probable Cause
    • Test the Theory to Determine the Cause
    • Establish a Plan of Action to Resolve the Problem and Identify Potential Effects
    • Implement the Solution or Escalate as Necessary
    • Verify Full System Functionality and , if Applicable, Implement Preventive Measures
    • Document Findings, Actions, and Outcomes
    5.2 Using the Appropriate Tool
    • Hardware Tools – Basic Hand Held
    • Hardware Tools – Analyzers
    • Activity: Troubleshooting with Hardware Tools
    • Software Tools – Testers and Analyzers
    • Activity: Troubleshooting with Software Tools
    • Software Tools – Command Line
    • Activity: Using Command Line Tools
    5.3 Troubleshoot Wired Connectivity and Performance
    • Signal Issues:
    o Attenuation
    o Latency
    o Jitter
    o Crosstalk
    o EMI
    • Activity Troubleshooting Signal Problems
    • Physical Issues:
    o Open/short
    o Incorrect pin-out
    o Incorrect Cable Type
    o Bad Port
    o Damaged cable
    o Bent pins
    • Transceiver Issues:
    o Transceiver mismatch
    o TX/RX reverse
    o Duplex/speed mismatch
    • Activity: Troubleshooting Transceiver Problems
    • Traffic Flow Issues:
    o Bottleneck
    o VLAN mismatch
    o Network connection LED status indicators
    5.4 Troubleshoot Wireless Connectivity and Performance
    • Signal Loss:
    o Attenuation
    o Reflection
    o Refraction
    o Absorption
    • Latency & Jitter
    • Antenna Issues:
    o Incorrect antenna type
    o Incorrect antenna placement
    • Incorrect WAP type
    • WAP Issues:
    o Interference
    o Channel overlap
    o Overcapacity
    o Distance limitations
    o Frequency mismatch
    o Power levels
    o Signal-to-noise ratio
    • WAP Misconfiguration:
    o Wrong SSID
    o Wrong passphrase
    o Security type mismatch
    • Activity Troubleshooting WAP Issues
    5.5 Troubleshoot Common Network Service Issues
    • Common Network Issues:
    o Physical Connectivity
    o Incorrect IP Address
    o Incorrect Gateway
    o Incorrect Netmask
    o Names Not Resolving
    o Untrusted SSL Certificate
    • DHCP Issues:
    o Duplicate IP Addresses
    o Expired IP Address
    o Rogue DHCP
    o Exhausted DHCP Scope
    • Firewall/ACL Issues:
    o Blocked TCP/UDP Ports
    o Incorrect Host-based Firewall Settings
    o Incorrect ACL Settings
    • Advanced Network Issues:
    o DNS Server Issues
    o Duplicate MAC Addresses
    o Incorrect Time
    • Unresponsive Service
    • Hardware Failure
    • Activity Case Study: Troubleshooting an Unusual Network Issue

    6. CompTIA Security+ SY0-601 (FOUNDATION EXAM AVAILABLE)
    • Compare and contrast different types of social engineering techniques
    • analyze potential indicators to determine the type of attack
    • Analyze potential indicators associated with application attacks
    • Analyze potential indicators associated with network attacks
    • Explain different threat actors, vectors, and intelligence sources
    • Explain the security concerns associated with various types of vulnerabilities
    • Summarize the techniques used in security assessments
    • Explain the techniques used in penetration testing
    • Explain the importance of security concepts in an enterprise environment
    • Summarize virtualization and cloud computing concepts
    • Summarize secure application development, deployment, and automation concepts
    • Summarize authentication and authorization design concepts
    • Implement cybersecurity resilience
    • Explain the security implications of embedded and specialized systems
    • Explain the importance of physical security controls
    • Summarize the basics of cryptographic concepts
    • Implement secure protocols
    • Implement host or application security solutions
    • Implement secure network designs
    • Install and configure wireless security settings
    • Implement secure mobile solutions
    • Apply cybersecurity solutions to the cloud
    • Implement identity and account management controls
    • Implement authentication and authorization solutions
    • Implement public key infrastructure
    • Use the appropriate tool to assess organizational security
    • Summarize the importance of policies, processes, and procedures for incident response
    • Utilize appropriate data sources to support an investigation
    • Apply mitigation techniques or controls to secure an environment
    • Explain the key aspects of digital forensics
    • Compare and contrast various types of controls
    • Explain the importance of applicable regulations, standards, or frameworks that impact organizational security posture
    • Explain the importance of policies to organizational security
    • Summarize risk management processes and concepts
    • Explain privacy and sensitive data concepts in relation to security.
    7. CompTIA PenTest+ (PT0-001) (SPECIALIST EXAM AVAILABLE)

    Module 1 – The Pen Test Engagement
    •  Module 1 Notes
    •  1.0 PenTest Plus Introduction
    •  1.1 PenTest Plus Topics
    •  1.2 PenTest Engagement
    •  1.3 Threat Modelling
    •  1.4 Technical Constraints
    •  1.5 PenTest Engagement Review
    •  1.6 Examining PenTest Engagement Documents Act
    Module 2 – Passive Reconnaissance
    •  Module 2 Notes
    •  2.1 Passive Reconnaissance part1
    •  2.2 WHOIS Act
    •  2.3 Passive Reconnaissance part2
    •  2.4 Google Hacking Act
    •  2.5 Passive Reconnaissance part3
    •  2.6 DNS Querying Act
    •  2.7 Passive Reconnaissance part4
    •  2.8 Email Server Querying Act
    •  2.9 SSL-TLS Certificates
    •  2.10 Shodan Act
    •  2.11 The Harvester
    •  2.12 The Harvester Act
    •  2.13 Recon-ng
    •  2.14 Recon-g Act
    •  2.14 Recon-ng-Part-2-API-key Act
    •  2.15 Maltego
    •  2.16 Have I been Pwned
    •  2.17 Punked and Owned Pwned Act
    •  2.18 Fingerprinting Organization with Collected Archives
    •  2.19 FOCA Act
    •  2.20 Findings Analysis Weaponization
    •  2.21 Chp 2 Review
    Module 3 – Active Reconnaissance
    •  Module 3 Notes
    •  3.1 Active Reconnaissance
    •  3.2 Discovery Scans Act
    •  3.3 Nmap
    •  3.4 Nmap Scans Types Act
    •  3.5 Nmap Options
    •  3.6 Nmap Options Act
    •  3.7 Stealth Scans
    •  3.8 Nmap Stealth Scans Act
    •  3.9 Full Scans
    •  3.10 Full Scans Act
    •  3.11 Packet Crafting
    •  3.12 Packet Crafting Act
    •  3.13 Network Mapping
    •  3.14 Metasploit
    •  3.15 Scanning with Metasploit Act
    •  3.16 Enumeration
    •  3.17 Banner Grabbing Act
    •  3.18 Windows Host Enumeration
    •  3.19 Windows Host Enumeration Act
    •  3.20 Linux Host Enumeration
    •  3.21 Linux Host Enumeration Act
    •  3.22 Service Enumeration
    •  3.23 Service Enumeration Act
    •  3.24 Network Shares
    •  3.25 SMB Share Enumeration Act
    •  3.26 NFS Network Share Enumeration
    •  3.27 NFS Share Enumeration Act
    •  3.28 Null Sessions
    •  3.29 Null Sessions Act
    •  3.30 Website Enumeration
    •  3.31 Website Enumeration Act
    •  3.32 Vulnerability Scans
    •  3.33 Compliance Scans Act
    •  3.34 Credentialed Non-credentialed Scans
    •  3.35 Using Credentials in Scans Act
    •  3.36 Server Service Vulnerability Scan
    •  3.37 Vulnerability Scanning Act
    •  3.38 Web Server Database Vulnerability Scan
    •  3.39 SQL Vulnerability Scanning Act
    •  3.40 Vulnerability Scan Part 2 OpenVAS Act
    •  3.41 Web App Vulnerability Scan
    •  3.42 Web App Vulnerability Scanning Act
    •  3.43 Network Device Vulnerability Scan
    •  3.44 Network Device Vulnerability Scanning Act
    •  3.45 Nmap Scripts
    •  3.46 Using Nmap Scripts for Vulnerability Scanning Act
    •  3.47 Packet Crafting for Vulnerability Scans
    •  3.48 Firewall Vulnerability Scans
    •  3.49 Wireless Access Point Vulnerability
    •  3.50 Wireless AP Scans Act
    •  3.51 WAP Vulnerability Scans
    •  3.52 Container Security issues
    •  3.53 How to Update Metasploit Pro Expired Trial License
    Module 4 – Physical Security
    •  Module 4 Notes
    •  4.1 Physical Security
    •  4.2 Badge Cloning Act
    •  4.3 Physical Security Review
    Module 5 – Social Engineering
    •  Module 5 Notes
    •  5.1 Social Engineering
    •  5.2 Using Baited USB Stick Act
    •  5.3 Using Social Engineering to Assist Attacks
    •  5.4 Phishing Act
    •  5.5 Social Engineering Review
    Module 6 – Vulnerability Scan Analysis
    •  Module 6 Notes
    •  6.1 Vulnerability Scan Analysis
    •  6.2 Validating Vulnerability Scan Results Act
    •  6.3 Vulnerability Scan Analysis Review
    Module 7 – Password Cracking
    •  Module 7 Notes
    •  7.1 Password Cracking
    •  7.2 Brute Force Attack Against Network Service Act
    •  7.3 Network Authentication Interception Attack
    •  7.4 Intercepting Network Authentication Act
    •  7.5 Pass the Hash Attacks
    •  7.6 Pass the Hash Act
    •  7.7 Password Cracking Review
    Module 8 – Penetrating Wired Networks
    •  Module 8 Notes
    •  8.1 Penetrating Wired Network
    •  8.2 Sniffing Act
    •  8.3 Eavesdropping
    •  8.4 Eavesdropping Act
    •  8.5 ARP Poisoning
    •  8.6 ARP Poisoning Act
    •  8.7 Man In The Middle
    •  8.8 MITM Act
    •  8.9 TCP Session Hijacking
    •  8.10 Server Message Blocks SMB Exploits
    •  8.11 SMB Attack Act
    •  8.12 Web Server Attacks
    •  8.13 FTP Attacks
    •  8.14 Telnet Server Attacks
    •  8.15 SSH Server Attacks
    •  8.16 Simple Network Mgmt Protocol SNMP
    •  8.17 Simple Mail Transfer Protocol SMTP
    •  8.18 Domain Name System DNS Cache Poisoning
    •  8.19 Denial of Service Attack DoS-DDoS
    •  8.20 DoS Attack Act
    •  8.21 VLAN Hopping Review
    Module 9 – Penetrating Wireless Networks
    •  Module 9 Notes
    •  9.1 Penetrating Wireless Networks
    •  9.2 Jamming Act
    •  9.3 Wireless Sniffing
    •  9.4 Replay Attacks
    •  9.5 WEP Cracking Act
    •  9.6 WPA-WPA2 Cracking
    •  9.7 WAP Cracking Act
    •  9.8 Evil Twin Attacks
    •  9.9 Evil Twin Attack Act
    •  9.10 WiFi Protected Setup
    •  9.11 Bluetooth Attacks
    •  9.12 Penetrating Wireless Networks
    Module 10 – Windows Exploits
    •  Module 10 Notes
    •  10.1 Windows Exploits
    •  10.2 Dumping Stored Passwords Act
    •  10.3 Dictionary Attacks
    •  10.4 Dictionary Attack Against Windows Act
    •  10.5 Rainbow Table Attacks
    •  10.6 Credential Brute Force Attacks
    •  10.7 Keylogging Attack Act
    •  10.8 Windows Kernel
    •  10.9 Kernel Attack Act
    •  10.10 Windows Components
    •  10.11 Memory Vulnerabilities
    •  10.12 Buffer Overflow Attack Act
    •  10.13 Privileged Escalation in Windows
    •  10.14 Windows Accounts
    •  10.15 Net and WMIC Commands
    •  10.16 Sandboxes
    Module 11 – Linux Exploits
    •  Module 11 Notes
    •  11.1 Linux Exploits
    •  11.2 Exploiting Common Linux Features Act
    •  11.3 Password Cracking in Linux
    •  11.4 Cracking Linux Passwords Act
    •  11.5 Vulnerability Linux
    •  11.6 Privileged Escalation Linux
    •  11.7 Linux Accounts
    •  11.8 Linux Exploits Review
    Module 12 – Mobile Devices
    •  Module 12 Notes
    •  12.1 Mobile Devices
    •  12.2 Hacking Android Act
    •  12.3 Apple Exploits
    •  12.4 Mobile Devices Review
    Module 13 – Specialized Systems
    •  Module 13 Notes
    •  13.1 Specialized Systems
    •  13.2 Specialized Systems Review
    Module 14 – Scripts
    •  Module 14 Notes
    •  14.1 Scripts
    •  14.2 Powershell
    •  14.3 Python
    •  14.4 Ruby
    •  14.5 Common Scripting Elements
    •  14.6 Scripts Review
    •  14.7 Better Ping Sweep
    •  14.8 Simple Port Scanner2
    •  14.9 Multi-target Port Scanner
    •  14.10 Port Scanner with Nmap
    •  14.11 Scripts Review
    Module 15 – Application Testing
    •  Module 15 Notes
    •  15.1 Application Testing
    •  15.2 Reverse Engineering
    Module 16 – Web App Exploits
    •  Module 16 Notes
    •  16.1 Webb App Exploits
    •  16.2 Injection Attacks
    •  16.3 HTML Injection
    •  16.4 SQL Hacking – SQLmap Act
    •  16.5 Cross-Site Attacks
    •  16.6 Cross-Site Request Forgery
    •  16.7 Other Web-based Attacks
    •  16.8 File Inclusion Attacks
    •  16.9 Web Shells
    •  16.10 Web Shells Review
    Module 17 – Lateral Movement
    •  Module 17 Notes
    •  17.1 Lateral Movement
    •  17.2 Lateral Movement with Remote Mgmt Services
    •  17.3 Process Migration Act
    •  17.4 Passing Control Act
    •  17.5 Pivoting
    •  17.6 Tools the Enable Pivoting
    •  17.7 Lateral Movement Review
    Module 18 – Persistence
    •  Module 18 Notes
    •  18.1 Persistence
    •  18.2 Breeding RATS Act
    •  18.3 Bind and Reverse Shells
    •  18.4 Bind Shells Act
    •  18.5 Reverse Shells
    •  18.6 Reverse Shells Act
    •  18.7 Netcat
    •  18.8 Netcat Act
    •  18.9 Scheduled Tasks
    •  18.10 Scheduled Tasks Act
    •  18.11 Services and Domains
    •  18.12 Persistence Review
    Module 19 – Cover Your Tracks
    •  Module 19 Notes
    •  19.1 Cover Your Tracks
    •  19.2 Cover Your Tracks – Timestamp Files Act
    •  19.3 Cover Your Tracks – Frame the Administrator Act
    •  19.4 Cover Your Tracks – Clear the Event Log Act
    •  19.5 Cover Your Tracks Review
    Module 20 – The Report
    •  Module 20 Notes
    •  20.1 The Report
    •  20.2 The Report Review
    Module 21 – Post Engagement Cleanup
    •  Module 21 Notes
    •  21.1 Post Engagement Cleanup_1
    •  21.3 Post Engagement Cleanup Review
    •  21.4 PenTest Plus Conclusion.mp4

     

     
    8. CompTIA CySA+ (Cybersecurity Analyst+) CS0-002 (SPECIALIST EXAM AVAILABLE)

    Module 1: Threat and Vulnerability Management
    Instructor Intro
    About the Exam
    Test Taking Tips and Techniques
    Explain the importance of threat data and intelligence
    Given a scenario, utilize threat intelligence to support organizational security
    Given a scenario, perform vulnerability management activities Pt 1
    Given a scenario, perform vulnerability management activities Pt 2
    Given a scenario, analyze the output from common vulnerability assessment tools
    Explain the threats and vulnerabilities associated with specialized technology
    Explain the threats and vulnerabilities associated with operating in the Cloud
    Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 1
    Given a scenario, implement controls to mitigate attacks and software vulnerabilities Pt 2
    Module 2: Software and Systems Security
    Outline
    Given a scenario, apply security solutions for infrastructure management Pt 1
    Given a scenario, apply security solutions for infrastructure management Pt 2
    Given a scenario, apply security solutions for infrastructure management Pt 3
    Flashcards
    Explain software assurance best practices
    Scatter
    Explain hardware assurance best practices
    Learn
    Speller
    Workbook
    Module 3: Security Operations and Monitoring
    Given a scenario, analyze data as part of security monitoring activities Pt 1
    Given a scenario, analyze data as part of security monitoring activities Pt 2
    Given a scenario, analyze data as part of security monitoring activities Pt 3
    Given a scenario, implement configuration changes to existing controls to improve security Pt 1
    Given a scenario, implement configuration changes to existing controls to improve security Pt 2
    Explain the importance of proactive threat hunting
    Compare and contrast automation concepts and technologies
    Module 4: Incident Response
    Explain the importance of the incident response process
    Given a scenario, apply the appropriate the incident response procedure
    Given an incident, analyze potential indicators of compromise
    Given a scenario, utilize basic digital forensic techniques
    Module 5: Compliance and Assessment
    Understand the importance of data privacy and protection
    Given a scenario, apply security concepts in support of organizational risk mitigation Pt 1
    Given a scenario, apply security concepts in support of organizational risk mitigation Pt 2
    Explain the importance of frameworks, policies, procedures, and controls Pt 1
    Explain the importance of frameworks, policies, procedures, and controls Pt 2
    Module 6: Afterword
    Recap
    Review Questions
    Before the Exam

    9. CompTIA Advanced Security Practitioner (CASP) CAS-003 (SPECIALIST EXAM AVAILABLE)

     

    Module 1 – Risk Management
    •  Module 1 Notes
    •  Intro CASP
    •  CASP Introduction
    •  Mod 1.1 Exploring Cloud Services Act
    •  Mod 1.1 Acquisition Merger Demerger
    •  Mod 1.1 Acquisition Merger Demerger Part2
    •  Mod 1.2 Compare and Contrast
    •  Mod 1.3 Given Scenario Execute Risk
    •  Mod 1.3 Given Scenario Execute Risk Part2
    •  Mod 1.3 Continuing Terminology IT Governance
    •  Mod 1.4 Analyze Security Solution Metrics and Attributes
    •  Mod 1.4 Analyze Risk
    •  Mod 1.4 Trend Analysis Act
    Module 2 – Enterprise Security Architecture
    •  Module 2 Notes
    •  Mod 2 Enterprise Security Architecture
    •  Mod 2.1 Network Device Security Act
    •  Mod 2.1 Application and Protocol
    •  Mod 2.1 Advanced Network Security Act
    •  Mod 2.1 Complex Network Security Solution
    •  Mod 2.1 Implementing VLANs Switchport Sec Act
    •  Mod 2.1 Implementing VLANs Switchport Sec Act Part2
    •  Mod 2.1 Distributed Denial of Service
    •  Mod 2.1 Exploring DoS Attacks Act
    •  Mod 2.1 Security Zones
    •  Mod 2.1 Network Access Control
    •  Mod 2.1 Searching for Vulnerable ICS-SCADA Act
    •  Mod 2.2 Analyze a Scenario Integrate Security
    •  Mod 2.2 Configuring Windows Firewall Act
    •  Mod 2.2 Log Monitoring and Auditing
    •  Mod 2.2 Group Policy Act
    •  Mod 2.2 Patch Management
    •  Mod 2.2 Management Interface
    •  Mod 2.2 Measured Launch
    •  Mod 2.3 Analyze a Scenario to Integrate Security Controls
    •  Mod 2.3 Security Implications Privacy
    •  Mod 2.3 Baseband
    •  Mod 2.4 Given Software Vulnerability Scenarios
    •  Mod 2.4 SQL Injection Act
    •  Mod 2.4 Improper Error and Exception Handling
    •  Mod 2.4 Buffer Overflows Act
    •  Mod 2.4 Memory Leaks
    •  Mod 2.4 Researching Vulnerabilities Exploits Act
    Module 3 – Enterprise Security Operations
    •  Module 3 Notes
    •  Mod 3 Enterprise Security Operations
    •  Mod 3 Runtime Debugging
    •  Mod 3.1 Fingerprinting an OS Services Act
    •  Mod 3.1 Code Review
    •  Mod 3.1 Conducting OSINT Act
    •  Mod 3.1 Types
    •  Mod 3.1 Conducting a Vulnerability Assessment Act
    •  Mod 3.2 Analyze a Scenario Output
    •  Mod 3.2 Network Sniffing Act
    •  Mod 3.2 Security Content Automation
    •  Mod 3.2 Using a SCAP Scanner Act
    •  Mod 3.2 Network Enumerator
    •  Mod 3.2 Password Cracking Act
    •  Mod 3.2 Host Vulnerability Scanner
    •  Mod 3.2 Using Command Line Tools Act
    •  Mod 3.2 OpenSSL
    •  Mod 3.2 Scanning for Heartbleed Act
    •  Mod 3.2 Local Exploitation Tools
    •  Mod 3.2 Verifying File Integrity with SFC Act
    •  Mod 3.2 Log Analysis Tools
    •  Mod 3.3 Given Scenario Implement Incident
    •  Mod 3.3 Facilitate Incident Detection Response
    •  Mod 3.3 Using Incident Response Support Tools Act
    •  Mod 3.3 Severity of Incident Detection Breach
    Module 4 – Technical Integration of Enterprise Security
    •  Module 4 Notes
    •  Mod 4 Technical Integration of Enterprise
    •  Mod 4 Technical Integration of Enterprise Part2
    •  Mod 4.1 Data Security Considerations
    •  Mod 4.1 Examining Network Diagrams Act
    •  Mod 4.1 Security and Privacy Considerations of Storage integration
    •  Mod 4.1 Exploring Directory Services and DNS Act
    •  Mod 4.2 Given Scenario Integrate Cloud and Virtualization
    •  Mod 4.2 Taking Another Look at Cloud Services Act
    •  Mod 4.2 Security Advantages and Disadvanatages of Virtualization
    •  Mod 4.2 Using Virtualization Act
    •  Mod 4.2 Cloud Augmented Security
    •  Mod 4.3 Given Scenario Integrate and Troubleshoot Advanced Authentication
    •  Mod 4.4 Given Scenario Cryptographic
    •  Mod 4.4 Cryptographic Part2
    •  Mod 4.4 Mobile Device Encryption
    •  Mod 4.4 Cryptography Act
    •  Mod 4.5 Select the Appropriate Control
    •  Mod 4.5 Phishing Act
    •  Mod 4.5 Telephony VoIP Integration
    Module 5 – Research, Development and Collaboration
    •  Module 5 Notes
    •  Mod 5 Research Methods to Determine Industry Trends
    •  Mod 5.1 Practising Threat Intelligence Act
    •  Mod 5.2 Scenario Implement Security Activities Across
    •  Mod 5.2 Static Testing
    •  Mod 5.3 Explain the Importance of Interaction
    •  CASP Conclusion

     

     

     

     

     
    10. Mile2 Certified Professional Ethical Hacker (C)PEH) (SPECIALIST EXAM AVAILABLE)
    • Module 1 – Security Fundamentals
    • Module 2 – Access Controls
    • Module 3 – Protocols
    • Module 4 -Cryptography
    • Module 5 – Why Vulnerability Assessments?
    • Module 6 – Vulnerability Tools of the Trade
    • Module 7 – Output Analysis and Reports
    • Module 8 – Reconnaissance, Enumeration & Scanning
    • Module 9 – Gaining Access
    • Module 10 – Maintaining Access
    • Module 11 – Covering Tracks
    • Module 12 – Malware
    • Module 13 – Buffer Overflows
    • Module 14 – Password Cracking
    • Appendix 1 – Economics and Law
    • Appendix 2 – Vulnerability Types
    • Appendix 3 – Assessing Web Servers
    • Appendix 4 – Assessing Remote & VPN Services
    • Appendix 5 – Denial of Services
    11. Certified Information Security Manager (CISM)
    Domain 1: Information Security Governance
    •  CISM Introduction
    •  Information Security
    •  Business Goals, Objectives, and Functions
    •  Business Goals and Information Security
    •  Information Security Threats
    •  Information Security Management
    •  Identity Management
    •  Data Protection
    •  Network Security
    •  Personnel Security
    •  Facility Security
    •  Security Compliance and Standards
    •  Information Security Strategy
    •  Inputs and Outputs of the Information Security Strategy
    •  Processes in an Information Security Strategy
    •  People in an Information Security Strategy
    •  Technologies in an Information Security Strategy
    •  Logical and Physical Information Security Strategy Architectures
    •  Information Security and Business Functions
    •  Information Security Policies and Enterprise Objectives
    •  International Standards for the Security Management
    •  ISO/IEC 27000 Standards
    •  International Info Government Standards
    •  Information Security Government Standards in the United States
    •  Methods of Coordinating Information Security Activities
    •  How to Develop an Information Security Strategy
    •  Information Security Governance
    •  Role of the Security in Governance
    •  Scope of Information Security Governance
    •  Charter of Information Security Governance
    •  Information Security Governance and Enterprise Governance
    •  How to Align Information Security Strategy with Corporate Governance
    •  Regulatory Requirements and Information Security
    •  Business Impact of Regulatory Requirements
    •  Liability Management
    •  Liability Management Strategies
    •  How to Identify Legal and Regulatory Requirements
    •  Business Case Development
    •  Budgetary Reporting Methods
    •  Budgetary Planning Strategy
    •  How to Justify Investment in Info Security
    •  Organizational Drivers
    •  Impact of Drivers on Info Security
    •  Third Party Relationships
    •  How to Identify Drivers Affecting the Organization
    •  Purpose of Obtaining Commitment to Info Security
    •  Methods for Obtaining Commitment
    •  ISSG
    •  ISSG Roles and Responsibilities
    •  ISSG Operation
    •  How to Obtain Senior Management’s Commitment to Info Security
    •  Info Security Management Roles and Responsibilities
    •  How to Define Roles and Responsibilities for Info Security
    •  The Need for Reporting and Communicating
    •  Methods for Reporting in an Organization
    •  Methods of Communication in an Organization
    •  How to Establish Reporting and Communicating Channels
    Domain 2: Risk Management
    •  Risk
    •  Risk Assessment
    •  Info Threat Types
    •  Info Vulnerabilities
    •  Common Points of Exposure
    •  Info Security Controls
    •  Types of Info Security Controls
    •  Common Info Security Countermeasures
    •  Overview of the Risk Assessment Process
    •  Factors Used in Risk Assessment and Analysis
    •  Risk Assessment Methodologies
    •  Quantitative Risk Assessment – Part 1
    •  Quantitative Risk Assessment – Part 2
    •  Qualitative Risk Assessment
    •  Hybrid Risk Assessment
    •  Best Practices for Info Security Management
    •  Gap Analysis
    •  How to Implement an Info Risk Assessment Process
    •  Info Classification Schemas
    •  Components of Info Classification Schemas
    •  Info Ownership Schemas
    •  Components of Info Ownership Schemas
    •  Info Resource Valuation
    •  Valuation Methodologies
    •  How to Determine Info Asset Classification and Ownership
    •  Baseline Modelling
    •  Control Requirements
    •  Baseline Modelling and Risk Based Assessment of Control Requirements
    •  How to Conduct Ongoing Threat and Vulnerability Evaluations
    •  BIA’s
    •  BIA Methods
    •  Factors for Determining Info Resource Sensitivity and Critically
    •  Impact of Adverse Events
    •  How to Conduct Periodic BIA’s
    •  Methods for Measuring Effectiveness of Controls and Countermeasures
    •  Risk Mitigation
    •  Risk Mitigation Strategies
    •  Effect of Implementing Risk Mitigation Strategies
    •  Acceptable Levels of Risk
    •  Cost Benefit Analysis
    •  How to Identify and Evaluate Risk Mitigation Strategies
    •  Life Cycle Processes
    •  Life Cycle-Based Risk Management
    •  Risk Management Life Cycle
    •  Business Life Cycle Processes Affected by Risk Management
    •  Life Cycled-Based Risk Management Principles and Practices
    •  How to Integrate Risk Management Into Business Life Cycle Processes
    •  Significant Changes
    •  Risk Management Process
    •  Risk Reporting Methods
    •  Components of Risk Reports
    •  How to Report Changes in Info Risk
    Domain 3: Information Security Program
    •  Info Security Strategies
    •  Common Info Security Strategies
    •  Info Security Implementation Plans
    •  Conversation of Strategies Into Implementation Plans
    •  Info Security Programs
    •  Info Security Program Maintenance
    •  Methods for Maintaining an Info Security Program
    •  Succession Planning
    •  Allocation of Jobs
    •  Program Documentation
    •  How to Develop Plans to Implement an Info Security Strategy
    •  Security Technologies and Controls
    •  Cryptographic Techniques
    •  Symmetric Cryptography
    •  Public Key Cryptography
    •  Hashes
    •  Access Control
    •  Access Control Categories
    •  Physical Access Controls
    •  Technical Access Controls
    •  Administrative Access Controls
    •  Monitoring Tools
    •  IDS’s
    •  Anti-Virus Systems
    •  Policy-Compliance Systems
    •  Common Activities Required in Info Security Programs
    •  Prerequisites for Implementing the Program
    •  Implementation Plan Management
    •  Types of Security Controls
    •  Info Security Controls Development
    •  How to Specify info Security Program Activities
    •  Business Assurance Function
    •  Common Business Assurance Functions
    •  Methods for Aligning info Security Programs with Business Assurance Functions
    •  How to Coordinate Info Security Programs with Business Assurance Functions
    •  SLA’s
    •  Internal Resources
    •  External Resources
    •  Services Provided by External Resources – Part 1
    •  Services Provided by External Resources – Part 2
    •  Skills Commonly Required for Info Security Program Implementation
    •  Dentification of Resources and Skills Required for a Particular Implementation
    •  Resource Acquisition Methods
    •  Skills Acquisition Methods
    •  How to Identify Resources Needed for Info Security Program Implementation
    •  Info Security Architectures
    •  The SABSA Model for Security Architecture
    •  Deployment Considerations
    •  Deployment of Info Security Architectures
    •  How to Develop Info Security Architecture
    •  Info Security Policies
    •  Components of Info Security Policies
    •  Info Security Policies and the Info Security Strategy
    •  Info Security Policies and Enterprise Business Objectives
    •  Info Security Policy Development Factors
    •  Methods for Communicating Info Security Policies
    •  Info Security Policy Maintenance
    •  How to Develop Info Security Policies
    •  Info Security Awareness Program, Training Programs, and Education Programs
    •  Security Awareness, Training, and Education Gap Analysis
    •  Methods for Closing the Security Awareness, Training, and Education Gaps
    •  Security-Based Cultures and Behaviours
    •  Methods for Establishing and Maintaining a Security-Based Culture in the Enterprise
    •  How to Develop Info Security Awareness, Training, and Education Programs
    •  Supporting Documentation for Info Security Policies
    •  Standards, Procedures, Guidelines, and Baselines
    •  Codes of Conduct
    •  NDA’s
    •  Methods for Developing Supporting Documentation
    •  Methods for Implementing Supporting Documentation and for Communicating Supporting Documentation
    •  Methods for Maintaining Supporting Documentation
    •  C and A
    •  C and A Programs
    •  How to Develop Supporting Documentation for Info Security Policies
    Domain 4: Information Security Program Implementation
    •  Enterprise Business Objectives
    •  Integrating Enterprise Business Objectives & Info Security Policies
    •  Organizational Processes
    •  Change Control
    •  Merges & Acquisitions
    •  Organizational Processes & Info Security Policies
    •  Methods for Integrating Info Security Policies & Organizational Processes
    •  Life Cycle Methodologies
    •  Types of Life Cycle Methodologies
    •  How to Integrate Info Security Requirements Into Organizational Processes
    •  Types of Contracts Affected by Info Security Programs
    •  Joint Ventures
    •  Outsourced Provides & Info Security
    •  Business Partners & Info Security
    •  Customers & Info Security
    •  Third Party & Info Security
    •  Risk Management
    •  Risk Management Methods & Techniques for Third Parties
    •  SLA’s & Info Security
    •  Contracts & Info Security
    •  Due Diligence & Info Security
    •  Suppliers & Info Security
    •  Subcontractors & Info Security
    •  How to Integrate Info Security Controls Into Contracts
    •  Info Security Metrics
    •  Types of Metrics Commonly Used for Info Security
    •  Metric Design, Development & Implementation
    •  Goals of Evaluating Info Security Controls
    •  Methods of Evaluating Info Security Controls
    •  Vulnerability Testing
    •  Types of Vulnerability Testing
    •  Effects of Vulnerability Assessment & Testing
    •  Vulnerability Correction
    •  Commercial Assessment Tools
    •  Goals of Tracking Info Security Awareness, Training, & Education Programs
    •  Methods for Tracking Info Security Awareness, Training, & Education Programs
    •  Evaluation of Training Effectiveness & Relevance
    •  How to Create Info Security Program Evaluation Metrics
    Domain 5: Information Security Program Management
    •  Management Metrics
    •  Types of Management Metrics
    •  Data Collection
    •  Periodic Reviews
    •  Monitoring Approaches
    •  KPI’s
    •  Types of Measurements
    •  Other Measurements
    •  Info Security Reviews
    •  The Role of Assurance Providers
    •  Comparing Internal and External Assurance Providers
    •  Line Management Technique
    •  Budgeting
    •  Staff Management
    •  Facilities
    •  How to Manage Info Security Program Resources
    •  Security Policies
    •  Security Policy Components
    •  Implementation of Info Security Policies
    •  Administrative Processes and Procedures
    •  Access Control Types
    •  ACM
    •  Access Security Policy Principles
    •  Identity Management and Compliance
    •  Authentication Factors
    •  Remote Access
    •  User Registration
    •  Procurement
    •  How to Enforce Policy and Standards Compliance
    •  Types of Third Party Relationships
    •  Methods for Managing Info Security Regarding Third Parties
    •  Security Service Providers
    •  Third Party Contract Provisions
    •  Methods to Define Security Requirements in SLA’s, Security Provisions and SLA’s, and Methods to Monitor Security
    •  How to Enforce Contractual Info Security Controls
    •  SDLC
    •  Code Development
    •  Common Techniques for Security Enforcement
    •  How to Enforce Info Security During Systems Development
    •  Maintenance
    •  Methods of Monitoring Security Activities
    •  Impact of Change and Configuration Management Activities
    •  How to Maintain Info Security Within an Organization
    •  Due Diligence Activities
    •  Types of Due Diligence Activities
    •  Reviews of Info Access
    •  Standards of Managing and Controlling Info Access
    •  How to Provide Info Security Advice and Guidance
    •  Info Security Awareness
    •  Types of Info Security Stakeholders
    •  Methods of Stakeholder Education
    •  Security Stakeholder Education Process
    •  How to Provide Info Security Awareness and Training
    •  Methods of Testing the Effectiveness of Info Security Control
    •  The Penetration Testing Process
    •  Types of Penetration Testing
    •  Password Cracking
    •  Social Engineering Attacks
    •  Social Engineering Types
    •  External Vulnerability Reporting Sources
    •  Regulatory Reporting Requirements
    •  Internal Reporting Requirements
    •  How to Analyze the Effectiveness of Info Security Controls
    •  Noncompliance Issues
    •  Security Baselines
    •  Events Affecting the Security Baseline
    •  Info Security Problem Management Process
    •  How to Resolve Noncompliance Issues
    Domain 6: Incident Management and Response
    •  Incident Response Capability
    •  Components of Incident Response
    •  BCP
    •  BIA Phase
    •  Coop
    •  DRP
    •  Alternate Sites
    •  Develop a BCP
    •  Develop a DRP
    •  MTD
    •  RPO
    •  RTO
    •  Data Backup Strategies
    •  Data Backup Types
    •  Data Restoration Strategies
    •  Info Incident Management Practices
    •  IRP
    •  Trigger Events and Types of Trigger Events
    •  Methods of Containing Damage
    •  How to Develop an IRP
    •  Escalation Process
    •  Notification Process
    •  IRT
    •  Crisis Communication
    •  How to Establish an Escalation Process
    •  Internal Reporting Requirements
    •  External Reporting Requirements
    •  Communication Process
    •  How to Develop a Communication Process
    •  IRP and DRP
    •  IRP and BCP
    •  Methods of Identifying Business Resources Essential to Recovery
    •  How to Integrate an IRP
    •  Role of Primary IRT Members and Role of Additional IRT Members
    •  Response Team Tools and Equipment
    •  How to Develop IRT’s
    •  BCP testing
    •  Disaster Recovery Testing
    •  Schedule Disaster Recovery Testing
    •  Refine IRP
    •  How to Test an IRP
    •  Damage Assessment
    •  Business Impacts Cause by Security Incidents
    •  How to Manage Responses to Info Security Incidents
    •  Computer and Digital Forensics
    •  Forensic Requirements for Responding to Info Security Incidents
    •  Evidence Life Cycle
    •  Evidence Collection
    •  Evidence Types
    •  Five Common Rules of Evidence
    •  Chain of Custody
    •  How to Investigate an Info Security Incident
    •  PIR Methods
    •  Security Incident Review Process
    •  Investigate Cause of a Security Incident
    •  Identify Corrective Actions
    •  Reassess Security Risks After a Security Incident
    •  How to Conduct a Post-Incident Review
    •  Outro – Pre Test/Test Strategy
    •  Post Test
     
     
    12. Certified Information Systems Auditor (CISA)

    Lesson 1
    •  Introduction
    •  Audit Process
    •  Auditing Standards
    •  Auditing Guidelines
    •  Cobit Model
    •  Audit Management
    •  Internal Control Classifications
    •  Planning
    •  Program
    •  Evidence
    •  Audit Control Evaluation
    •  CSA Control Self-Assessment
    Lesson 2
    •  IT Governance
    •  Governance & Security Policies
    •  Outsourcing & Governance
    •  Outsourcing & Globalization
    •  Organizational Compliance
    •  IT Strategy
    •  IT Performance
    Lesson 3
    •  System & Infrastructure
    •  Requirements
    •  Project Management Tools – Part 1
    •  Project Management Tools – Part 2
    •  Applications
    •  Agile Development
    •  Monitoring & Controlling
    •  Acquisition Process
    •  Testing Process
    •  Information Systems Maintenance Practices
    •  Data Conversion Tools
    Lesson 4
    •  Media Disposal Process
    •  Post Implementation Review
    •  Periodic Review
    •  System Maintenance
    Lesson 5
    •  IT Service Delivery and Support
    •  How to Evaluate Service Level Management Practices
    •  Operations Management
    •  Databases
    •  Structured Query Language (SQL)
    •  Monitoring Performance
    •  Source Code and Performance Monitoring
    •  Patch Management
    •  Incident Management
    •  Hardware Component Types
    •  Network Component Types
    Lesson 6
    •  IS Auditor Technical Overview
    •  Security Design
    •  Monitoring Systems
    •  Types of Attacks
    •  Cryptography
    •  Encryption
    •  Asymmetric Encryption
    •  Digital Certificate
    •  Different Kinds of Attacks
    •  Access Controls
    •  Identification and Authentication
    •  Physical Access Exposure
    •  Environmental Security
    •  Network Security Devices and Network Components
    •  Network Address Translation
    •  Virtual Private Networks (VPNs)
    •  Voice System Risks
    •  Intrusion Detection
    •  Firewalls
    •  Firewall Implementation
    •  Network Access Protection
    •  HoneyPot
    •  Risks to Portable and Wireless Devices
    •  Bluetooth
    •  OSI Networking
    •  Managing Data
    Lesson 7
    •  Business Continuity and Disaster Recovery
    •  Fault Tolerance
    •  Business Continuity and Disaster Recovery Regulations

     

     
    13. Certified Information Systems Security Professional (CISSP)

    Module 1: Security and Risk Management
    •  Introduction
    •  CIA Triad Security Governance – Part 1
    •  CIA Triad Security Governance – Part 2
    •  Compliance Legal And Regulatory Issues – Part 1
    •  Compliance Legal And Regulatory Issues – Part 2
    •  Understanding Professional Ethics – Part 1
    •  Understanding Professional Ethics – Part 2
    •  Risk Management – Part 1
    •  Risk Management – Part 2
    •  Threat Modelling Acquisition Strategy And Practice Security Awareness And Training – Part 1
    •  Threat Modelling Acquisition Strategy And Practice Security Awareness And Training – Part 2
    Module 2: Asset Security
    •  Asset Security – Part 1
    •  Asset Security – Part 2
    Module 3: Security Engineering
    •  Engineering And Management Of Security – Part 1
    •  Engineering And Management Of Security – Part 2
    •  Engineering And Management Of Security – Part 3
    •  Engineering And Management Of Security – Part 4
    •  Engineering And Management Of Security – Part 5
    •  Engineering And Management Of Security – Part 6
    Module 4: Communication and Network Security
    •  Apply Secure Design Principles To Networks – Part 1
    •  Apply Secure Design Principles To Networks – Part 2
    •  Apply Secure Design Principles To Networks – Part 3
    •  Apply Secure Design Principles To Networks – Part 4
    •  Apply Secure Design Principles To Networks – Part 5
    •  Apply Secure Design Principles To Networks – Part 6
    •  Securing Network Components – Part 1
    •  Securing Network Components – Part 2
    •  Design And Establish Secure Communication Channels – Part 1
    •  Design And Establish Secure Communication Channels – Part 2
    •  Design And Establish Secure Communication Channels – Part 3
    Module 5: Identity and Access Management
    •  Controlling Access And Managing Identity – Part 1
    •  Controlling Access And Managing Identity – Part 2
    •  Controlling Access And Managing Identity – Part 3
    •  Controlling Access And Managing Identity – Part 4
    Module 6: Security Assessment Testing
    •  Designing Performing And Analyzing Security Testing
    Module 7: Security Operations
    •  Foundational Concepts And Investigations – Part 1
    •  Foundational Concepts And Investigations – Part 2
    •  Incident Management And Preventative Measures – Part 1
    •  Incident Management And Preventative Measures – Part 2
    •  Disaster Recovery Process – Part 1
    •  Disaster Recovery Process – Part 2
    Module 8: Software Development Security
    •  Understanding Applying And Enforcing Software Security – Part 1
    •  Understanding Applying And Enforcing Software Security – Part 2
    •  Conclusion

     

     
    14. Cloud Computing Security Knowledge (CCSK)

    Module 1: Architecture
    •  Cloud Security Overview-Part1
    •  Cloud Security Overview-Part2
    •  Cloud Diagrams
    •  Cloud Services
    Module 2: Governance and Enterprise Risk
    •  Risk Management
    •  Corporate Governance
    •  Enterprise Risk Management
    •  Risk Management Balance Process Supply Chain Security
    •  ERM Incidents Recommendations-Part1
    •  ERM Incidents Recommendations-Part2
    •  ERM Incidents Recommendations-Part3
    Module 3: Legal Issues- Contracts and Electronic
    •  Cloud Legal Issues-Part1
    •  Cloud Legal Issues-Part2
    •  Cloud Legal Issues-Part3
    Module 4: Compliance and Audit Management
    •  Audits
    •  Compliance And Audit
    •  Audit Recommendations
    •  Audit Requirements
    Module 5: Information Management and Data Security
    •  Information And Security
    •  Storage
    •  Information Governance Classification
    •  Data Security
    •  Protecting Data Moving
    •  Client Database Encryption
    •  PaaS Encryption
    Module 6: Interoperability and Portability
    •  Interoperability And Portability
    •  Interoperability Recommendations
    •  Portability Recommendations
    •  Recommendations SAAS
    Module 7: Traditional Security, Business Continuity, and Disaster Recovery
    •  Business Continuity And Disaster Recovery
    •  Assessing CSP Security
    •  Equipment Maintenance
    •  Recommendations
    Module 8: Data Center Operations
    •  Data Center Operations
    Module 9: Incident Response
    •  Incident Response
    •  Testing
    •  IaaS
    •  C.E.R.- Containment, Eradication, And Recovery
    Module 10: Application Security
    •  Application Security
    •  Security Testing
    •  Audit Compliance
    •  Security Assurance Recommendations
    Module 11: Encryption and Key Management
    •  Encryption And Key Management
    •  Content Aware Encryption
    •  Storage Of Keys
    Module 12: Identity, Entitlement, and Access Management
    •  Building Access Control
    •  Intro To Identity
    •  Entitlement Process
    •  Trust With Identity
    •  Recommendations For Identity Management
    Module 13: Virtualization
    •  Virtualization
    •  Hypervisor And Virtual Machine
    •  Inter-Virtual Machine Attacks
    •  Virtual Machine Encryption
    •  Virtual Machine Recommendations And Requirements
    Module 14: Security as a Service
    •  Security As A Service
    •  Security Offerings
    •  Intrusion Detection Prevention
    •  Business Continuity And Disaster Recovery
    •  European CCSK
    •  Top Security Benefits
    •  European Legal Based Issues

     

     
     

    Meet someone working in cyber security

     
     

    MeasureUP practice tests included

     
    As part of this course, you will get access to MeasureUP practice tests to help prepare you for your exams. MeasureUP practice tests are endorsed by a range of certification bodies such as CompTIA, Microsoft, and Cisco.

     

    Features of MeasureUP practice tests:

     

    • Questions are similar to exam questions, allowing you to test your knowledge of exam objectives
    • Detailed explanations for both correct and distractor answers reinforce the material
    • ‘Practice Mode’ covers all objectives ensuring topics are covered
    • ‘Certification Mode’ (timed) prepares students for exam taking conditions
    • Instant, drill-down score reports tell you exactly the areas to focus on

     

    Watch this video to learn more about MeasureUP practice tests.

    Potential future career paths

     

    • Cyber Security Engineer
    • Cyber Security Analyst
    • Cyber Security Investigator
    • Cyber Threat Analyst
    • Cyber Threat Consultant
    • IT Security Specialist
    • IT Security Consultant
    • IT Support Technician
    • Network Engineer
    • Network Consultant
    • Data Centre Manager
    • IT Manager
    • IT Sales Account Manager
    • IT Consultant
    • Systems Administrator

    How long do I have to complete the course?

     

    You have 12 months to complete the courses and take the exams.

     

    Watch this video to learn more about CompTIA certifications.

    Further questions?

     

    If you have any further questions about this course, please call us on 020 7183 8790 or drop us an email at support@redbridgecourses.com. We’re available Mon-Fri, 9am-6pm. Our support team will be happy to answer any questions you may have.

     

    Would you like to see a demo?

     

    Complete the form below and we’ll be in contact to arrange a demo of the course material and features. You can also use this form to arrange a call back. We’re happy to discuss the course and career program with you in more depth.

    "*" indicates required fields

    Name*
    See Redbridge's Privacy Policy and Terms & Conditions for more information.
    See Redbridge's Privacy Policy and Terms & Conditions for more information.