This course is presented as Live Virtual Training. Click for more details.

Advance Your Career

ALC’s 5-day Cyber Security Foundation+Practitioner™ course is designed for anyone who wants a sound understanding of Information / Cyber Security and a solid base on which to build their career. It is ideal for someone wanting to start a career in Cyber Security, or to transition their career. There are no pre-requisites to attend.

Maximise Your Cyber Resilience

The course follows a robust syllabus that covers all the key areas you need to know. At the same time, it provides maximum regional relevance by fully taking into account appropriate sections from the Australian Government Information Security Manual (ISM).

"I just wanted to let you know that the trainer for this course here in NZ is really fantastic. He was able to explain the concepts and frameworks in a way that was very clear, with real world examples to help demonstrate things in a really relatable way. I was most likely the least technically minded person on the course but was never made to feel like the concepts being taught were something I wouldn't be able to grasp, and my questions were never dismissed as too basic or irrelevant."  - Service Delivery Manager

 

Learning outcomes

The key objective is for each participant to complete the course and retain a very solid understanding and appreciation of the fundamentals of Cyber Security:

  • Cyber Security Concepts
  • Risk Management & Assurance
  • Security Architecture
  • Physical Security
  • Network Security
  • Endpoint Security
  • Incident Response

One of the special features of this course is its mix of theory and practical exercises, all designed to maximise understanding and retention. Strong use is made of a case study. Participants are provided with a download link where sample Word and Excel templates for the case study may be found, along with useful artefacts referenced in the material. Exercises include:

  • Develop an asset register
  • Identify threats, determine risks, and make recommendations
  • Evaluate service provider models, contrasting risks and opportunities
  • Discuss risks associated with storing data in the cloud
  • Select security architecture design principles
  • List and prioritise business-critical operations for business continuity
  • Evaluate the benefits of an in-house incident response capability versus using a managed service model

Who should attend

The course is designed for:

  • Anyone starting a career in information / cyber security
  • IT professionals wanting to transition their career into cyber security
  • Anyone needing a robust introduction to cyber security
  • Anyone planning to work in a position that requires cyber security knowledge
  • Anyone with information / cyber security responsibilities
  • Anyone who has learned “on the job” but who would benefit from a formal presentation to consolidate their knowledge
  • Professionals familiar with basic IT and information security concepts and who need to round out their knowledge

Course contents

1. Cyber Security Concepts

Cyber Security Concepts

  • Defining cyber security
  • Cyber security triad
  • Cyber security landscape
  • Defining assets, threats, vulnerabilities, likelihood, consequence, and risk

Cyber Security Strategy

  • Business Strategy
  • Governance, Risk Management and Compliance (GRC)
  • Cyber Security Policy Framework
  • Education, Training, and Awareness

Laws & Regulations

  • Privacy laws and principles
  • International data protection legislation
  • Privacy Impact Assessment (PIA)
  • Cyber Crime Law
  • Regulations and corporate industry requirements for Directors
  • Intellectual property, issues, and attacks

Standards & Frameworks

  • ISO/IEC 27001
  • NIST Cybersecurity Framework
  • Payment Card Industry Data Security Standard (PCI DSS)

Roles & Responsibilities

  • Organisational structure
  • Ethics

Knowledge Check

  • Introduction to the Case Study
  • Practical session:
    • Exercise #1 – Development of a cyber asset register
2. Risk Management

Risk Management Concepts and Definitions

  • Various states of risk (inherent, current, residual)
  • Specialised risk topics (systemic, systematic, aggregation)
  • Risk Appetite and Tolerance
  • ISO/IEC 31000 Risk Management Process
  • Risk Assessment – Identification, Analysis, and Evaluation
  • Risk Treatment
  • Risk Register and Risk Treatment Plan
  • Risk Monitoring Metrics

Risk Management Threats and Opportunities

  • Evolution of the Threat Landscape
  • Advanced Persistent Threats
  • Lockheed Martin Cyber Kill Chain®
  • Developing a threat taxonomy
  • Threat characteristics
  • Common types of malicious software
  • Common malware attack methods
  • Surface Web, Deep Wen, and Dark Web
  • Social Engineering Attacks
  • Applets
  • Bring Your Own Device
  • The Internet of Things

Controls and Enablers
Defence-in-Depth Controls
CERT NZ Critical Controls
ACSC Essential Eight

  • Strategies to mitigate Targeted Cyber Intrusions
  • The Essential Eight
  • The Essential Eight Maturity Model

Knowledge Check

  • Practical session:
    • Exercise #2.1 – Development of a threat taxonomy and identification of vulnerabilities
    • Exercise #2.2 – Evaluate current controls and current risk level
3. Security Architecture

Security Architecture Concepts and Definitions

  • Security Architecture Frameworks – SABSA and TOGAF
  • Security Architecture Design Principles – Viega & McGraw, and Saltzer & Schroeder

Certification and Accreditation

  • Evaluation Standards – Common Criteria, TCSEC, ITSEC, CTCPEC
  • Common Criteria – Evaluation Assurance Levels
  • Internet Engineering Task Force
  • FIPS Standards for Encryption
  • FIPS 140-3

Service Models

  • Insourcing, outsourcing, and managed services
  • Single provider, multiple providers, and prime provider

Cloud Computing

  • Characteristics of Cloud Computing
  • Cloud Computing Building Blocks
  • Cloud Service Models
  • Cloud Deployment Models
  • Shared Responsibility Model
  • Cloud Vulnerabilities and Risks
  • Server Virtualisation – Benefits and Security Issues
  • Storage Virtualisation
  • Cloud Access Security Brokers
  • Assessing Cloud Environments
  • Cloud Security Alliance Pandemic Eleven

Cryptography

  • Symmetric algorithms
  • Asymmetric algorithms
  • Hashing algorithms
  • Message Authentication Code
  • Digital Signatures

Emerging Technologies

  • Artificial Intelligence
  • Internet of Things
  • Quantum Computing
  • BlockChain

Knowledge Check

  • Practical session:
    • Exercise #3 – Recommendations for service provider models in addressing risks
    • Exercise #4.1 – Identify the challenges associated with using cloud solutions
    • Exercise #4.2 – Identify security architecture design principles
4. Physical Security

Perimeter Security

  • Fences, gates and bollards
  • Guards, dogs and lighting
  • CCTV

Building Security

  • Lock grades and key types
  • Lock picking, bump keys and bump guns
  • Adjacent buildings and shared tenancy
  • Demarcation issues
  • Server rooms and storage
  • Doors, windows, and walls
  • Local crime
  • Access control cards
  • RFID Tags
  • Contraband checks

Physical Access Control

  • Tailgating
  • Mantraps
  • Turnstiles
  • Dumpster diving
  • Motion detectors

Environmental Controls

  • Electricity
  • Emergency power
  • Electromagnetic interference
  • HVAC for environmental control
  • Fire Suppression Agents
  • Sprinkler Systems

Knowledge Check

5. Network Security

Network Fundamentals

  • OSI Model
  • TCP/IP Model – Original and Updated
  • Encapsulation and De-encapsulation
  • Port numbers and TCP/UDP flags
  • TCP three-way handshake
  • Voice over IP (VoIP)
  • Domain Name System (DNS)
  • IP Addressing – Classful, Classless, RFC1918
  • IP Masquerading and Network Address Translation
  • IP version 4 and IP version 6
  • Network Topologies
  • Network Security Zones
  • Zero Trust Networks

Network Security

  • Firewalls
  • Firewall Designs
  • Firewall Implementation Issues
  • Intrusion Detection and Prevention Systems (IDPS)
  • Secure Email Gateway (SEG)
  • Secure Web Gateway (SWG)
  • Data Loss Prevention (DLP)
  • Public Key Infrastructure (PKI)
  • IEE 802.1x Extensible Authentication Protocol (EAP)
  • Remote Authentication Dial-in User Service (RADIUS)
  • Internet Protocol Security (IPSec)

Knowledge Check

6. Endpoint Security

Endpoint Security

  • Servers, desktops, laptops, tablets, mobile devices, wearables
  • Endpoint Detection and Response (EDR)
  • Extended Detection and Response (XDR)
  • Specialised Endpoint Systems

Application Security

  • Systems Development Life Cycle
  • OWASP Top 10
  • STRIDE Threat Modelling
  • DREAD Threat Modelling
  • Web Application Firewall
  • Database Activity Monitor

Data Security

  • Data ownership roles and responsibilities
  • Data classification and labelling
  • Authentication, Authorisation and Accounting (AAA)
  • Access control
  • Privileged Access Management (PAM)
  • Access control models and implementation
  • Data governance and lifecycle
  • Data remanence

Knowledge Check

  • Practical session:
    • Exercise #5.1 – Complete the risk assessment from exercise 2 by recommending controls
    • Exercise #5.2 – Create a data classification scheme
7. Incident Response

Incident Response Management

  • Security logging
  • Security Information and Event Management (SIEM)
  • Security Orchestration Automation & Response (SOAR)
  • Security events and incidents
  • Incident Response Methodology using NIST SP800-61

Business Continuity and Disaster Recovery

  • Business Continuity Planning
  • Disaster Recovery Planning
  • Standards and Frameworks
  • NIST SP800-34
  • Business Continuity Institute Good Practice Guide

Digital Forensics

  • General phases of the forensic process
  • Digital forensics challenges
  • Anti-forensics
  • Forensic media analysis
  • Network forensics
  • Embedded device forensics
  • eDiscovery

Security Assurance

  • Configuration management
  • Minimum Security Baselines
  • Security Audits
  • Security Assessments
  • Security Testing
  • Vulnerability Assessments
  • Penetration Testing

Knowledge Check

  • Practical session:
    • Exercise #6 – Identify and rank the three most important business operations
    • Exercise #7 – Examination of insourcing or using a managed service for incident response
  • Mock Exam – 2 hours
  • Final exam study and preparation
  • Final Exam – 2 hours

Course fees

Foundation + Practitioner Certificate Exam

Live Virtual Training – Participants will sit the exam online during the course. The exams are invigilated live by the ALC trainer and supporting staff. The online exam is run via the exam portal Test Invite and accessed via a web browser.

Face-to-Face Training – Participants will be provided with a paper-based exam which is completed whilst at the course in the same venue of the course itself.

The exam is 2 hours in duration and comprises three parts. in Part A there are 75 questions worth 1 mark each. In Part B there are 5 questions worth 2 marks each & Part C there are 5 questions worth 3 marks each.  The pass mark is 65%.  There is only one correct answer to each question and no marks are deducted for incorrect answers.

The Cyber Security Foundation+Practitioner Certificate is issued to those who successfully pass the exam.

One free exam re-sit is available for each participant.