Certified Information System Security Professional (CISSP) CBK Review Training Course

This is a one day Introduction to ISO27001

ISO/IEC 27005 Foundation training enables you to learn the basic elements to manage Information Security Risks as specified in ISO/IEC 27005. During this training course, you will be able to understand the concepts and models of Information Security Risk Management.

After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27005 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, processes and management approach.

Who should attend?

• Individuals interested in Information Security Risk Management
• Individuals seeking to gain knowledge about the main processes of Information Security Risk Management
• Individuals interested to pursue a career in Information Security Risk Management

The “PECB Certified ISO/IEC 27005 Foundation” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

Domain 1: Fundamental principles and concepts of Risk Management in Information Security

Domain 2: Information Security Risk Management approaches and processes

After successfully completing the exam, you can apply for the “PECB Certified ISO/IEC 27005 Foundation” credential.

General Information

Certification fees are included in the exam price

• Training material containing over 200 pages of information and practical examples will be distributed
• A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

Why should you attend?

ISO/IEC 27005 training course enables you to comprehend the basic concepts of Information Security Risk Management by using the standard ISO/IEC 27005 as a reference framework.

By attending the ISO/IEC 27005 Introduction training course, you will understand the importance of Information Security Risk Management and the benefits that businesses, society and governments can obtain. 

Who should attend?

• Individuals interested in Information Security Risk Management
• Individuals seeking to gain knowledge about the main processes of Information Security Risk Management

ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.

After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By holding a PECB Lead Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.

Who should attend?

• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 3 hours

The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security Risk Management
• Domain 2 Implementation of an Information Security Risk Management program
• Domain 3 Information security risk assessment
• Domain 4 Information security risk treatment
• Domain 5 Information security risk communication, monitoring and improvement
• Domain 6 Information security risk assessment methodologies

General Information

• Certification fees are included on the exam price
• Training material containing over 350 pages of information and practical examples will be distributed
• A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework.

During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.

After understanding all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Risk Manager” credential. By holding a PECB Risk Manager Certificate, you will be able to demonstrate that you have the necessary skills and knowledge to perform an optimal Information Security Risk Assessment and timely manage Information Security risks.

Who should attend?

• Information Security risk managers
• Information Security team members
• Individuals responsible for Information Security, compliance, and risk within an organization
• Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 2 hours

The “PECB Certified ISO/IEC 27005 Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

• Domain 1 Fundamental principles and concepts of Information Security Risk Management
• Domain 2 Implementation of an Information Security Risk Management program
• Domain 3 Information Security risk management framework and process based on ISO/IEC 27005
• Domain 4 Other Information Security risk assessment methods

General information

• Certification fees are included on the exam price
• Training material containing over 350 pages of information and practical examples will be distributed
• A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

Description:

CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.

Our CISA course is an intense, very competitive and exam focused training course. With experience of delivering more than 150+ CISA trainings in Europe and around the world and training more than 1200+ CISA delegates, the Net Security CISA training material has been developed in house with the top priority of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology focuses on understanding the CISA IS auditing concepts and practicing large number of ISACA released question banks from the last three years. Over a period, CISA holders have been in huge demand with renowned accountings firms, global banks, advisory, assurance, and internal audit departments.

Delegates may have years of experience in IT auditing but perspective towards solving CISA questionnaires will solely depend on their understanding to globally accepted IT assurance practices. CISA exam is very challenging because the chance of a very tight clash between two possible answers exists and that is where ISACA tests you on your understanding in global IT auditing practices. To address these exam challenges, we always provide the best trainers who have extensive experience in delivering CISA training around the world.

The Net Security CISA manual covers all exam-relevant concepts, case studies, Q&A's across CISA five domains. Further, the Trainer shares the key CISA supporting material like relevant CISA notes, question banks, CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course.

Goal:

The ultimate goal is to pass your CISA examination first time.

Objectives:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Provide audit services in accordance with IT audit standards
• Provide assurance on leadership and organizational structure and processes
• Provide assurance on acquisition/ development, testing and implementation of IT assets
• Provide assurance on IT operations including service operations and third party
• Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience:

Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

A thorough, practical, 3 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. The CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a CESG Certified Training (CCT) course.

The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination.

This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.

This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.

This class will help the attendees to scan, test, hack and secure their own systems. To gain an in-depth knowledge and practical experience with the current essential security systems. The attendees will get to know how perimeter defences work and then be led into scanning and attacking their own networks, no real network is harmed. The attendees then will learn how intruders escalate privileges and what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

The training is directed to all operating systems administrators, who plan to implement a public key infrastructure based on MS Windows Server 2012 R2 and plan to use qualified electronic signature certificates. 

The participants will learn about the basic issues related to the implementation of public key infrastructure, and also with the idea of ​​applying the latest cryptographic solutions for securing information systems. 

On the basis of MS Windows Server 2012 R2 are discussed possibilities of using certification services for the enterprise.During the training in a virtual environment is installed complete certification center and discuss the most important issues related to the management and administration of public key infrastructure in an Active Directory domain.

The training includes theoretical and practical knowledge on the use of electronic signatures issued by certification centers in Poland under the "Act on Electronic Signatures." These are legal issues, legal requirements, as well as examples of the use of certificates of electronic signatures in Poland.

The participants will gain the knowledge needed to create electronic correspondence relating to communication with the public authorities and other services that allow or require the use of a type of ID.

Digital identity refers to the information used by computer systems to verify user identity. Some issues related to digital identity include e-signatures, access control and fraud detection.

This instructor-led, live training (online or onsite) is aimed at engineers in telecommunication companies who wish to set up an end-to-end digital identity management system.

By the end of this training, participants will be able to:

• Understand, evaluate and adopt different approaches to managing usernames and passwords.
• Setup a single login system that works across all applications used in a telecom environment.
• Use identity technology to get a clear understanding of their customers and their needs. 
• Implement an authentication system that works across different platforms (laptop, mobile, etc.).

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Description:

This course is the non-certifcation version of the "CISA - Certified Information Systems Auditor" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.

Objectives:

• Use the knowledge gained to benefit your organisation
• Provide audit services in accordance with IT audit standards
• Provide assurance on leadership and organizational structure and processes
• Provide assurance on acquisition/ development, testing and implementation of IT assets
• Provide assurance on IT operations including service operations and third party
• Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience:

Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

Information Systems Security refers to the protection of information systems against unauthorized access.

This instructor-led, live training (online or onsite) is aimed at engineers who wish to learn the methods and tools needed to protect their organization's information systems against attack.

By the end of this training, participants will be able to:

• Understand information security at both the computer level and communications level.
• Prevent physical and digital access to private information systems.
• Prevent the modification of information that is in storage, being processed, or being transmitted.
• Protect against denial of service attacks.
• Take the necessary measures to detect, document, and counter security threats.
• Ensure that organizational information is kept confidential.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

The ISO/IEC 27701 Lead Auditor training course enables you to develop the necessary skills to perform a Privacy Information Management System (PIMS) audit by applying widely recognized audit principles, procedures and techniques.

Why should you attend?

During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.

Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.

After completing this training course, you can sit for the exam and, if you successfully pass the exam, you can apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential. The internationally recognized PECB Lead Auditor certificate proves that you have the capabilities and competences to audit organizations based on best practices.

Who should attend?

• Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
• Managers or consultants seeking to master a PIMS audit process
• Individuals responsible for maintaining conformance with PIMS requirements
• Technical experts seeking to prepare for a PIMS audit
• Expert advisors in the protection of Personally Identifiable Information (PII) 

Learning objectives

• Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
• Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
• Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit

Education approach

• This training is based on both theory and best practices used in PIMS audits
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role-playing and discussions
• Practice tests are similar to the Certification Exam

General information

• Participants will be provided with the training material containing over 400 pages of explanatory information, discussion topics, examples and exercises.
• An attendance record certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.

IBM Qradar SIEM is a security analytic suite for gaining insight into critical threats. Using IBM Qradar SIEM, users can gain insights, identify threats, and automate security intelligence.

This instructor-led, live training (online or onsite) is aimed at security engineers who wish to use IBM Qradar SIEM to address pressing security use cases.

By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to hunt threats and to contain risks.
• Detect, identify, and prioritize threats.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.