2 Information Security (IS) courses in Stroud

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - A. ORGANIZATIONAL GOVERNANCE * Organizational Strategy, Goals, and Objectives * Organizational Structure, Roles, and Responsibilities * Organizational Culture * Policies and Standards * Business Processes * Organizational Assets GOVERNANCE - B. RISK GOVERNANCE * Enterprise Risk Management and Risk Management Framework * Three Lines of Defense * Risk Profile * Risk Appetite and Risk Tolerance * Legal, Regulatory, and Contractual Requirements * Professional Ethics of Risk Management IT RISK ASSESSMENT - A. IT RISK IDENTIFICATION * Risk Events (e.g., contributing conditions, loss result) * Threat Modelling and Threat Landscape * Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) * Risk Scenario Development IT RISK ASSESSMENT - B. IT RISK ANALYSIS AND EVALUATION * Risk Assessment Concepts, Standards, and Frameworks * Risk Register * Risk Analysis Methodologies * Business Impact Analysis * Inherent and Residual Risk RISK RESPONSE AND REPORTING - A. RISK RESPONSE * Risk Treatment / Risk Response Options * Risk and Control Ownership * Third-Party Risk Management * Issue, Finding, and Exception Management * Management of Emerging Risk RISK RESPONSE AND REPORTING - B. CONTROL DESIGN AND IMPLEMENTATION * Control Types, Standards, and Frameworks * Control Design, Selection, and Analysis * Control Implementation * Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - C. RISK MONITORING AND REPORTING * Risk Treatment Plans * Data Collection, Aggregation, Analysis, and Validation * Risk and Control Monitoring Techniques * Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) * Key Performance Indicators * Key Risk Indicators (KRIs) * Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - A. INFORMATION TECHNOLOGY PRINCIPLES * Enterprise Architecture * IT Operations Management (e.g., change management, IT assets, problems, incidents) * Project Management * Disaster Recovery Management (DRM) * Data Lifecycle Management * System Development Life Cycle (SDLC) * Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - B. INFORMATION SECURITY PRINCIPLES * Information Security Concepts, Frameworks, and Standards * Information Security Awareness Training * Business Continuity Management * Data Privacy and Data Protection Principles

Duration 5 Days 30 CPD hours This course is intended for The C|CT is ideal for anyone looking to start their career in cybersecurity or add a strong foundational understanding of the cybersecurity concepts and techniques required to be effective on the job. The course is especially well suited to: Early-career IT professionals, IT managers, career changers, and career advancers Students and recent graduates Overview After completing this course, you will understand: Key concepts in cybersecurity, including information security and network security Information security threats, vulnerabilities, and attacks The different types of malware Identification, authentication, and authorization Network security controls Network security assessment techniques and tools (threat hunting, threat intelligence, vulnerability assessment, ethical hacking, penetration testing, configuration and asset management) Application security design and testing techniques Fundamentals of virtualization, cloud computing, and cloud security Wireless network fundamentals, wireless encryption, and related security measures Fundamentals of mobile, IoT, and OT devices and related security measures Cryptography and public-key infrastructure Data security controls, data backup and retention methods, and data loss prevention techniques Network troubleshooting, traffic and log monitoring, and analysis of suspicious traffic The incident handling and response process Computer forensics and digital evidence fundamentals, including the phases of a forensic investigation Concepts in business continuity and disaster recovery Risk management concepts, phases, and frameworks EC-Council?s C|CT certification immerses students in well-constructed knowledge transfer. Training is accompanied by critical thinking challenges and immersive lab experiences that allow candidates to apply their knowledge and move into the skill development phase in the class itself. Upon completing the program, C|CT-certified professionals will have a strong foundation in cybersecurity principles and techniques as well as hands-on exposure to the tasks required in real-world jobs. COURSE OUTLINE * Information Security Threats and Vulnerabilities * Information Security Attacks * Network Security Fundamentals * Identification, Authentication, and Authorization * Network Security Controls: Administrative Controls * Network Security Controls: Physical Controls * Network Security Controls: Technical Controls * Network Security Assessment Techniques and Tools * Application Security * Virtualization and Cloud Computing * Wireless Network Security * Mobile Device Security * Internet of Things (IoT) and Operational Technology (OT) Security * Cryptography * Data Security * Network Troubleshooting * Network Traffic Monitoring * Network Log Monitoring and Analysis * Incident Response * Computer Forensics * Business Continuity and Disaster Recovery * Risk Management

Duration 3 Days 18 CPD hours This course is intended for This course is intended for security engineers, security architects, and information security professionals. Overview Identify security benefits and responsibilities of using the AWS Cloud Build secure application infrastructures Protect applications and data from common security threats Perform and automate security checks Configure authentication and permissions for applications and resources Monitor AWS resources and respond to incidents Capture and process logs Create and configure automated and repeatable deployments with tools such as AMIs and AWS CloudFormation This course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. You will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents. Prerequisites We recommend that attendees of this course have: * Working knowledge of IT security practices and infrastructure concepts * Familiarity with cloud computing concepts * Completed AWS Security Essentials and Architecting on AWS courses 1 - SECURITY ON AWS * Security in the AWS cloud * AWS Shared Responsibility Model * Incident response overview * DevOps with Security Engineering 2 - IDENTIFYING ENTRY POINTS ON AWS * Identify the different ways to access the AWS platform * Understanding IAM policies * IAM Permissions Boundary * IAM Access Analyzer * Multi-factor authentication * AWS CloudTrail 3 - SECURITY CONSIDERATIONS: WEB APPLICATION ENVIRONMENTS * Threats in a three-tier architecture * Common threats: user access * Common threats: data access * AWS Trusted Advisor 4 - APPLICATION SECURITY * Amazon Machine Images * Amazon Inspector * AWS Systems Manager 5 - DATA SECURITY * Data protection strategies * Encryption on AWS * Protecting data at rest with Amazon S3, Amazon RDS, Amazon DynamoDB * Protecting archived data with Amazon S3 Glacier * Amazon S3 Access Analyzer * Amazon S3 Access Points 6 - SECURING NETWORK COMMUNICATIONS * Amazon VPC security considerations * Amazon VPC Traffic Mirroring * Responding to compromised instances * Elastic Load Balancing * AWS Certificate Manager 7 - MONITORING AND COLLECTING LOGS ON AWS * Amazon CloudWatch and CloudWatch Logs * AWS Config * Amazon Macie * Amazon VPC Flow Logs * Amazon S3 Server Access Logs * ELB Access Logs 8 - PROCESSING LOGS ON AWS * Amazon Kinesis * Amazon Athena 9 - SECURITY CONSIDERATIONS: HYBRID ENVIRONMENTS * AWS Site-to-Site and Client VPN connections * AWS Direct Connect * AWS Transit Gateway 10 - OUT-OF-REGION PROTECTION * Amazon Route 53 * AWS WAF * Amazon CloudFront * AWS Shield * AWS Firewall Manager * DDoS mitigation on AWS 11 - SECURITY CONSIDERATIONS: SERVERLESS ENVIRONMENTS * Amazon Cognito * Amazon API Gateway * AWS Lambda 12 - THREAT DETECTION AND INVESTIGATION * Amazon GuardDuty * AWS Security Hub * Amazon Detective 13 - SECRETS MANAGEMENT ON AWS * AWS KMS * AWS CloudHSM * AWS Secrets Manager 14 - AUTOMATION AND SECURITY BY DESIGN * AWS CloudFormation * AWS Service Catalog 15 - ACCOUNT MANAGEMENT AND PROVISIONING ON AWS * AWS Organizations * AWS Control Tower * AWS SSO * AWS Directory Service

This CISMP course and exam is for anyone wishing to progress their career in the rapidly expanding fields of Information Security, risk and cyber especially within the UK public sector.

Our unique 5 day workshop prepares you for a first time pass of your CISSP exam. Covering each of the famous 8 CBK's, cram the theory before testing your knowledge during exam simulations. Led by a multi-award winning InfoSec consultant, this workshop delivers everything you need to pass,

Duration 5 Days 30 CPD hours This course is intended for This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. Overview #NAME? In this course, students will expand upon their knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK)© for information systems security professionals. Prerequisites * CompTIA Network+ Certification 1 - SECURITY AND RISK MANAGEMENT * Security Governance Principles * Compliance * Professional Ethics * Security Documentation * Risk Management * Threat Modeling * Business Continuity Plan Fundamentals * Acquisition Strategy and Practice * Personnel Security Policies * Security Awareness and Training 2 - ASSET SECURITY * Asset Classification * Privacy Protection * Asset Retention * Data Security Controls * Secure Data Handling 3 - SECURITY ENGINEERING * Security in the Engineering Lifecycle * System Component Security * Security Models * Controls and Countermeasures in Enterprise Security * Information System Security Capabilities * Design and Architecture Vulnerability Mitigation * Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems * Cryptography Concepts * Cryptography Techniques * Site and Facility Design for Physical Security * Physical Security Implementation in Sites and Facilities 4 - INFORMATION SECURITY MANAGEMENT GOALS * Organizational Security * The Application of Security Concepts 5 - INFORMATION SECURITY CLASSIFICATION AND PROGRAM DEVELOPMENT * Information Classification * Security Program Development 6 - RISK MANAGEMENT AND ETHICS * Risk Management * Ethics 7 - SOFTWARE DEVELOPMENT SECURITY * Software Configuration Management * Software Controls * Database System Security 8 - CRYPTOGRAPHY * Ciphers and Cryptography * Symmetric-Key Cryptography * Asymmetric-Key Cryptography * Hashing and Message Digests * Email, Internet, and Wireless Security * Cryptographic Weaknesses 9 - PHYSICAL SECURITY * Physical Access Control * Physical Access Monitoring * Physical Security Methods * Facilities Security

Register on the Complete Information Security today and build the experience, skills and knowledge you need to enhance your professional development and work towards your dream job. Study this course through online learning and take the first steps towards a long-term career. The course consists of a number of easy to digest, in-depth modules, designed to provide you with a detailed, expert level of knowledge. Learn through a mixture of instructional video lessons and online study materials. Receive online tutor support as you study the course, to ensure you are supported every step of the way. Get an e-certificate as proof of your course completion. The Complete Information Security is incredibly great value and allows you to study at your own pace. Access the course modules from any internet-enabled device, including computers, tablet, and smartphones. The course is designed to increase your employability and equip you with everything you need to be a success. Enrol on the now and start learning instantly! WHAT YOU GET WITH THE COMPLETE INFORMATION SECURITY * Receive a e-certificate upon successful completion of the course * Get taught by experienced, professional instructors * Study at a time and pace that suits your learning style * Get instant feedback on assessments  * 24/7 help and advice via email or live chat * Get full tutor support on weekdays (Monday to Friday) COURSE DESIGN The course is delivered through our online learning platform, accessible through any internet-connected device. There are no formal deadlines or teaching schedules, meaning you are free to study the course at your own pace. You are taught through a combination of * Video lessons * Online study materials CERTIFICATION Upon successful completion of the course, you will be able to obtain your course completion e-certificate free of cost. Print copy by post is also available at an additional cost of £9.99 and PDF Certificate at £4.99. WHO IS THIS COURSE FOR: The course is ideal for those who already work in this sector or are an aspiring professional. This course is designed to enhance your expertise and boost your CV. Learn key skills and gain a professional qualification to prove your newly-acquired knowledge. REQUIREMENTS: The online training is open to all students and has no formal entry requirements. To study the Complete Information Security, all your need is a passion for learning, a good understanding of English, numeracy, and IT skills. You must also be over the age of 16. 

GCP provides infrastructure as a service (IaaS), platform as a service (PaaS), and serverless computing environments to help businesses build, deploy, and scale applications and services.

Duration 3 Days 18 CPD hours This course is intended for Security professionals. This module is intended for everyone who is involved in the implementation, evaluation and reporting of an information security program, such as an Information Security Manager (ISM), Information Security Officer (ISO) or a Line Manager, Process Manager or Project Manager with security responsibilities. Basic knowledge of Information Security is recommended, for instance through the EXIN Information Security Foundation based on ISO/IEC 27001 certification. Overview The module Information Security Management Professional based on ISO/IEC 27001 (ISMP.EN) tests understanding of the organizational and managerial aspects of information security.The subjects of this module are: Information security perspectives: business, customer, service provider/supplier Risk Management: analysis, controls, remaining risks Information security controls: organizational, technical, physical. Information security is the preservation of confidentiality, integrity and availability of information (ISO/IEC 27000 definition). Information security is gaining importance in the Information Technology (IT) world. Globalization of the economy is leading to an ever-increasing exchange of information between organizations (their staff, customers and suppliers) and an explosion in the use of networked computers and computing devices. The core activities of many companies completely rely on IT. Enterprise resource planning (ERP) management systems, the control systems that govern how a building runs or a manufacturing machine functions, day-to-day communications - everything - runs on computers. The vast majority of information - the most valuable commodity in the world - passes through IT. Information is crucial for the continuity and proper functioning of both individual organizations and the economies they fuel; this information must be protected against access by unauthorized people, protected against accidental or malicious modification or destruction and must be available when it is needed. Companies and individual users of technology are also beginning to understand how important security is and are beginning to make choices based on the security of the technology or service. INFORMATION SECURITY PERSPECTIVES * The candidate understands the business interest of information security * The canidate understands the customer perspective on governance * The candidate understands the supplierïs responsibilities in security assurance RISK MANGEMENT * The candidate understands the principles of risk management * The candidate knows how to control risks * The candidate knows how to deal with remaining risks INFORMATION SECURITY CONTROLS * The candidate has knowledge of organizational controls * The candidate has knowledge of technical controls * The candidate has knowledge of physical, employment-related and continuity controls

This is the perfect launch pad for a technical career in Cyber Security and fully prepares every delegate for the prestigious Certified Ethical Hacking (CEH) Course that comes next on the Cyber & Hacking Learning Pathways by Nemstar.