CSP – Certified Security Principles

Description

Overview:

The IT world never stands still! Therefore, neither can IT security. It does not matter if we are talking about the implementation of IoT devices or cloud services, security is at the forefront of all of them. According to a recent study, the top source of security incidents within a company are the current employees! We do not want you to be one of them!

This course is going to prepare you for security across the entire environment including understanding risk management, identity and access control, network and data security. This is just a short list of everything that we cover within this course, which will include new technologies like IoT and cloud services. This course is intended to prepare you to be a benefit to any company that is attempting to improve its security posture! With this certification, you will be marketable to any company, anywhere in the globe!

Prerequisite(s):

Recommended minimum one-year of experience with server administration or network administration. General understanding of business processes is beneficial.

Audience:

IT Professionals, Server Administrators, Network Administrators, Virtualization and Cloud Administrators, anyone that needs a general understanding of security, those seeking the Security+ Certification, 8570 Directive.

Outline:

Module 1 – Introduction to IT Security

• Understanding Security
• Responsibilities
• Building a Security Program
• CIA Triad
• Governance, Risk, Compliance
• State of Security Today

Module 2 – Risk Management

• Risk Management
• Risk Assessment
• Types of Risk, Threats and Vulnerabilities
• Mitigating Attacks
• Discovering Vulnerabilities and Threats
• Responding to Risk

Module 3 – Understanding of Cryptography

• Understanding Cryptography
• Symmetric Encryption
• Asymmetric Encryption
• Hashing
• PKI
• Cryptography in Use

Module 4 – Understanding Identity and Access Management

• Identity Management
• Authentication Techniques
• Single Sign-on
• Access Control Monitoring

Module 5 – Managing Data Security

• Virtualization Principles
• Key Components Mapped to Cloud Layer
• Key Security Concerns
• Other Technologies Used in the Cloud
• The Layers
• Relevant CCM Controls

Module 6 – Data Security

• Different Types of Storage
• Encryption Options
• Data Management

Module 7 – Managing Server/Host Security

• The Operating Systems
• Hardening the OS
• Physical security
• Virtualization and Cloud Technologies

Module 8 – Application Security for Non-Developers

• Application Security Principle
• Software Development Life Cycle
• OWASP Top 10
• Hardening Web Applications
• Patch/Update/Configuration Management

Module 9 – Understanding Mobile Device Security (IoT)

• What Devices are we talking about?
• What is the risk?
• Hardening Mobile/IoT Devices
• Corporate Management

Module 10 – Managing Day to Day Security

• Company Responsibilities
• Product Management
• Business Continuity Basics
• Incident Response
• Why Train?

Module 11 – Understating Compliance and Auditing

• Benefits of Compliance
• Assurance Frameworks
• What is Auditing