NTUC LearningHub

Course Objectives

 

Upon completing this course, participants will be prepared with the knowledge and abilities to sit for an external exam by ISACA. The certificate is aligned with the National Institute of Standards and Technology (NIST) National Initiative for Cybersecurity Education (NICE), which is compatible with global cybersecurity issues, activities and job roles. The certificate also is aligned with the Skills Framework for the Information Age (SFIA).

 

The five domains of the entry-level cybersecurity certification exam outline are:

  • Cybersecurity concepts
  • Cybersecurity architecture principles
  • Cybersecurity of networks, systems, applications, and data
  • Incident response

Security of evolving technology

 

IT Risk Fundamentals online course

 

Pre-requisites

 

Learners are assumed to have:

  • No pre-requisites
  • Recommended CompTIA A+

 

Course Outline

 

Session 1 – Introduction to Cybersecurity

Learning Objectives:

  • Identify and explain cybersecurity concepts.
  • Identify main components of telecommunications technologies.
  • Differentiate types of security.

Session topics:

  • 1.1 Overview
  • 1.2 What is Security?
  • 1.3 Types of Security

 

Session 2 – Cybersecurity and Privacy

Learning Objectives:

  • Identify differences between information technology systems and specialized systems.
  • Discuss enterprise cybersecurity roles and responsibilities.
  • Define governance, risk management and compliance (GRC).
  • Distinguish between privacy and security

Session topics:

  • 1.4 Specialized Systems
  • 1.5 Roles and Responsibilities
  • 1.6 Governance, Risk Management and Compliance
  • 1.7 Cybersecurity Governance
  • 1.13 Privacy
  • 1.14 Privacy vs. Security

 

Session 3 – Service Disruption and Cybersecurity

Learning Objectives:

  • Identify and discuss common causes of enterprise service disruption.
  • Explain business continuity planning.
  • Describe the relationship between business continuity planning (BCP) and disaster recovery (DR).

Session topics:

  • 1.8 Resilience
  • 1.9 Business Continuity and Disaster Recovery
  • 1.10 Business Impact Analysis
  • 1.11 Recovery Concepts

 

Session 4 – Threat Landscape

Learning Objectives:

  • Identify and discuss common causes of enterprise service disruption.
  • Explain business continuity planning.
  • Describe the relationship between business continuity planning (BCP) and disaster recovery (DR).

Session topics:

  • 1.4 Specialized Systems
  • 1.5 Roles and Responsibilities
  • 1.6 Governance, Risk Management and Compliance
  • 1.7 Cybersecurity Governance
  • 1.13 Privacy
  • 1.14 Privacy vs. Security

 

Session 5 – Cyberattacks

Learning Objectives:

  • Identify and explain cybersecurity concepts.
  • Identify main components of telecommunications technologies.
  • Differentiate types of security.

Session topics:

  • 2.5 Attack Attributes
  • 2.6 Attack Process
  • 2.7 Malware and Attacks

 

Session 6 – Risk Management

Learning Objectives:

  • Identify differences between information technology systems and specialized systems.
  • Discuss enterprise cybersecurity roles and responsibilities.
  • Define governance, risk management and compliance (GRC).
  • Distinguish between privacy and security

Session topics:

  • 2.8 Risk Assessment
  • 2.9 Supply Chain Considerations
  • 2.10 Risk Management Life Cycle
  • 2.11 Managing Risk
  • 2.12 Using the Results of Risk Assessments

Session 7 – Securing Assets

Learning Objectives:

  • Identify differences between information technology systems and specialized systems.
  • Discuss enterprise cybersecurity roles and responsibilities.
  • Define governance, risk management and compliance (GRC).
  • Distinguish between privacy and security.

Session topics:

  • 3.1 Risk Identification, Standards, Frameworks and Industry Guidance
  • 3.3.8 Endpoint Security
  • 3.3.9 System Hardening
  • 3.3.10 Logging, Monitoring and Detection
  • 3.3.13 Data Security

 

Session 8 – Security Architecture

Learning Objectives:

  • Identify components of a security architecture.
  • Compare security models.
  • Session topics:
  • 3.2 Architecture, Models, and Frameworks

 

Session 9 – Security Controls

Learning Objectives:

  • Explain defense in depth.
  • Compare traditional security and assume-breach philosophies.
  • Identify three main types of security controls.
  • Distinguish types of logical access controls.
  • Identify and explain types of administrative controls.
  • Explain each component of authentication, authorization and accounting (AAA).
  • Session topics:
  • 3.3 Security Controls (3.3.1 to 3.3.6)

 

Session 10 – Network Security

Learning Objectives:

  • Explain methods to achieve isolation and segmentation.
  • Identify network security hardware.
  • Distinguish types of firewalls.

Session topics:

  • 3.3.7 Network Security

Enrichment:

  • Learning Aid – Application Firewall Systems
  • Learning Aid – Common Attacks Against Packet Filter
  • Learning Aid – Examples of Firewall Implementations
  • Learning Aid – Next Generation Firewalls

 

Session 11 – Application and Cloud Security

Learning Objectives:

  • Recognize system life cycle management principles, including software security and usability.
  • Identify and analyze cloud service models.
  • Discuss risk associated with cloud computing.

Session topics:

  • 3.3.11 Application Security
  • 3.3.12 Cloud Security

 

Session 12 - Software Management and Encryption

Learning Objectives:

  • Identify elements of cryptographic systems.
  • Identify and discuss key systems.

Session topics:

  • 3.3.14 Configuration Management
  • 3.3.15 Change Management
  • 3.3.16 Patch Management
  • 3.3.17 Encryption Fundamentals, Techniques and Applications

 

Session 13 – Introducing Security Operations

Learning Objectives:

  • Discuss security operations center (SOC) deployment models.
  • Identify common SOC functions, roles and responsibilities.
  • Identify vulnerability assessment tools, including open source tools and their capabilities.
  • Session topics:
  • 4.1 Security Operations

 

 

Session 14 - Testing Technologies and Security Tools

Learning Objectives:

  • Differentiate vulnerability scanning and penetration testing.
  • Discuss common phases of penetration testing.
  • Identify and use common cybersecurity tools.
  • Discuss components that aid cybersecurity monitoring and detection.
  • Session Topics:
  • 4.2 Tool and Technologies (Monitoring, Detection, Correlation)
  • 4.4 Forensics

 

Session 15 – Handling Security Incidents

Learning Objectives:

  • Understand incident response and handling methodologies.
  • Distinguish between an event and an incident.
  • Discuss the elements of an incident response plan (IRP).

Session Topics:

  • 4.3 Incident Handling

Practice Labs:

  • SQL Injection
  • Windows Event Monitoring & Defender
  • Threat Removal
  • Threat Detection
  • File Permissions on Windows and Linux
  • Forensics: File Recovery, Baselining with Lynis
  • Scanning Ports and Utilizing SSH
  • Windows and Linux OS Firewalls

 

Certificate Obtained and Conferred by

 

Upon completion of the course, you can register for the official exam, which is online, remotely proctored 2-hour exam. You will be notified of the results of your exam. If you’ve passed, you will be able to download the certificate from your MyISACA portal as proof. For more information on the exam, go to https://www.isaca.org/credentialing/itca/cybersecurity-fundamentals-certificate

Categories
More Information
  • NTUC LearningHub
Sponsored Content
Location
  • NTUC Trade Union House, 73 Bras Basah Road. S.189556, Singapore, Central Singapore Community Development Council 189556

  • No comments yet.
  • Add a review
    error: Content is protected !!