Foundation Certificate in Cyber Security Training

There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet.

Day 1

Module 1 Computing Foundation, Data Storage and Memory

• Computer system components, operating systems (Windows, Linux & Mac), different types of storage, and memory management.

Module 2 Network Computing

• Switched networks, packet switching vs circuit switching, packet routing delivery, routing, WAN, LAN, MAN, internetworking standards, OSI model 7 layers.

Module 3 Network Communications - TCP/IP protocol suite,

• Types of addresses, physical address, logical address, IPv4, IPv6, port address, specific address, WAN vs LAN, DHCP (Dynamic Host Configuration Protocol) and network access control.

Module 4 Internet Primer

• How does data travel across the internet? End to end examples for web browsing, emails, using applications - explaining internet architecture, routing, DNS.

Day 2

Module 5 Network Security

• Secure planning, policies and mechanisms, Active Directory structure, introducing Group Policy (containers, templates, GPO), security and network layers, IPSEC (IP Security), SSL / TLS (flaws and comparisons) SSH (secure shell), Firewalls (packet filtering, state full inspection and NGFW), application gateways, ACL's.

Module 6 Modern Communications

• VoIP, Smishing, Vishing, wireless LAN (WI-FI), Network Analysis and Sniffing, Wireshark. IOT communication data, SHODAN, Bluetooth, Zwave, Zigbee, PAN (personal area network), HAN (home area network), BAN (body area network) and 5G.

Module 7 Virtualisation & Cloud Technologies

• Virtualisation definitions, virtualisation models, Cloud Security Alliance (CSA), terminologies, ISO/IEC 27017 is an information security framework for organisations using (or considering) cloud services. Virtual models, virtual platforms, what is cloud computing, cloud essentials, cloud service models, security & privacy in the cloud ISO 27018, multi-tenancy issues, infrastructure vs data security. Cloud Security Technical Reference Architecture from Cybersecurity & Infrastructure Security Agency (CISA)

Module 8 Protective Monitoring (Security Information Event Management SIEM)

• Security Information Event Management (SIEM) processes and architecture, SOAR security orchestration, automation, and response. SIEM features, user activity monitoring, real time event correlation, log retention, file integrity monitoring, security auditing & automation auditing, what to audit, implementation guidelines, what to collect, Windows Event Log, UNIX Syslog, logging at an application level, audit trail analysis, approaches to data analysis.

Module 9 Common Methods of Attack

• Cyber exploits, understanding malware, cross site scripting, SQL Injection, virus, worm, DDOS, input validation, ransomware, buffer-overflow, targeted attacks, cyber threat intelligence, MITRE ATT&CK®, D3FEND Matrix | MITRE D3FEND™, Cyber Kill Chain and advanced persistent threats (APT).

CyberFish DoJo Ransomware response scenario

Day 3

Module 10 Encryption

• Uses of encryption technology, symmetric / asymmetric key encryption, public and private keys, weaknesses, decryption, hashing, digital signatures, PKI, certificates authorities, data at rest and in transit, SSL/TLS, and SSL stripping.

Module 11 Cyber and the Legal Framework

• Legislation, chain of custody, reporting and assurance within the context of a legal framework, Artificial Intelligence (AI) Governance, EU General Data Protection Regulation (GDPR & DPA), California Consumer Privacy Act (CCPA), Federal Computer Fraud and Abuse act versus Computer Misuse Act. HIPAA, Sarbanes Oxley (SOX). The Federal Information Security Management Act (FISMA), Freedom Act and Federal Trade Commission Act (FTCA).

Module 12 Digital Footprints

• Internet foundations, WHOIS (Inc. worked example), Internet analysis, search engines, OSINT techniques offensive and defensive, Tools for finding information on people and companies, username searchers, email searching, passwords, surface, dark and deep web. Data breach websites. Phishing, Spear Phishing, Whaling, Deep Fake attack. Social Engineering attacks.

Module 13 Information Assurance

• Overview – Drivers for Information Assurance, CIA Triad, what do attackers want? Threats to your organisation and the capabilities

Day 4

Module 14 Risk Management and Risk Treatment

• Business context and risk management approach, return on security investment (ROSI/ROI), risk management lifecycle, who delivers risk management - where in the lifecycle, understanding the context, legal and regulatory. Risk Treatment - Identify the ways of treating risks, methods of gaining assurance, understanding the nature of inherent/residual risk, collecting evidence that supports decisions, risk management decisions.

Module 15 Physical Security

• Physical security - lighting, CCTV, fencing, intrusion detection, screening, destruction, UPS and generators, access, and control of entry.

Module 16 Personnel Security

• People, employees, contractors, customers (resource, vulnerability, threat), recruitment, screening, Social Engineering, Common People Exploits, T&C's, in role, change in role, termination, insider threat, supply chain challenges.

Module 17 Service Assurance & Standards

• Assurance perspective - including CPA/CAPS, FIPS, CE, Common Criteria, SPF. Summary of common industry standards. (Inc. OWASP, ISO27001/2, PCI-DSS)

Day 5

Module 18 Software Security Assurance

• Principles for software security, (securing the weakest link, defence in depth, failing securely, least privilege, separation of privilege), IA design principles.

Module 19 Secure Development Process

• Secure by Design, Secure Development Life Cycle (SDLC). AI Governance in the System Development Life Cycle: Insights on Responsible Machine Learning Engineering. Testing, audit and review and system development. UAT (user acceptance testing. White, grey, and black box testing.

Module 20 Threat Modelling and STRIDE

• What is threat modelling, threat modelling processes, STRIDE: Risk Mitigation options

Module 21 Introduction to Security Architecture

• Security design architecture, enterprise design frameworks (TOGAF, ZACHMAN, SABSA), patterns (NCSC, Open Security Architecture).

Module 22 Security Best Practice

• Reduce the attack surface, defence in depth, test security, weaknesses and vulnerabilities, secure coding, learn from mistakes, NCSC 10 steps to cybersecurity and NIST Cybersecurity framework.

Exam Information

Candidates will receive individual emails to access their APMG candidate portal, typically available two weeks post exam.

Knowledge Check – Quiz

End of module knowledge check – exam style questions

Duration 50 Minutes

Questions 50, multiple choice (4 multiple choice answers only 1 of which is correct)

Pass Mark 50%