Certified Security Awareness 1 2 (CSA 1 2) - e-learning

Lesmethode :

etraining

Algemeen :

The mile2 vendor neutral Certified Security Awareness certification course is intended for anyone that uses a computer on the internet. Attendees will understand the security threats as well as the countermeasures associated with these attacks. Employees will learn that the weakest link in any security program is a poorly trained department.

This course teaches general security awareness as well as how to develop a strong security culture within your company's community. The Social Engineering portion of the class is designed to teach the participants the skills used by Social Engineers to facilitate the extraction of information from an organization using technical and non-technical methods. Computer fraud, black-hat hacking,cyber-terrorists; these phrases describe an innovative generation of criminals that use over-the-wire technology to attack us, steal from us and terrorize us. However, the best tool in their arsenal is not new. It is only used by the most experienced, the most dangerous, boldest hackers.

This e-learning is in English

Doel :

Upon completion, the Certified Security Awareness 1+2 candidate will not only be able to competently take the CSA1 and CSA2 exam but will also understand basic cyber security knowledge to keep companies’IP and IT infrastructure safe.

Doelgroep :

Anyone, end users, company employees and basic computer users

Voorkennis :

General computer knowledge

Onderwerpen :

- Certified Security Awareness 1
   - Module 1 - Basic Security Awareness, What is it and why it's needed?
      - End User Risk Trends
         - Who, What and How are people the target
         - What are the losses associated to end user hacks?
   - Module 2 -Social Engineering
      - Phishing
         - mail, via phone, social websites are common Spear Phishing
      - Spear Phishing
         - Example: Fake email sample
      - Social media
      - Personification
   - Module 3 - Data Classification and corporate use (Safe Guarding)
      - Corporate
         - Sensitive, internal or public classification
         - Objectives of securing data (IP, Compliance/legislature)
   - Personal vs. Business Use
         - Segregating personal use with business use
      - Data management
         - Business standard for deleting data
         - Personal standard of data dumping (old phones/hard drives and usb)
         - Did you know that I can unearth deleted docs from a USB drive from a standard Forensics app off of the internet?
      - How to delete and get rid of your old data
   - Module 4 - End User Best Practices
      - Internet utilization
         - Hot spots, public places & roaming risks
      - Safe Web Site surfing
         - Discerning safe secure sites (never go to a site link indirectly)
         - Locks and HTTPS
      - Computer Usage
         - Using computer in non-admin mode
         - Ransomware
      - Password management
      - Removable Devices
      - Mobile, Smart Phones and Tablets (risks associated with mobile devices)
         - Device always locked
         - Deviceshould always be trackable
- Certified Security Awareness 2
   - Chapter 1 - Creating a Cyber Security Culture
      - Overview
      - Non-malware Attack Statistics 2017 (Carbon Black)
      - Cyber Security Culture
      - Requirements for Successful CSC
      - Steps to Create CSC
      - Key People for a Successful CSC and Their Roles
      - How Various Departments are Related to the CSC Program
      - Leadership Skills
      - Techniques Used by Successful Leaders
      - Yearly Training and Drills
   - Chapter 2 - Social Engineer Attacks: Executive Management and Assets
      - Overview Techniques used by Hackers
      - Why Executives are Pinpointed as Targets
      - Whaling Attacks
      - Recent Successful Whaling Attacks
      - Whaling Mitigation
      - Intellectual Property
      - IP Categories
      - IP Legally Defined Categories
      - Keeping IP Safe
      - Keeping IP Safe -Recommendation
   - Chapter 3 - Incident Preparedness and Management Planning
      - Overview
      - Incident Mitigation
      - Cyber Insurance
      - Cyber Insurance Gaps
      - Incident Preparedness Steps
      - Preparation Step
      - Identification Step
      - Crisis Management
      - Post Crisis Management
      - General Recommendation for Post Crisis
   - Chapter 4 - Laws and Global Compliance Standards
      - Overview Laws & Standards
      - Laws & Standards
      - 12 PCI DSS Requirements
      - SOX Most Important Sections
      - Data Classification
      - Objectives of Data Classification
      - Personal vs. Business Use
      - Business Standard for Deleting Data
      - Mobile Device Security Risks
      - BYOD Challenges
      - BYOD Policy