Cyber Security Authority®
Cyber Security Authority®
11 Days, 9 Professional Certifications
This course is aimed for professionals with authoritative potentials, know-how and opportunity to become subject matter authorities in their specific cloud infrastructure arena.
Upcoming CSA® Events
Sorry no post found.
Course Description
This course is designed for professionals who possess authoritative potentials. CSA® is the pinnacle of achievement and industry recognition for professionals with the necessary knowhow that would like to seek the opportunity to become subject matter authorities in their specific cybersecurity area. In addition to coursework, all successful CSA® candidates must fulfil the required criteria which include but are not limited to undergoing minimum cybersecurity project alongside IDCA approved consultants, as well as submitting an effective thesis to the attention of the accreditation committee of IDCA. The thesis shall be driven from their professional experiences and subject matter expertise in identity and access management, application, security, etc. CSAs will be the front-runners of the cybersecurity industry and serve as key players and contributors to the industry’s direction.
Who should take this course?
- Managers
- Executives
- Directors
- Strategic Planners
- Professionals
what you study
Individuals will be taken through multi-levels of foundation, concept, principle, theory, application, strategy, management, engineering and design, technology and selection in order to complete this course work required for becoming a CSA®.
Learning Outcomes
The CSA® is a leap into cybersecurity strategy, approached in the unique manner of capturing the operations aspects of cybersecurity, application security parameters and knowledge of the design and technology fundamentals, thus applying the insight into future technologies, amalgamating this knowledge to prepare the management, build, expansion, or upgrade for reliable, resilient, secure, innovative and efficient cybersecurity operations
Prerequisites
- None.
Course Features
- CSIS®
- CSOS®
- CSTP®
Day 1
Introduction
Cybersecurity Overview
The outset of Cybersecurity
Governance
Risk Integration
Legislative Requirement
Security Requirement
Internal Threats
External Threats
Physical Security Threats
Cybercrime: Leading Business Risk Globally
Major Cyber Breaches
Cybersecurity Complexity
Infinity Paradigm
Definition of Cybersecurity
Cybersecurity Principles
Cybersecurity Principles
The Layers
The Four Principles
Principle 1 & its key Activities
Principle 2 & its key Activities
Principle 3 & its key Activities
Principle 4 & its key Activities
Cybersecurity Dimensions: Attack & Defense
Cybersecurity Attack
Security Threat to Networks
Two types of Attacks
Stages of an Attack
Cybersecurity Defense
Layered Security & Configuration of Perimeter
Firewall
Intrusion Detection & Penetration System
Cybersecurity Risk & Consequences
Consequences of Attack
Maturity
Culture Shift
Appetite
Advice
Putting a Price on Risk
Day 2
Cybersecurity Trends
Understanding the threat landscape
Common Threat Agents and Vulnerabilities
Zero-Day Vulnerabilities
Attributes of Cyber Attack
Understanding the attributes of an Attack
Malware & Types of attack
Obfuscation and Mutations in Malware
Weaknesses of Existing Cybersecurity Standards
Available standards
Weaknesses of existing standards
Why IDCA is critical to filling the gaps
Network Access Control & Wireless Network Security
An Overview of Network Access Control (NAC)
NAC Policies
The Network Access Control/Network Access Protection (NAC/NAP) Client/Agent
The Enforcement Points
Enforcement Point Action
Authentication and Authorization
NIST & Cybersecurity
ISO 27001 For Information Security
Cybersecurity in Cloud
Types of Cloud Assets
Compute Assets
Storage Assets
Network Assets
Asset Management Pipeline
Procurement Leaks
Processing Leaks
Finding Leaks
Protecting data in the cloud
Tokenization
Encryption
Cybersecurity for IoT and Edge/or 5G Computing
IoT Security Challenges & Landscape
Why IoT Security devices are targeted
Edge Motivation
Edge Definition
Evolution of IT Computing Models
Advantages of Edge Computing
Edge Layered Stack
OWASP (Open Web Application Security Project) Top 10 Internet of Things
Examination
Day 1
Cybersecurity Overview
Cybersecurity Complexity
Malware & Types of Attacks
Governance
Governance Objectives
Governance for Cybersecurity
Effective Cybersecurity Programme Governance
Cybersecurity Governance: Meaningful Vs Meaningless
Cybersecurity Governance Pillars
Cybersecurity Organizational Structure
Risk Management
Cybersecurity Risk oversight of the Board
Cybersecurity Risk management Principles
Cybersecurity Risk Policies & Procedures
Cybersecurity Risk Strategic Performance Management
Cybersecurity Standards & Frameworks
Cybersecurity Risks: Identify, Analyze and Evaluate
How to treat Cybersecurity Risk
Using Process Capabilities to Treat Cybersecurity Risks
Using Insurance and Finance to Treat Cybersecurity Risks
Physical IT-Related Asset management
Build, Buy or Update: Embedding Cybersecurity Requirements and Establishing Best Practices
Governance & Panning
Development & Implementation
End of Useful Life and Disposal
Specific Considerations
Commercial Off-the-Shelf Applications
Cloud/SaaS Applications
Physical Security
Commit To a Plan
Physical Security Risk Landscape View and the Impact on Cybersecurity
Manage/Review the Cybersecurity Organization
Design/Review Integrated Security Measures
Data Center Scenario Reworked
Understanding Objectives for Security Measures
Understanding Controls for the Data Center Scenario
Calculate/Review Exposure to Adversarial Attacks
Simulating the Path of an Adversary
Calculate the Probability of Interrupting & Disrupting the Adversary
Optimize Return on Security Investment
Vulnerability Identification and Management: Treating Cybersecurity Risks
Introduction
Identity & Access Management
Policy
Establish Identities
Create Identities
User ID Revocation
Enterprise IT Governance
Reduced Security Costs
Penetration Testing
Day 2
Threat Identification & Handling Management: Identify, Analyze & Evaluate
The Risk Landscape
The People Factor
Assessing & Managing Risk: A structured Approach
Cybersecurity Culture
Regulatory Compliance
Maturity Compliance
Protection Prioritised
Cybersecurity Incident and Crisis Management
Cybersecurity Incident Management Overview
Cybersecurity Incident Response Overview
Cybersecurity Incident Response Plan & Processes
Cybersecurity Incident Response Team (CSIRT)
Technical Response Capabilities Development
Build and Maintain Capabilities
Incident Timelines
Integrating Cybersecurity & Business Continuity Management
What is Business Continuity
ISO 22301 Overview
BCM Lifecycle
Understand/Analyze the organization and Integrate with Cybersecurity
Determine BCM Strategy & Integrate with Cybersecurity
Developing and Implementing BCM Responses, Integrate with Cybersecurity
Exercising/Validating BCM and integrate with Cybersecurity
BCM Policy & Programme Management
Embedding BCM in the organizational culture
Organizational Structure
Having the Right People
Establishing the Team
What are the Established Performance Standards?
Human Factors and Culture
Technology Investment vs Investing in People
Business Email Compromise (BEC)
Organizations as Social Systems
Cybersecurity More Than a Technology Problem
Organizational Culture
Cybersecurity and Human Factors
Insider Threats
Social Engineering Threats
Cybersecurity Training & Awareness
Measures Against Business Email Compromise
Human Factors & Technology Trends
Metrics
The Application Ecosystem
Day 3
Application Security
Application Security Terminology
Risk Calculation Models
Calculation of Application Security Risk
Application Security Best Practices
Application Ecosystem Management: Cybersecurity Day-to-Day Operations
Controls Management
Security Controls
Asset Management
Change Management
The Importance of Managing Change
When should Changes be Made?
What are the Impact Changes bring?
The safeguard Effect of Internal Control in Change Management
Organizational Change Management
Access Control
Access Control & A New Perspective
Organizations requirements for Access Control
User Access Management
User Registration and Deregistration
Access Provisioning for Users
Privileged Access Rights Management
Users Secret Authentication Information Management
User Access Under Review
User Rights: Removal & Adjustments
Responsibility of Users
Application & System Access Control
Access Restriction to Information
Procedures for Secure-Logins
Password Management System
Privileged Utility Programs Usage
Program Source Code & Controlled Access
External Context & Supply Chain
Overview
Supply Chain Support Strategy
Planning How to Create Supply Relationships
How to Identify Competent External Suppliers
Relationship Management
Maintaining Situational Awareness
Overview
Situational Awareness Plan
Situational Awareness Process
Cybersecurity Service Level Agreement
Overview
Purpose
Attributes
General Parts of SLA
SLA Service Performance
SLA Constraints & Service Management
SLAs Dos & Don’ts
Examination
Day 1
Network Security Systems Technologies
Network Access Control
ZTNA (Zero Trust Network Access) as a Service
Network Detection and Response (NDR)
Unified Threat Management (UTM)
Microsegmentation Software
Firewalls
Intrusion Detection and Prevention Software
SSL/TLS Decryption
SSL VPN
Firewall Security Management
Advanced Threat Protection
IoT Security
Enterprise Infrastructure VPN
Enterprise Networking Technologies
Network Virtualization
Wireless LAN
Wireless WAN
WAN Edge
Web Security Gateways
Internet Management Technologies
Internet Security
DNS Security
Security Services Technologies
Managed Security Services
Customer Identity and Access Management
Managed Detection and Response (MDR)
Web Application Firewall (WAF)
DDoS
Privileged Access Management
Application Security Technologies
Application Security
Software Configuration Management
Patch Management
Day 2
Security Software Technologies:
Virtualization Security
Mobile Identity Solutions
Container Security
Threat Intelligence Platforms
Security Incident Response
Directory Servers
Active Directory Bridge
Digital Asset Security Platforms
Extended Detection and Response (XDR)
Endpoint Detection and Response (EDR)
Cloud Workload Security
Mobile Threat Defense
Single Sign-On (SSO)
Data Loss Prevention
Security Information and Event Management (SIEM)
Vulnerability Management
Endpoint Protection (EPP) for Business
Fraud Detection and Prevention
Web Content Filtering
Identity Management (IM)
Endpoint Encryption
Mobile Data Protection
Cloud Access Security Brokers
Access Management
Security Orchestration Automation and Response (SOAR)
Active Directory Management
Secure Access Service Edge (SASE)
Enterprise Password Managers
User Behavior Analytics - UEBA
Cloud and Data Center Security
Endpoint Compliance
Identity and Access Management as a Service (IDaaS)
Anti-Malware Tools
Day 3
Access Control Technologies:
Physical Access Control
Barriers
Bollards
Turnstiles and Portals
Guard Facilities
Token and Cipher Systems:
Identification Cards and Badges
Keycard Door Systems
Cipher Lock
Magnetic Stripe Cards
Contact Smart Card
Contactless Smart Card
Wiegand Cards
Key Fobs
Biometric Access Control Technologies:
Facial Recognition
Fingerprint Recognition
Hand/Finger Geometry Recognition
Vascular Pattern Recognition
Iris Recognition
Retina Scan
Voice Recognition
Signature Dynamics Recognition
Multimodal