Course Duration
24 hours, 3-days training workshop
Delivery
Face to face training or online training
Course Inclusive
Training materials & certificate of completion
Description
This course aims to provide the trainees the fundamentals of identifying and managing threat and risks in their organization/workplace
Entry Competencies of Participants (Prerequisites)
Any graduate of Engineering, Science, or any BS degree courses that has Information Technology units or anyone with experience on handling ICT equipment.
Course Objectives/Learning Outcomes
At the end of the course, the participant shall be able to:
- Understand and apply the concepts defense-in-depth;
- Security Principles and Fundamentals
- Threats, Vulnerabilities, and Risks
- Types of attacks and exploits
- Identify threat vectors, threat models, and possible attack vectors relevant to their environment;
- Introduction to Risk Management
- Types of Risk Analysis
- Asset Controls
- Threat Modeling, Threat Identification, Vulnerability Identification
- Understand and apply risk management concepts;
- Introduction to Access Controls
- Access Control Process
- Information Security Roles and Responsibilities
- Access Control Types
- Password Management
- Business case for risk management
- Understand the purpose and components of policy;
- Policy Framework
- Creating the Policy
- Issue-specific policy examples and Introduction NDA’s and copyrights
- Identify, analyze, and prioritize Business Continuity (BC) requirements
- Contingency planning: Introduction to BCP and DRP
- Difference of BCP and DRP
- BCP Key Components
- BCP Phases
- Top BCP/DRP Planning Mistakes