Course Duration

24 hours, 3-days training workshop

Delivery

Face to face training or online training

Course Inclusive

Training materials & certificate of completion

Description

This course aims to provide the trainees the fundamentals of identifying and managing threat and risks in their organization/workplace

Entry Competencies of Participants (Prerequisites)

Any graduate of Engineering, Science, or any BS degree courses that has Information Technology units or anyone with experience on handling ICT equipment.

Course Objectives/Learning Outcomes

At the end of the course, the participant shall be able to:

1. Understand and apply the concepts defense-in-depth;
   • Security Principles and Fundamentals
   • Threats, Vulnerabilities, and Risks
   • Types of attacks and exploits
2. Identify threat vectors, threat models, and possible attack vectors relevant to their environment;
   • Introduction to Risk Management
   • Types of Risk Analysis
   • Asset Controls
   • Threat Modeling, Threat Identification, Vulnerability Identification
3. Understand and apply risk management concepts;
   • Introduction to Access Controls
   • Access Control Process
   • Information Security Roles and Responsibilities
   • Access Control Types
   • Password Management
   • Business case for risk management
4. Understand the purpose and components of policy;
   • Policy Framework
   • Creating the Policy
   • Issue-specific policy examples and Introduction NDA’s and copyrights
5. Identify, analyze, and prioritize Business Continuity (BC) requirements
   • Contingency planning: Introduction to BCP and DRP
   • Difference of BCP and DRP
   • BCP Key Components
   • BCP Phases
   • Top BCP/DRP Planning Mistakes