Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Day 1 - Understanding Basic Security Principles and Security Threats
- What is information and why should it be protected?
- Confidentiality; integrity; availability; impact of threats and risks;
- Principle of least privilege; Social engineering; attack surface analysis; threat modeling
- Understanding physical security
- Facility security;
- computer security;
- removable devices and disks;
- access control;
- mobile device security;
- keyloggers
5. Understanding Internet Security
- Browser security settings;
- secure websites
6. Email encryption and signing and other applications; Virtual Private Network (VPN)
- public key / private key;
- encryption algorithms; certificate properties;
- certification services;
- PKI infrastructure / certification services;
- hardware tokens, restricting devices to run only trusted applications
7. Understanding Email Protection
- Antispam, antivirus software, spoofing, phishing and pharming;
- client protection vs. server protection; Sender Policy Framework (SPF) records;
- PTR records
Day 2 - Basic Principles of Personal Data Processing
1. Fundamentals of Protection
- sources of national and international law
- scope of personal data protection regulations
- scope of authorities' powers for personal data protection
- legal protection of the right to personal data protection
- GDPR - basic information and definitions - selected topics
- personal data
- processing of personal data
- legal basis for processing personal data
- administrator's obligations
- rights of individuals whose data is processed
- administrative financial penalties
- Personal Data Protection Act of May 10, 2018 - scope of regulations
- appointment of a Data Protection Officer
- procedure for violating personal data protection regulations
- control of compliance with personal data protection regulations
- civil, criminal and administrative liability
- conditions for the lawfulness of processing personal data (regular and specially protected)
- legal requirements for using the institution of entrusting personal data processing to other entities
- data protection impact assessment
- data protection by design, default data protection
- legal basis for transferring personal data to a third country • data protection in employment relations
2. Information Security Management
- discussion of the information security management system in the organization based on, among others, Polish standards
- Information Security Management System (ISMS)
- identification of privacy-related risks and their legal consequences
- principles of risk assessment and evaluating the impact of applying certain solutions in the area of
- effectiveness of information security management
- how to understand and apply a risk-based approach – practical filling out of the Risk Analysis template
- managing the lifecycle of personal data
- Discussion of ISO 27001 requirements
- ISO 27002:2017 guidelines as a list of best practices in the field of data and information security
- access control,
- cryptography,
- physical security,
- secure operation, including backups,
- communication security,
- acquisition, development, and maintenance of systems,
- managing data and information security incidents, • business continuity management,
- compliance with legal regulations.
- role, tasks, and permissions of the Data Security Officer;
- auditing data and information security systems.
14 Hours
Testimonials (5)
Explaining in detail regarding RHDS.
Murat Kumburlu - Westpac Banking Corporation
Course - 389 Directory Server for Administrators
I learned a lot and gained knowledge can use at my work!
Artur - Akademia Lomzynska
Course - Active Directory for Admins
Scope of knowledge covered. Not everything was explained in depth, but that is probably a matter of time. The training lasts 3 days. During these 3 days, various topics were covered, which can be explored further after the training. The training was definitely beneficial. A lot of knowledge and topics were presented in an engaging way.
Pawel Sitarz - Icotera sp. z o.o.
Course - C/C++ Secure Coding
Machine Translated
It opens up a lot and gives lots of insight what security
Nolbabalo Tshotsho - Vodacom SA
Course - Advanced Java Security
This topic is better with F2F, but this online training is still handled well . The important thing is the trainees were able to have understanding of Hyperledger Indy
