Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Day 1 - Understanding Basic Security Principles and Threats
- What is information and why should it be protected?
- Confidentiality; Integrity; Availability; Impact of threats and risk;
- Principle of least privilege; Social engineering; attack surface analysis; threat modeling
- Understanding physical security
- Physical security;
- computer security;
- removable devices and disks;
- access control;
- mobile device security;
- keyloggers
5. Understanding Internet Security
- Browser security settings;
- secure websites
6. Encryption and Email Signing, as well as Other Applications; Virtual Private Network (VPN)
- public key / private key;
- encryption algorithms; certificate properties;
- certification authorities;
- PKI infrastructure / certification services;
- hardware tokens, device restrictions to run only trusted applications
7. Understanding Email Protection
- Anti-spam, antivirus software, spoofing, phishing, and pharming;
- client protection vs. server protection; Sender Policy Framework (SPF) records;
- PTR records
Day 2 - Basic Principles of Personal Data Processing
1. Fundamentals of Protection
- Sources of national and international law
- Scope of application of personal data protection regulations
- Powers of the data protection authority
- Judicial protection of the right to personal data protection
- GDPR - basic information and definitions - selected issues
- Personal data
- Processing of personal data
- Legal basis for processing personal data
- Obligations of the controller
- Rights of individuals whose data is processed
- Administrative fines
- Act on Personal Data Protection of 10 May 2018 - scope of regulations
- Appointment of a Data Protection Officer
- Procedure for investigating personal data protection violations
- Compliance with personal data protection regulations
- Civil, criminal, and administrative liability
- Conditions for the lawful processing of personal data (ordinary and special categories)
- Legal requirements for entrusting personal data processing to other entities
- Data protection impact assessment
- Data protection by design, data protection by default
- Legal basis for transferring personal data to third countries • Personal data protection in employment relationships
2. Information Security Management
- Discussion of the information security management system in an organization based on, among others, Polish standards
- Information Security Management System (ISMS)
- Identification of privacy risks and their legal consequences
- Risk assessment principles and evaluation of the impact of applying specific solutions in terms of
- Effectiveness of security management
- How to understand and apply a risk-based approach – practical completion of the Risk Analysis template
- Managing the data lifecycle
- Discussion of ISO 27001 requirements
- Guidelines from ISO 27002:2017 as a list of best practices in data and information security
- Access control,
- Cryptography,
- Physical security,
- Secure operations, including backups,
- Communication security,
- Acquisition, development, and maintenance of systems,
- Data and information security incident management, • Business continuity management,
- Compliance with legal requirements.
- Role, tasks, and authorities of the Data Security Officer;
- Auditing data and information security systems.
14 Hours
Testimonials (5)
Explaining in detail regarding RHDS.
Murat Kumburlu - Westpac Banking Corporation
Course - 389 Directory Server for Administrators
I learned a lot and gained knowledge can use at my work!
Artur - Akademia Lomzynska
Course - Active Directory for Admins
The scope of knowledge that was covered. Certainly, not everything could be explained in detail, but this is probably a matter of time. The training lasts 3 days. Over these 3 days, various topics were discussed, which can be explored further after the training. The training is definitely a plus. A lot of knowledge and issues presented in an organized form.
Pawel Sitarz - Icotera sp. z o.o.
Course - C/C++ Secure Coding
Machine Translated
It opens up a lot and gives lots of insight what security
Nolbabalo Tshotsho - Vodacom SA
Course - Advanced Java Security
This topic is better with F2F, but this online training is still handled well . The important thing is the trainees were able to have understanding of Hyperledger Indy
