Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Day 1 - Understanding Basic Security Principles and Security Threats
- What is information and why should it be protected?
- Confidentiality; integrity; availability; impact of threats and risk
- Principle of least privilege; social engineering; attack surface analysis; threat modeling
- Understanding physical security
- Site security
- computer security
- removable devices and drives
- access control
- mobile device security
- keyloggers
5. Understanding Internet Security
- Browser security settings
- secure websites
6. Email Encryption and Signing and Other Applications; Virtual Private Network (VPN)
- Public key / private key
- Encryption algorithms; certificate properties
- Certifying services
- PKI infrastructure / certifying services
- Hardware tokens, restricting devices to run only trusted applications
7. Understanding Email Protection
- Antispam, antivirus software, spoofing, phishing, and pharming
- Client protection vs. server protection; Sender Policy Framework (SPF) records
- PTR records
Day 2 - Basic Principles of Personal Data Processing
1. Protection Basics
- Sources of national and international law
- Scope of personal data protection regulations
- Scope of the personal data protection authority's powers
- Judicial protection of the right to personal data protection
- GDPR - basic information and definitions - selected topics
- personal data
- Processing of personal data
- Legal bases for processing personal data
- Administrator's obligations
- Rights of individuals whose data is processed
- Administrative financial penalties
- Act on the Protection of Personal Data of May 10, 2018 - scope of regulations
- Appointment of the Data Protection Officer
- Procedures for violations of personal data protection regulations
- Monitoring compliance with personal data protection regulations
- Civil, criminal, and administrative liability
- Conditions for the lawfulness of processing personal data (regular and specially protected)
- Legal requirements for the use of the institution of entrusting personal data processing to other entities
- Data protection impact assessment
- Data protection by design, default data protection
- Legal bases for transferring personal data to a third country • data protection in employment relations
2. Information Security Management
- Discussion of the information security management system in an organization based on, among others, Polish standards
- Information Security Management System (ISMS)
- Identification of privacy-related risks and their legal consequences
- Principles of risk assessment and evaluating the impact of applying specific solutions in the field of
- Effectiveness of security management
- Understanding and applying a risk-based approach – practical filling out of the Risk Analysis template
- Managing the lifecycle of personal data
- Discussion of the requirements of standard ISO 27001
- Guidelines of ISO 27002:2017 as a list of good practices in data and information security
- Access control
- Cryptography
- Physical security
- Secure operation, including backups
- Communication security
- Acquisition, development, and maintenance of systems
- Managing data and information security incidents, business continuity management
- Compliance with legal regulations
- Role, tasks, and permissions of the Data Security Officer
- Auditing of data and information security systems
Requirements
none
14 Hours
Testimonials (5)
I learned a lot and gained knowledge can use at my work!
Artur - Akademia Lomzynska
Course - Active Directory for Admins
Scope of knowledge covered. Not everything was explained in depth, but that is probably a matter of time. The training lasts 3 days. During these 3 days, various topics were covered, which can be explored further after the training. The training was definitely beneficial. A lot of knowledge and topics were presented in an engaging way.
Pawel Sitarz - Icotera sp. z o.o.
Course - C/C++ Secure Coding
Machine Translated
It opens up a lot and gives lots of insight what security
Nolbabalo Tshotsho - Vodacom SA
Course - Advanced Java Security
This topic is better with F2F, but this online training is still handled well . The important thing is the trainees were able to have understanding of Hyperledger Indy
OMAR BIN MUSA - UNITAR International University
Course - Blockchain: Hyperledger Indy for Identity Management
I genuinely enjoyed the great information and content.
