Szkolenia Information Security Risk
Information Security Risk courses
Plany Szkoleń Information Security Risk
| Kod | Nazwa | Czas trwania | Charakterystyka kursu |
|---|---|---|---|
| ethhack | Ethical Hacker | 35 godz. | This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. The purpose of the Ethical Hacking Training is to: Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures. Inform the public that credentialed individuals meet or exceed the minimum standards. Reinforce ethical hacking as a unique and self-regulating profession. Audience: The Course is ideal for those working in positions such as, but not limited to: Security Engineers Security Consultants Security Managers IT Director/Managers Security Auditors IT Systems Administrators IT Network Administrators Network Architects Developers 01. Introduction to Ethical Hacking 02. Footprinting and Reconnaissance 03. Scanning Networks & Systems 04. Windows Hacking 05. Linux Hacking 06. Viruses, Worms, Trojans and Malware 07. Sniffing and MITM 08. Social Engineering 09. Denial-of-Service and DDOS 10. Web Hacking 11. Hacking Web Applications 12. SQL Injection and Cross Site Scripts 13. Hacking Wireless Networks 14. Android Hacking 15. Cryptography |
| iso27005 | Building up information security according to ISO 27005 | 21 godz. | This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.1. Introduction to risk management 2. Risk assessment methodologies 3. The ISO 27005 information security risk management framework and process model 4. Classification and identification of information assets 5. Definition of threats to information assets 6. Identification of the vulnerabilities these threats might exploit 7. Risk analysis: risk scoring using scales and simple calculations 8. An introduction to risk analysis tools 9. Risk evaluation and acceptance strategies 10. Risk treatment and the selection of mitigating control measures 11. Review and continual improvement of risk assessment and management 12. Risk communications and consultation 13. Integrating the ISO 27005 information security risk management framework into an ISO 27001 ISMS |
| gdpr | General Data Protection Regulation - zmiany prawne, wprowadzenie teoretyczne, praktyczne aspekty | 14 godz. | Dwudniowy kurs wprowadzający do GDPR – najpoważniejszej od dwudziestu lat zmiany w ochronie danych osobowych. Szkolenie obejmie wszystkie zmiany wprowadzane przez GDPR, podstawy teoretyczne oraz omówienie praktycznego wymiaru zmian. Pozycja obowiązkowa dla kadry kierowniczej oraz osób odpowiedzialnych za bezpieczeństwo informacji w projektach informatycznych. Wprowadzenie do GDPR Transpozycja obecnych zasad i definicji w GDPR Omówienie zmian w stosunku do dyrektywy oraz polskiej ustawy Nowe instytucje oraz regulacje w GDPR Zasięg terytorialny GDPR Prawa jednostki w GDPR Prawo do sprzeciwu i przeniesienia danych Prawo do bycia zapomnianym Wnoszenie skarg Prawo do odszkodowania Zmiany dla podmiotów przetwarzających dane Zgoda na przetwarzanie danych osobowych Nowości w obowiązkach informacyjnych Transfer międzynarodowy Profilowanie Fair processing Anonimizacja oraz pseudonimizacja danych Zarządzanie bezpieczeństwem i ryzykiem Notyfikacja naruszeń bezpieczeństwa (breaches) Privacy by design oraz Privacy by default Wcześniejsze konsultacje (prior consultation) Ocena wpływu (impact assesment) Sankcje karne ABI/DPO Fakultatywność powołania Rola i kompetencje Przetwarzanie danych Ograniczenia w zbieraniu, przetwarzaniu i archiwizowaniu danych GIODO Zmiany w kompetencjach One stop shop Podsumowanie GDPR Sekcja Q&A |
| crisc | CRISC - Certified in Risk and Information Systems Control | 21 godz. | Description: This class is intended as intense and hard core exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. The five (5) domains of ISACA’s CRISC syllabus will be covered with a big focus on the Examination. The Official ISACA CIRSC Review Manual and Question, Answer and Explanation, (Q,A&E), supplements will ALSO be provided when attending. The Q,A&E is exceptional in helping delegates understand the ISACA style of questions, the type of answers ISACA are looking for and it helps rapid memory assimilation of the material. The technical skills and practices that ISACA promotes and evaluates within the CRISC certification are the building blocks of success in the field. Possessing the CRISC certification demonstrates your skill within the profession. With a growing demand for professionals holding risk and control expertise, ISACA’s CRISC has positioned itself to be the preferred certification program by individuals and enterprises around the world. The CRISC certification signifies commitment to serving an enterprise and the chosen profession with distinction. Objectives: To help you pass the CRISC examination first time possessing this certification will signify your commitment to serving an enterprise with distinction the growing demand for professionals with risk and control skills will allow holders of this certification to command better positions and salary You will learn: To help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. The technical skills and practices that CRISC promotes, these are the building blocks of success in the field Domains Risk Identification, Assessment and Evaluation Risk Response Risk Monitoring Information Systems Control Design and Implementation IS Control Monitoring and Maintenance |
| pcirm | PCIRM - Practitioner Certificate in Information Risk Management | 35 godz. | Description: The Practitioner Certificate in Information Risk Management (PCIRM) provides security practitioners with a comprehensive and highly practical course enabling them to develop a business focused information security and governance risk strategy. It closely follows the approaches recommended in the ISO 27001 and ISO 27005 standards. The five-day course prepares delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination. Target Audience: Information security and governance practitioners Internal IT auditors Staff from within compliance and operational risk functions IT managers and senior staff Project managers and others responsible for designing security in to information systems. Objectives: On completion of this course delegates will be able to: develop an information risk management strategy conduct threat vulnerability and likelihood assessments, business impact analyses and risk assessments explain how the management of information risk will bring about significant business benefits explain and make full use of information risk management terminology explain the principles of controls and risk treatment present results of the risk assessment in a format which will form the basis of a risk treatment plan explain and produce information classification schemes confidently sit the ISEB examination 1. The concepts and framework of information risk management In this section of the syllabus, delegates will explore the overall concept of risk management and how it is used in the context of information risk. 1.1 The need for information risk management 1.2 The context of risk in the organisation 2 Information risk management fundamentals This section of the syllabus examines the information risk management environment and terminology in greater detail. 2.1 Review of information security fundamentals 2.2 The use of information risk management standards and good practice guides 2.3 The process of information risk management 2.4 Terms and definitions 3 Establishing an information risk management programme This section of the syllabus examines the requirements for an information risk management programme, the strategic nature of its approach and the need for information classification. 3.1 The information risk management programme requirements 3.2 Development of the strategic approach to information risk management 3.3 Information classification 4 Risk identification This section of the syllabus examines the first part of the information risk management programme, and deals in greater detail with the identification of information risk. 4.1 Identification of assets 4.2 Business impact analysis 4.3 Threat and vulnerability assessment 5 Risk assessment This section of the syllabus deals with how risks are analysed and evaluated, how the results are recorded and prioritised and how appropriate controls may be selected. 5.1 Risk analysis 5.2 Risk evaluation 5.3 Options for risk management control 6 Risk treatment This section of the syllabus covers the process for reporting and presenting the results of the risk assessment process and for gaining senior management approval to apply the appropriate controls. 6.1 Risk reporting and presentation 6.2 Business cases 6.3 Risk treatment plans 7 Monitor and review 7.1 Information risk monitoring 7.2 Information risk review |
| pcbc | PCBC - Practitioner Certificate in Business Continuity Management | 35 godz. | Description: This is a 'Practitioner' course and leans heavily on practical exercises designed to reinforce the concepts being taught and to build the delegates confidence in implementing business continuity management. The course is also designed to encourage debate, and the sharing of knowledge and experience between students. Delegates will benefit from the practical and extensive experiences of ours trainers who are practicing business continuity management and ISO 22301:2012 specialists. Delegates will learn how to: Explain the need for business continuity management (BCM) in all organisations Define the business continuity lifecycle Conducting business continuity programme management Understand their organisation sufficiently to identify mission-critical impact areas Determine their organisation's business continuity strategy Establish a business continuity response Exercise, maintain and review plans Embed business continuity in an organisation Define terms and definitions appropriate to business continuity By the end of the course, delegates will have a detailed understanding of all the key components of business continuity management and be able to return to their work, making a significant contribution to the business continuity management process. 1. Introduction to Business Continuity Management This section of the module provides a basic introduction to the discipline of business continuity management, describes how it should fit in with the overall strategy of a business, provides a brief overview of risk management. 1.1 The need for Business Continuity Management 1.2 The context of Business Continuity Management in the business 1.3 Leadership and senior management commitment to Business Continuity 1.4 Review of Risk Management Fundamentals 1.5 The Business Continuity Institute’s Lifecycle 2. BC Policy and Programme Management This section of the module describes both the initial stages and the requirements for the ongoing management of the business continuity management programme. 2.1 Initial activities 2.2 Implementing the BC Programme 2.3 Supply Chain Continuity 2.4 Documentation 3. Understanding the Organisation (Analysis) – 10 hours This section of the module describes how the business continuity manager sets about understanding the organisation and initiates the overall business continuity management programme. 3.1 Identification of Business–Critical Areas 3.2 Terminology 3.3 Business Impact Analysis 3.4 Continuity Requirements Analysis 3.5 Threat and Vulnerability Assessments 3.6 Horizon Scanning 3.7 Risk Assessment 3.8 Evaluation of Options 3.9 Business Cases and Programme Sign-Off 4. Determining the Business Continuity strategy (Design) This section of the module describes how the organisation develops an overall business continuity strategy. 4.1 Strategic Options 4.2 People 4.3 Premises 4.4 Processes and Procedures 4.5 Technology 4.6 Information 4.7 Supply Chain 4.8 Stakeholders 4.9 Civil Emergencies 5. Business Continuity Response (Implementation) – 6 hours This section of the module describes how the organisation develops and implements the Business Continuity response. 5.1 Overall Incident Response Structure 5.2 Types of Plan 5.3 Incident Management Plans 5.4 Business Continuity Plans 5.5 Disaster Recovery Plans 5.6 Business Resumption Plans 6. Exercising, maintenance and review (Validation) – 4 hours This section of the module describes the overall Business Continuity exercising, maintenance and review programme. 6.1 Exercising and Testing of Plans 6.2 Maintenance of Plans 6.3 Review of Plans 7. Embedding Business Continuity Awareness in the Organisation – 3 hours This section of the module describes how Business Continuity awareness should be embedded into the organisation 7.1 Overall Awareness 7.2 Skills Training 8. Annexes This section of the module describes the overall Business Continuity Management programme 8.1 Glossary of Terms and Definitions 8.2 References |
Najbliższe szkolenia
| Szkolenie | Data Kursu | Cena szkolenia [Zdalne / Stacjonarne] |
|---|---|---|
| CRISC - Certified in Risk and Information Systems Control - Szczecin, ul. Małopolska 23 | śr., 2017-08-16 09:00 | 18210PLN / 6268PLN |
| PCBC - Practitioner Certificate in Business Continuity Management - Lublin, ul. Spadochroniarzy 9 | pon., 2017-08-21 09:00 | 27550PLN / 9598PLN |
| PCIRM - Practitioner Certificate in Information Risk Management - Bydgoszcz, ul. Dworcowa 94 | pon., 2017-08-21 09:00 | 29380PLN / 10153PLN |
| General Data Protection Regulation - zmiany prawne, wprowadzenie teoretyczne, praktyczne aspekty - Łódź, ul. Tatrzańska 11 | śr., 2017-08-23 09:00 | 7200PLN / 2782PLN |
Other regions
Other countries
Consulting
Szkolenie Information Security Risk, Information Security Risk boot camp, Szkolenia Zdalne Information Security Risk, szkolenie wieczorowe Information Security Risk, szkolenie weekendowe Information Security Risk
, nauka przez internet Information Security Risk,Kurs Information Security Risk, Trener Information Security Risk, kurs online Information Security Risk,Kursy Information Security Risk, kurs zdalny Information Security Risk, lekcje UML, edukacja zdalna Information Security Risk, e-learning Information Security Risk, instruktor Information Security Risk, nauczanie wirtualne Information Security Risk
