Course overview

ALC’s 5-day Cyber Security Foundation+Practitioner® course is designed for anyone who wants a sound understanding of Information / Cyber Security and a solid base on which to build their career. There are no pre-requisites to attend.

The course is structured into two modules.

Foundation Module (3 days)

The Foundation module is designed to provide a good strong introduction to the key knowledge areas of Cyber Security. You don’t need to be an aspiring security professional to do this module, it is suitable for all levels. The course follows a robust syllabus that covers all the key areas you need to know. At the same time it provides maximum regional relevance by fully taking into account appropriate sections from the Australian Government Information Security Manual (ISM) and the New Zealand Government’s Information Security Manual (NZISM).

Practitioner Module (2 days)

This module is all about applying the theory. It builds upon and reinforces the material learnt in the Foundation module. The course makes strong use of a case study, along with workshops and exercises. Participants will be provided with sample Word and Excel templates for use.

Which option to choose?

You may enrol in Foundation only, or in the 5-day Foundation/Practitioner combined, according to your needs.

 

Learning outcomes

The key objective of the Foundation module is for each participant to be able to leave the course with a good understanding and appreciation of the fundamentals of Cyber Security:

  • Cyber Security Concepts
  • Risk Management
  • Security Architecture
  • Implementing security in networks, endpoint systems, applications and data
  • Business Continuity and Disaster Recovery Planning
  • Incident Response

The key objective of the Practitioner module is for each participant to be able to apply the theory learnt from the Foundation course to a case study. During this module you will:

  • Develop an asset register
  • Identify threats and determine risks, and make recommendations
  • Create a data classification scheme and use this for managing risks with cloud solutions
  • Identify and discuss the advantages and disadvantages of different encryption technologies
  • List and prioritise busines- critical operations for business continuity
  • Identify and discuss various approaches to security assurance
  • Identify risk remediation strategies and include in a brief management report

Who should attend

The Foundation course is designed for:

  • Anyone needing a robust introduction to Cyber Security
  • Anyone planning to work in a position that requires cyber security knowledge
  • Anyone starting a career in Information / Cyber security
  • IT professionals wanting to transition their career into Cyber Security
  • Anyone with information / cyber security responsibilities
  • Anyone who has learned “on the job” but who would benefit from a formal presentation to consolidate their knowledge
  • Professionals familiar with basic IT and information security concepts and who need to round out their knowledge

The Practitioner module is suitable for anyone who has previously taken the Foundation module.  Because the content focuses on the practical side it would typically attract those who have a more serious career interest in security.

The 5-day combined course is ideal for those who have 2 years or fewer experience in security or those who are already in IT and now want to transition into security.

Course contents

1    Introduction
  • Concepts and Definitions
    • Difference between IT Security, Information Security and Cyber Security
    • Assets, Threats & Vulnerabilities
    • Likelihood, Consequence and Impact
    • Inherent Risk, Current Risk and Residual Risk
  • Cyber Security Strategy
    • Supporting Business Goals and Objectives
    • Cyber Security Policy Framework
    • Awareness, Training and Education
2    Risk Management
  • Risk Management Concepts and Definitions
    • Risk Avoidance, Mitigation, Transfer and Acceptance
    • Risk Appetite and Risk Tolerance
  • Threats and Opportunities
    • Assessing the current threat landscape
    • Advanced Persistent Threats
    • Bring Your Own Device or Technologies
    • The Internet of Things
    • Insourcing and Outsourcing
  • Controls and Enablers
  • Business Impact Analysis
3    Security Architecture
  • The key role of security architecture
  • Concepts and Definitions
  • Security Architecture Frameworks
  • Security Architecture Design Principles
  • Service Models
    • In-sourcing
    • Managed Services
    • Cloud Services
  • OSI and TCP/IP Models
  • Cryptography
    • Symmetric, Asymmetric and Hashing Algorithms
    • Non-Repudiation
    • Real-world Use Cases
4   Implementing Security
  • Network Security
    • Routers, switches, firewalls, intrusion detection and prevention
  • Endpoint Security
    • Servers, desktop systems, laptops, tablets and mobile devices
  • Application Security
    • Software Development Lifecycle
    • OWASP Top 10
    • Web Application Firewall
  • Data Security
    • Data owners, data classification, labelling
    • Access control
    • Data governance and lifecycle
    • Data remanence
5   Business Continuity and Disaster Recovery Planning
  • Business Continuity Planning
  • Disaster Recovery Planning
  • BCP/DRP Training and Awareness
  • Testing and Maintenance of the BCP/DRP
  • Security Assurance
    • Vulnerability Assessments and Penetration Testing
    • Minimum Security Baselines
6    Incident Response
  • Detection
    • Auditing, logging and security technologies
    • Security Information and Event Management System (SIEM)
  • Prevention
    • Authorisation, encryption, firewalls, intrusion prevention, anti-malware
  • Response
    • Security events and incidents
    • Legal aspects
    • Incident Response Process
    • Incident Management Team
    • Computer Forensics

Cyber Security Practitioner (2 days)

Day 1

1. Introduction of Case Study
2. Review of Concepts and Risk Management
  • Exercise #1 – Development of a cyber asset register
  • Exercise #2 – Development of a threat taxonomy
  • Exercise #3 – Identification of inherent, current and residual risks
3. Review of Service Provider models
  • Exercise #4 – Recommendations for service provider models in addressing risks
4. Review of Data Classification and Object Labelling
  • Exercise #5 – Establish a data classification scheme
  • Exercise #6 – Strategies to safeguard data held and managed in the cloud

Day 2

5. Review of Security Architecture
  • Exercise #7 – Safeguarding data in transit using encryption
  • Workshop #1 – List the advantages and disadvantages of encryption
6. Review of Business Continuity
  • Exercise #8 – Identify and rank the most important business operations
  • Workshop #2 – List the advantages and disadvantages of choosing security audits, vulnerability assessments and penetration tests
7. Review of Reporting to Management
  • Exercise #9 – Develop the first part of a management report highlighting the most appropriate strategies for managing various risks

Course fees

Fees $A per person

Cyber Security Foundation (3 days)

  • $1950 + gst

Cyber Security Foundation+Practitioner Combined (5 days)

  • $2960 + gst
Foundation and Practitioner Exam

A Foundation exam is held in the classroom at the end of Day 3. This exam is 90 minutes duration and comprises 60 multiple choice questions with a pass mark of 65%.

A Practitioner exam is held at the end of Day 5 and comprises 50 multiple choice single answer questions (/50) plus multiple choice multiple answer questions (/30) with a Pass mark of 65%.

For those who require it, this course also provides full preparation for the ISACA CSX Fundamentals certificate exam. This exam has to be booked direct with ISACA and would be taken online after the course.

 
  • Staff have been extremely positive and supportive.
    Principal consultant | OMNI EXECUTIVE
  • Our trainer was excellent. He made it fun and interesting. Plus we all passed. Fantastic. I feel comfortable that my future projects will be very successful. Pace - Spot on.
    IT Professional | Information Technology
  • "The course was excellent. The instructor was highly knowledgeable and had an extremely personable approach. The learning materials were very good. The venue was most suited and lunch was excellent. Lastly, I am extremely confident that I have the right level of knowledge to proceed and succeed."
    Simon T., Dept of Defence, Business Analysis Foundation, Sydney April 2016
  • "Excellent service provided by ALC customer service. Trainer has exceptionally good training skills and brilliant style of communication. Excellent coach."
    Trainer: Michael Fong Principal  |  Fujitsu Australia Ltd
  • Laurence has incredible subject matter expertise and his person anecdotes added a lot to the learning.
  • Would highly recommend ALC and Laurence for training and obtaining one's certification in Agile PM
    Demi Anderson, Programme Manager
  • Leigh was fantastic. Without doubt the most accurate and interesting presenter by leaps and bounds. Very inspirational.
    System Analyst | Department of Corporate and Information Services
  • "The course was excellent.   The instructor was highly knowledgeable and had an extremely personable approach. The learning materials were very good. The venue was most suited and lunch was excellent. Lastly, I am extremely confident that I have the right level of knowledge to proceed and succeed."
    Simon T., Dept of Defence, Business Analysis Foundation, Sydney April 2016
  • "In regards to the course, the stakeholder and participants were wrapped. The trainer was attentive and engaged and the material was relevant and professional."
    Kathleen O’Riley Learning and Development Advisor  |  SA Water Corporation Course: Business Relationship Management Professional (BRMP®) Trainer: Darren Dove
  • "Excellent course and while content was quite laborious and intense, Peter's delivery was excellent; particularly the 'war stories' and examples provided."
    Russell Close | Head of IT  |  Bennelong Funds Management
  • Well presented and great depth of knowledge by the trainer. A very professional delivery!
  • Just successfully completed three COBIT® 5 courses: Foundation, Implementation and Assessor. Courses were very well managed and presented. Exams were challenging, both in terms of time and knowledge. Very happy to pass all three exams. Highly recommend. Many thanks.
  • Very quick response from Customer service upon enquiry.
  • I must say I really enjoyed the course facilitated by your trainer. He was the best and he really explained the course clearly so that we could understand it. He really is an asset to ALC as he makes sense.
    Service Assurance Release Manager | Westpac Banking Corporation
  • Excellent presentation, anecdotes & examples of real world application. Neil has exemplified my expectation of ALC as atop level training services provider.
    Operations Transition Manager |  Motorola Solutions Australia Pty Ltd
  • The trainer was a great facilitator - lots of real life examples and I felt very prepared for the exam.
    Help Desk Team Leader | Bank SA
  • "Very good training session.  Trainer used multiple examples of non-IT situations to cover various aspects of what was being taught which made it not only easier to understand but also interesting."
    Senior Applications Specialist | Fairfax Media
  • The instructor was clearly knowledgeable, good-humoured and enthusiastic. I did not see anyone fall asleep. Given the notoriety of this course, I sincerely feel that that was a major "achievement".I do feel that I have greatly expanded my knowledge and that I will be more productive at work - The Hallmark of a successful course in my opinion. I would recommend ALC to others. Thank you and well done!
  • Peter’s real world samples went a long was in understanding the content.Waleed Al-Atm – Dept. Justice & Regulation
  • Excellent course that was very well presented and benefited immensely from Darren's practical experience in Service

    Management. Thanks Darren!

    National IT Manager | Information Technology

  • Excellent course and while content was quite laborious and intense, Peter’s delivery was excellent; particularly the ‘war stories’ and examples provided.
  • Michelle Zgalin displays an extremely thorough knowledge of the course content. Pace of the course tailored to suit participants. Presentation of content very good. Ability to deliver large amounts of content was impressive. :)
    PRINCE2 Melbourne Senior Business Analyst | VMIA | Risk Management & Insurance
  • A brilliant trainer, she really knows her stuff and manages to get the most out of us, it was almost like a continuation from Foundation.  I felt like I hadn't left.
    Executive Assistant | Guild Group Holdings Limited
  • Very worthwhile course - learned a lot! Intense, but very well structured. Great Trainer:)."
    Business Analyst | VMIA | Risk Management & Insurance
  • The trainers level of professional experience combined with a capacity to communicate personably and effectively with a diverse group added to my experience and contributed greatly to the amount of information I was able to bring away with  me from the course. I could not recommend Steve highly enough either as a trainer or as a potential PM consultant. Top qualities: Personable, Expert, High Integrity
    Service Delivery Manager | NEC Australia Pty Ltd
  • Great Job, one of the best trainers I have had.  Could not have asked for more.
    ISG | University of New England
  • Really well structured course, very qualified presenter, engaging presentation style, high quality course materials.  Relevant and useful information discussed with a good balance of theory vs "Real World" examples. I thoroughly enjoyed this course, would highly recommend to others.
    Samantha, Program Coordinator, Transport NSW
  • "Enjoyed the training very much, learned heaps but have doubts due to work experience. Will definitely apply the knowledge."
    Manager, IT Risk & Assurance | Ernst & Young
  • "David's vast experiences and shared stories give great insight to the issues and problems which the SABSA framework addresses."
    Information Security Consultant  | Westpac
  • "Thanks David for making this course enjoyable and knowledgeable.  Your experience and insights have been very valuable."
    Security Solutions Designer | Westpac
  • We’ve been training and presentation since 1994. See what just some of our successful delegates have to say about getting certified with ALC Training.“David’s vast experiences and shared stories give great insight to the issues and problems which the SABSA framework addresses.”
    Information Security Consultant | Westpac
  • “Neil was very good in sharing his knowledge using relevant examples.”
    IT Support Officer | Cricket Australia
  • “Good understanding of ITIL Foundations. Neil is a great presenter with excellent people skills & real world experiences.”
    State ICT Manager | Hassell
  • “Excellent presentation, anecdotes & examples of real world application. Neil has exemplified my expectation of ALC as a top level training services provider.”
    Operations Transitions Manager Motorola Solutions Australlia Pty Ltd
  • “I must say I really enjoyed the course facilitated by your trainer. He was the best and he really explained the course clearly so that we could understand it. He really is an asset to ALC as he makes sense.”
    Service Assurance Release Manager | Westpac Banking Corporation
  • “Enjoyed the training very much, learned heaps but have doubts due to work experience. Will definitely apply the knowledge.”
    Manager, IT Risk & Assurance | Ernst & Young
  • “Just successfully completed three COBIT® 5 courses: Foundation, Implementation and Assessor. Courses were very well managed and presented. Exams were challenging, both in terms of time and knowledge. Very happy to pass all three exams. Highly recommend. Many thanks.”
    Manager | ANZ Banking Group
  • “Extremely good – presenter’s experience and depth of knowledge very visible. The trainer was excellent! Good examples, good discussions.”
    Project Manager | Shell Company of Australia Limited Melbourne
  • “The trainers level of professional experience combined with a capacity to communicate personably and effectively with a diverse group added to my experience and contributed greatly to the amount of information I was able to bring away with me from the course. I could not recommend Steve highly enough either as a trainer or as a potential PM consultant. Top qualities: Personable, Expert, High Integrity.”
    Service Delivery Manager | NEC Australia Pty Ltd
  • “I would be happy to recommend Axel to all those looking at a TOGAF training course. His subject matter expertise in TOGAF and his ability to relate to real world examples and experience was fundamental in helping me passing my exam.”
    Daniel Garcia, IT Architect, Strategy and PMO Manager | ANSTO